Germany Fines Google Over Street View - But Says €145k Is Too Small

judgecorp writes "Germany's privacy regulator has fined Google €145,000 over its Street View cars' harvesting of private data — but the official has complained that the size of the fine is too small, because of limits to the fines regulators can impose. German data protection commissioner Johannes Caspar said the fine was too low, for 'one of the largest known data breachers ever,' saying, 'as long as privacy violations can be punished only at discount prices, enforcement of data protection law in the digital world with its high abuse potential is hardly possible.' In 2010 it emerged that Google's Street View cars captured personal data from Wi-Fi networks as well as taking pictures — since then regulators have imposed a series of fines — the largest being $7 million reportedly paid to settle a U.S. government probe."

They need to shut up and get over it.

By making that silly mistake Google opened the door to the whole line of Scroogled commercials and other FUD based attacks by their rivals.

The market is correcting this mistake and "imposing harsher fines" is just more ammunition for them to use on some dumb kid whose trying to sniff dirty pictures from other people's wifi connections.

Re:They need to shut up and get over it.

[rtfa-troll]

By making that silly mistake Google opened the door to the whole line of Scroogled commercials and other FUD based attacks by their rivals.

The market is correcting this mistake and "imposing harsher fines" is just more ammunition for them to use on some dumb kid whose trying to sniff dirty pictures from other people's wifi connections.

The "market" would never know about this if the government agencies hadn't investigated. They could just have ignored the whole issue. In fact it was quite specifically the German authorities that brought this up by auditing the Street View system. The only possible way to do this is to have a special authority which has the right to investigate and punish. The punishments must be more than the amount that the company can expect to make.

Re:They need to shut up and get over it.

Google came out themselves about the issue. If anything, these years of fighting over the issue should make companies not want to disclose voluntarily.

Re:They need to shut up and get over it.

[rtfa-troll]

Google came out themselves about the issue. If anything, these years of fighting over the issue should make companies not want to disclose voluntarily.

This article from Tech Eye says that it the admission was forced by a request to audit from the German authorities. Do you have a more specific time line for this?

Re:They need to shut up and get over it.

Google came out themselves about the issue. If anything, these years of fighting over the issue should make companies not want to disclose voluntarily.

This is not correct, and I don't know why this re-written history keeps getting repeated on geek sites like Slashdot.

Google actually first guaranteed the German authorities that they were not collecting anything. And first after the German authorities despite this assurance still demanded a full audit of the data anyway, did Google do their disclosure (source: see link below).

This sequence of events was covered extensively in European press (one of many sources), and I don't know how mostly US geek sites ended up with and keep repeating an alternative version.

Re:They need to shut up and get over it.

"The "market" would never know about this if the government agencies hadn't investigated."

Two related points on this claim. First, so what? If people permitted to structure resources freely do not care to support and provide a service to investigate such things, what does that say about the value of this knowledge in the eyes of that society? Market failure in this sense is a contradiction in terms; that which people care so little about that they dismiss as less valuable usage of scarce resources is then by definition less valuable to that society. If the unthreatened, unhindered, and uncontrolled voluntary and peaceful actions of society do not produce investigation into this area, then people did not actually want it.

Secondly, those resources that support the non-peacefully chosen investigative body have already been hoovered up by the state. You cannot wring your hands in mock concern over the inability of people to solve some problem peacefully when it is already being done violently. That nonsensical thinking would permit arguments like 'well, the market would have never solved the problem of harvesting cotton if the government agencies hadn't captured and enforced the continued captivity of slaves'. This was actually a common argument in that time; the government was the means by which slavery could possibly 'work' and so peaceful solutions to things like picking cotton did not come about until the statist 'solution' was abandoned(in the most bloody way possible too, compared to the simple solution of just buying the slaves and no longer enforcing their enslavement). So let us not suppose the 'market' cannot solve problems simply by the fact that governments currently monopolize the service in question. That is to assume too much.

Re:They need to shut up and get over it.

[maxwell+demon]

I guess some people simply still can't accept that Google is not the white knight, but a company like any other.

Re:They need to shut up and get over it.

[Plumpaquatsch]

I guess some people simply still can't accept that Google is not the white knight, but a company like any other.

That's an insult to most companies.

Re:They need to shut up and get over it.

Google admitted it... That's where the probe came from. But thanks for being informed on the topic.

Re:They need to shut up and get over it.

Aaaaaahhh, the sweet sweet smell of Microsoft FUD....

Why?

[Frosty+Piss]

How is it a "data breach" â" or at least how is such a "breach" Google's issue when it's on the user's side? How can it be illegal to acquire signals "floating freely" through the air? Did Google "crack" anythingâ? Use any "back doors"? I'm sure we'll see a lot of "unlocked door" analogies and perhaps a "car analogy" or two, but this is a "left a Euro on the sidewalk" type deal here...

I know, Google is the new boogieman after Apple and Microsoft...

Re:Why?

[imbusy]

Using the same logic your mobile phone call data can be acquired freely to listen to your calls just because it's floating through the air. Why would that be a breach of privacy?

Re:Why?

[slashmydots]

I think Apple and Microsoft are the new boogiemen after Microsoft and Apple and I do mean in that exact order, lol. Anyway, did you notice how it's funny that if I drove my car around and recorded a couple packets of unencrypted wifi data and got a 140,000 euro fine, people would be outraged. Since it's a billion dollar company, now all of a sudden the fine should go up. And yet, it's the same "crime." That's right up there with fines being higher for blacks because they're black.

Re:Why?

That is the reality on AMPS and GSM.

Re:Why?

Mobile phone calls are encrypted. Maybe not very well, but a lock is a lock even if the door is made of cardboard. So that's different.

Re:Why?

Using the same logic your mobile phone call data can be acquired freely to listen to your calls just because it's floating through the air. Why would that be a breach of privacy?

Your mobile phone call data is encrypted, so no it can't...

Re:Why?

[Holi]

If you did it with multiple cars in multiple locations I think a lot of people would say WTF why are you getting a fine and not going to jail.

Re:Why?

[ShanghaiBill]

but this is a "left a Euro on the sidewalk" type deal here...

It is not even that, since someone would have to lose a Euro for someone else to find it, and nobody "lost" anything. This is more like someone walking down the street and recording your house number. This is a classic case of manufactured outrage.

Re:Why?

[5KVGhost]

Using your same logic, your conversation with your friend across the room can be heard by any random person passing nearby, just because it's floating through the air. Why would that be a breach of privacy?

It would not be. And neither is intercepting unencrypted wifi traffic. Because you've deliberately chosen a means of communication which you know can be easily overheard.

This case is just an example of self-serving bureaucratic pandering. It makes just as much sense as the government demanding that everyone wear earplugs in public lest we overhear "private" information being shouted from the rooftops.

Re:Why?

Using your same logic, your conversation with your friend across the room can be heard by any random person passing nearby, just because it's floating through the air. Why would that be a breach of privacy?

It would not be. And neither is intercepting unencrypted wifi traffic. Because you've deliberately chosen a means of communication which you know can be easily overheard.

If you are closed inside your house and I cannot hear you, but take a directional microphone to spy on you, you bet I'm breaching your privacy even if your communication is floating thorugh the air unencrypted. WiFi communications cannot be easily overheard too in the sense that you need an instrument and willing intent to do so.

Re:Why?

...If you are closed inside your house and I cannot hear you...

So you're saying it's not really "floating through the air", but "you've taken precautions not to be overheard"?

If your ears would "hear" radiowaves (like, you know, any old wi-fi card), you'd hear all the unencrypted traffic. And if someone took care not to be overheard (like, you know, switching on WPA2), you'd need a directional microphone (or, rather, a WPA/WPA2 encryption cracker).

Re:Why?

[Score+Whore]

Depends on what you believe the purpose of the law is. If it's to provide restitution to the victims then a low value fine for a low amount harm is appropriate. If it's to discourage people from breaking the law, then it's perfectly reasonable to have the fine adapt to the wealth of the perpetrator. (See this for a real life example.)

Re:Why?

How about an apple-thief analogy? (no, not the iThing company): If you pick an apple from your neighbour's tree, I'm sure nobody will mind. However, if you drive around the whole neighbourhood, picking one or two apples from each, to start a fruit juice business out of it, it would be frowned upon.

The difference is the scale at which Google or any sufficiently large company operate. Society already recognises difference in scale with other crimes, e.g. shop-lifting vs. arm bank-robbery, so the fines against Google in this case is fitting.

Re:Why?

[Plumpaquatsch]

And neither is intercepting unencrypted wifi traffic.

But storing it is. And this is what this is fucking about. Well, that and lying about it. And then lying about deleting the data.

Re:Why?

But your ears don't hear radiowaves, so, moot point.

Re:Why?

[BrentNewland]

I could easily write down what you're saying while you're talking to someone.

Re:Why?

[ozmanjusri]

So should these guys go to jail? They mapped out half the access points in the city.

Warflying

Warflying or warstorming is an activity consisting of using an airplane and a Wi-Fi-equipped computer, such as a laptop or a PDA, to detect Wi-Fi wireless networks. Warstorming shares similarities to Wardriving and Warwalking in all aspects except for the method of transport.
It originated in Western Australia with the WaFreeNet (WAFN) group taking up a Grumman Tiger four-seater near Perth City in 2002, as documented on the weblog of Jason Jordan

Most warflying is harmless, as most of the people will just scan for the networks, either as an experiment, or just for the pure amusement, or to map out the wireless networks in the area.[citation needed] Due to the nature of flying, it is much more difficult to attempt to access open networks while warflying.

http://en.wikipedia.org/wiki/Warflying

Re:Why?

you know overhearing and recording are different things.. you can overhear a conversation but not record it, you can tune to the police frequency and listen but not make conversations public. google is not a guy overhearing a conversation, they were sniffing and recording private data for processing. the fact it was not encrypted does not mean it was not private

Re:Why?

[Plumpaquatsch]

I could easily write down what you're saying while you're talking to someone.

And while you are doing it, I could kill you. So that would make it okay, right? Good we settled it then.

Re:Why?

[Plumpaquatsch]

So should these guys go to jail? They mapped out half the access points in the city.

Warflying

Warflying or warstorming is an activity consisting of using an airplane and a Wi-Fi-equipped computer, such as a laptop or a PDA, to detect Wi-Fi wireless networks. Warstorming shares similarities to Wardriving and Warwalking in all aspects except for the method of transport.
It originated in Western Australia with the WaFreeNet (WAFN) group taking up a Grumman Tiger four-seater near Perth City in 2002, as documented on the weblog of Jason Jordan

Most warflying is harmless, as most of the people will just scan for the networks, either as an experiment, or just for the pure amusement, or to map out the wireless networks in the area.[citation needed] Due to the nature of flying, it is much more difficult to attempt to access open networks while warflying.

http://en.wikipedia.org/wiki/Warflying

Note that they didn't store any WiFi data unrelated to SSIDs and MACs. Nor did anybody else to our knowledge. Google did. And they kept it over years. And they kept it long after they promised to delete it.

the general problem with fixed-size fines

[Trepidity]

If fines are intended as compensation, then fixed-size fines make sense. But if they're intended as a deterrent, they end up being completely ineffective for people or companies with a lot of money. A $10k fine might deter a small business, and a $100k fine will truly scare them, but for a Google-sized company those numbers are all noise, lost somewhere in the sushi budget.

If you really want to have effective deterrence, fines based on a percentage of annual income would be more effective. Some countries already do this with traffic tickets, to ensure that rich people have to care about getting a speeding ticket, rather than just laughing at the (to them) paltry amount.

Re:the general problem with fixed-size fines

[KingMotley]

If you really want to have effective deterrence, fines based on a percentage of annual income would be more effective. Some countries already do this with traffic tickets, to ensure that rich people have to care about getting a speeding ticket, rather than just laughing at the (to them) paltry amount.

If by some countries, you include the United States, then yes. Sure, silly infractions like 5-10 mph over the speed limit are fixed, but once you get higher, that's not always true. Take it from someone who got a fine, based on what I make, for speeding, in the United States.

Re:the general problem with fixed-size fines

[Qwavel]

I agree with your general point, but the fine should also take into account that there is no evidence or indication that this was done on purpose, that they did anything with the data, or that they ever intended to do anything with the data.

So now they have been fined, sued (class action lawsuits), and pilloried in pretty much every jurisdiction of the world for this.

Do you really think that is not sufficient deterrent, and why do you even need deterrent there isn't really much of an upside?

Re:the general problem with fixed-size fines

[gnasher719]

If you really want to have effective deterrence, fines based on a percentage of annual income would be more effective. Some countries already do this with traffic tickets, to ensure that rich people have to care about getting a speeding ticket, rather than just laughing at the (to them) paltry amount.

These are different situations. Someone who makes 100 times more money than I will be driving about as much as I do and should get statistically the same number of parking tickets that I do. To make us both avoid parking tickets, we should get different fines.

But a company with 100 times more employees than another will statistically do things that are wrong 100 times more often than the smaller company. so for small offenses (like one employee cheating a customer) they shouldn't be fined more. It will happen 100 times more often, so they will be 100 times more because of that. Only for big offenses where the offense is big due to the size of the company they should be charged more. If the boss ordered all employees to cheat their customers, that's 100 times worse if the company is 100 times bigger and should be fined 100 times more.

Re:the general problem with fixed-size fines

Some countries already do this with traffic tickets, to ensure that rich people have to care about getting a speeding ticket, rather than just laughing at the (to them) paltry amount.

The amount doesn't matter so much. Take Pennsylvania for example. In Pennsylvania, two tickets triggers a requirement to take a written test. A third ticket triggers a license suspension. At some point, the license gets revoked. Now, the ticket amounts may be paltry, but the other measures impact the rich as much as they do those with more moderate incomes.

It's also worth noting that the problem here seems to be that they are counting separate events together. If Google had to pay 145 thousand euros (or even just 145 euros) every time their cars accessed data over a WiFi signal, that would add up to real money soon enough. Germany doesn't need to levy bigger fines; they need to levy fines more frequently. If they aren't willing to do that, then they aren't applying the laws equally. They should be passing out these fines for single instances from small businesses. Think of Google as just a conglomerate of smaller businesses.

Levying fines for each occurrence does scale with size and is appropriate in this case, since each occurrence is separate.

Re:the general problem with fixed-size fines

If by some countries, you include the United States, then yes.

Why wouldn't you include the US in 'some countries'?

Re:the general problem with fixed-size fines

[bickerdyke]

According to German news sources, this IS the fine for accidental collection of personal data.

Re:the general problem with fixed-size fines

If you really want to have effective deterrence, fines based on a percentage of annual income would be more effective. Some countries already do this with traffic tickets, to ensure that rich people have to care about getting a speeding ticket, rather than just laughing at the (to them) paltry amount.

Is this law in place because we want to control people's lives, or because activity X incurs a cost on everyone else?
If it's the former, then fines based on wealth or income might be appropriate.
If it's the latter, then a fixed fine equal to the cost on others is appropriate.

Re:the general problem with fixed-size fines

What about the fact that they very likely spent way more than 145k on lawyers for this case than they're getting out of the fine.

Re:the general problem with fixed-size fines

If you really want to have effective deterrence, fines based on a percentage of annual income would be more effective

That seems fine in principle, but then you end up with 'Generic Corp' which is subdivided up into many many smaller businesses. Sure, fine one of our small businesses at a percentage of what they make, and it still doesn't touch the true company. It would simply be the same game with different rules - pretty much the game we have been playing for years and will continue to play for years.

Re:the general problem with fixed-size fines

[Plumpaquatsch]

I agree with your general point, but the fine should also take into account that there is no evidence or indication that this was done on purpose, that they did anything with the data, or that they ever intended to do anything with the data.

Yeah, nothing but the fact that a company that makes its money with collecting and storing all sorts of data did exactly that while all the other entities also linking WiFi networks to locations failed to collect and store personal data on those networks.

But that aside - after Google promised they would delete the "accidentally" collected and stored data they -errm, say- managed to forget to actually do it. Got any explanation for that?

Fines

[fredprado]

That is a generic problem with fines and big corporations, not only something related with privacy issues. As long as fines are applied at absolute values corporations will only laugh at them and keep doing what they want. Fines should be applied at amounts proportionally to a company's value.

Re:Fines

[gnasher719]

That is a generic problem with fines and big corporations, not only something related with privacy issues. As long as fines are applied at absolute values corporations will only laugh at them and keep doing what they want. Fines should be applied at amounts proportionally to a company's value.

If one rogue employee does something wrong and the company is find 145,000 Euros, they won't be laughing. They'll fire him so he won't do it again. I think the problem here is not that they think Google should be fined more because the company is big, but Google should be fined more because they spied on an awful lot of people. Let's say a small company loses personal information of all their 1,000 customers. And eBay loses personal information of 0.01% of their customers, which happens to be also exactly 1,000 customers. The fine should be the same. If eBay loses data of a million customers, the fine should be so much higher.

Re:Fines

Disagree. Number of people in this case doesn't really matter - data was collected presumably not on purpose, presumably was not used (and probably not really useful anyways). This seems to be why prosecutors were limited to this fine in the first place.

Fine in this case should be for a single count of illegal data collection and should be higher to be the warning and deterrent for others. This amount - what that equals to, one or two torrented songs? - doesn't work for companies that big.

Re:Fines

Bullshit. The purpose of the fine is to be painfull enough to discourage the prohibited behavior. Ideally (and the ideal can not be acheived), the fine should be just as small as possible to discourage the behavior. However, it must be large enough (and might not be in this case) to discourage both the perpetrator and others from behaving the same way again.

Re:Fines

They didn't 'spy' on anybody. They effectivly drove through a neighborhood with the window down and ran an audio recorder while doing it. They heard your dog barking, and your neighbors kid backing into the garage door with dad screaming and all upset about it.

That's not spying. The rest I more or less agree with, fines are a joke to big companies and soul-crushing to individuals and small businesses. That said, nothing illegal actually happened here, other than some political sock-puppets making a bunch of noise and trying to look tough on corporate screw-ups.

Re:Fines

If you just want to prevent this activity at all costs, then the penalty should be complete forfeiture of all assets. If you want to allow exceptions when they have a good reason, then they should be fined in proportion to damage done. The latter doesn't change with the size of the company.

I Still Don't Get It

[StoneyMahoney]

Every article I see about this always wails about Google's capture of personal data from wifi networks. Are they cracking the encryption? No? So why is it their fault if people are sending their data over unencrypted links? If people don't want their data read by strangers, they shouldn't be broadcasting it into the street in the clear! I wish someone would force Google to delete all the data they took. Instantly Google Street View would cease to function, as would the Wifi triangulation location system that so many people probably don't realise they use. I bet there would be a far bigger outcry over that than the original "privacy" issues ever raised.

I'm not sure I entirely sympathise with the photo privacy issue either. They haven't put online anything I couldn't have seen myself by standing on top of a car. Or a wheelie bin. Or a bench. Or a phone box. Or a post box. We seem to have very strange ideas of what "privacy" really entails.

Re:I Still Don't Get It

[Trepidity]

Europe has privacy laws that regulate what kinds of databases of user data you can compile. It's not an issue of cracking encryption, but that you simply cannot collect certain kinds of information, and the information you do collect has to be used in certain ways. The goal is to keep companies like Google or Facebook from doing what amounts to surveillance of the population.

Re:I Still Don't Get It

[ancientt]

This is a really interesting and good point. I wonder if Google could get much of the same desired result by offering a bounty on images/video/wifi to people with Google+ and Android phones. They could offer the legal protection of Google's legal team to each person who captures a legitimate data area. If this kind of event came up, Google's legal team could handle it in stride and there'd be no profit to be had by attacking the big bad Google.

Who'd be foolish to do that you might ask? Millions and millions of us. Imagine if Android users got a pop up message saying "Google is offering a 30 GB expansion to Google drive space to anyone who captures video and radio signal info for your current area, are you interested?" The thing is that I could do the exact same thing as Google is getting fined for and nobody would ever know or care. Nor should they.

Re:I Still Don't Get It

[gman003]

The goal is to keep companies like Google or Facebook from doing what amounts to surveillance of the population.

Sounds like a good idea. Can we bring that over here, and maybe make it apply to governments as well?

Re:I Still Don't Get It

I think Ingress was created exactly for that -- or as a testballon for that.

Re:I Still Don't Get It

[LordLimecat]

The problem is that, IIRC, Google was essentially driving around with a wifi adapter set to "sniff" in order to gather SSID beacons, to compile a geolocation-by-SSID database. In the process, they also grabbed a bunch of unencrypted data.

Its essentially as if they had driven around New York with an off-the-shelf recorder grabbing "sounds of the city" for some research project, and managed to pick up a bunch of people discussing their social security number on their cellphones. Technically youre not supposed to do that, but the problem is that people were discussing sensitive details in public.

Google definately should have taken better precautions, but this isnt them being bad guys (what on earth do they want with random people's network captures? Problems of of "too much noise", "not useful", and "its illegal, to boot" apply here); its an issue of simply not thinking things through. I cant imagine what motivation people are assuming Google might have had when they assume this was an intentional action of an evil corporation; do you suppose Google has infrastructure set up to analyze and use illicit network dumps to somehow generate ad revenue?

Re:I Still Don't Get It

[the+eric+conspiracy]

You aren't trying to capture a street view of every residence on the planet and publish it on a web site where every anti social human can study it for reasons to firebomb your home.

As far as the wardriving it really is a just stupid thing to do. In the US that sort of activity is probably a felony. Not sure why some enterprising DA (Carmen are you listening?) hasn't filed charges.

Re:I Still Don't Get It

[5KVGhost]

"The goal is to keep companies like Google or Facebook from doing what amounts to surveillance of the population."

European governments prefer to do that sort of thing themselves. They get so jealous.

But in all seriousness, it's a pretty stupid law if the intent is to prevent gathering information. The allegedly private information that those people broadcast to the entire neighborhood via unencrypted wifi is still being broadcast and presumably is still unencrypted. Sure, the courageous privacy police may have saved Europe from those nefarious Google people and their dastardly plan to map public streets. But, meanwhile, the skeevy guy in the apartment across the street is still watching his neighbors' financial transactions, romantic dalliances, porn-watching habits, religious observances, and all the other lets-pretend-it's-private public network traffic that Google's wifi triangulation system really couldn't have cared less about.

If the EU actually wanted to protect people from broadcasting private things in public, then they'd need to make it against the law to sell an open wifi router. Why do you suppose they don't do that?

Re:I Still Don't Get It

[Bigby]

Ironically, private companies like Google aren't allowed to listen, but the government can listen all they want without a warrant. Quite the opposite of what the Constitution states...

Re:I Still Don't Get It

I think the only remotely legitimate concern people may have in this situation isn't that Google as such will do anything with the data, but more that individual Google employees may misuse the data which they weren't technically allowed to have in the first place. It wouldn't be the first time a Google employee has misused such data.

To be entirely honest though, this kind of law and enforcement seems heavy handed in excess. I'm glad to see things like them having to do education on privacy and encrypting your network, as that seems productive, and given that they did technically break the law (however weird the law may seem), it fits the crime. Trying to fine them enough that they'll feel it, on the other hand, feels more just like a shameless money grab over an honest mistake which in all likelihood, was entirely harmless. The best thing to come out of this is that people are hearing about what kind of data loss happens when you leave your wifi open (without otherwise securing your data), because while this incident was a relatively harmless accident, had it been some more nefariously minded folk doing the wardriving, it may not have been so harmless.

Re:I Still Don't Get It

The goal of government is to serve people of the state as a whole the goal of commercial company is to make money for it's owners/shareholders so you can't compare those.
Protecting people as a whole of course contradicts with protecting everyone individually so yes, it's kinda okay.
Misuse of power given to the state by some individuals for their personal gain is a different issue.

Re:I Still Don't Get It

[Branciforte]

Anyone who is dedicated enough to want to firebomb a house is also dedicated to drive by it themselves.

It's not like there is anyone out there going, "Gosh I want to firebomb Steve but I don't have a picture of his front yard, and I can't be bothered to drive by his place myself."

Re:I Still Don't Get It

[Trepidity]

Banning widespread surveillance doesn't require banning every instance of someone looking out their window. There is a qualitative difference between looking out your window, and (to take the opposite extreme, not yet reached) flying 10,000 drones around the city constantly recording video.

Also: permitting corporate surveillance implies government surveillance, because the government can just buy data from companies. If you want to protect any semblance of a non-surveillance state, both governmental and private surveillance need to be curtailed.

Re:I Still Don't Get It

If the EU actually wanted to protect people from broadcasting private things in public, then they'd need to make it against the law to sell an open wifi router. Why do you suppose they don't do that?

But this is not what it is about. The laws in EU regulate how businesses can collect and aggregate data, and what data, and how you need to handle it when you have it. It doesn't matter if the various data instances are freely available, it still can be against the law for a business to collect and aggregate it. The act of systematic collection and aggregation in itself, even on top of 'public' data, is seen as a potential privacy risk and regulated. And I agree that it is. This discussion about encryption or not, and various analogies to what you can overhear or not, are not relevant for this law.

$5 dollar fine...

...and time served!

Huh?, "they lacked a grasp of basic syntax."

What do you get "the official"? Monkeys with typewriters edit submissions.

Nail everyone

I walked past that house/building and didn't shut my eyes. Biological or digital. Lock me up.

Proportions

From the article, "Many believe that isn’t enough, hence why the European Commission wants to introduce fines for up to two percent of companies’ turnover, as part of an overhaul of EU data privacy law."

Now, I agree that 145k euros is a paltry sum for Google, but two percent of Google's turnover would be overkill to the most extreme degree for gathering data from open WiFi networks. The punishment should be proportional to the crime, not to the perpetrator.

Re:Proportions

It should still be a punishment not a fare for going on doing what they were doing.
And it really should be proportional to the perpetrator, because otherwise some of us [i]can afford[/i] crime.

Re:Proportions

If the fines exceed their previous profits, then it is unprofitable for them to continue, and they will stop, as any reasonable business would. That was the point of making it proportional to profits.

Jeremiah Cornelius: Grow up

You're embarassing yourself Jeremiah Cornelius http://slashdot.org/comments.pl?sid=3581857&cid=43276741 since you posted that using your registered username by mistake (instead of your usual anonymous coward submissions by the 100's the past 2-3 months now on slashdot) giving away it's you spamming this forums almost constantly, just as you have in the post I just replied to.

Re:Jeremiah Cornelius: Grow up

Hello Paul.

p.s. What do you make of this?

Re:Hate to say it, but I kind of like Bing's metho

It's hard to astroturf when no subject ever is about the thing you are trying to promote. I guess the closest one will have to do.

How big of a fine for Google to notice?

[concealment]

In the time it took me to type this message, Google earned $1.54 million.

How much do you fine them before it's a rounding error that they fail to notice?

Re:How big of a fine for Google to notice?

[Grumpinuts]

Know what you mean....I'm pretty slow at typing as well and this dyslexic keyboard doesn't hlep.....

Re:Hate to say it, but I kind of like Bing's metho

[kannibal_klown]

LOL, fine be a jerk. I wasn't astro-turfing. Honestly, I'm not a fan of MS's products.

It's just kind of a weird world: where renting/leasing out flippin' airplanes to take pictures of neighborhoods... is somehow less of a legal-nightmare and invasion of privacy than a car with a panoramic camera. There was a time when people feared "black helicopters" invading their rights and such more than people in cars.

Hey, some guy driving the car made a mistake going where he/she shouldn't... some private road, some really long driveway that looked like a continuation of the road, etc. It was a mistake by a poor guy that probably got fired / reprimanded for his goof, not some company trying to be evil. Now the whole WiFi thing... meh. Haven't been following up on it.

Peeping Tom

I'm sure we'll see a lot of "unlocked door" analogies and perhaps a "car analogy" or two, but this is a "left a Euro on the sidewalk" type deal here...

No, it's more like a peeping tom looking through someone's window.

And we in the US of A need to start being like Europe with our privacy laws.

There's this huge market for people's data and considering how cheap data storage has gotten, it's nothing for big corp to create a dossier on someone - today.

Just pull your own credit file from the bureaus and just see what THEY have - and you'll see all the previous addresses where you have lived and other information when they try to verify your identity.

The Medical Information Bureau has all your health history available to anyone with the $$$.

And now we have Google on the street photographing our yards and seeing what wi-fi we have.

We peons are at the mercy of corporate America.

And in the meantime, Google's billionaires have enclosed yards, private armed security guards, and the resources to give themselves all the privacy they want - and the power to crush anyone who wants to use any available public information against them.

Re:Peeping Tom

No. It is like taking a photo from the street.
The same exact thing google already does, except with things that get information we normally can't (i.e. wee can't percieve those kind of signals with our own eyes, ears or any other part of our body that I know of). Some other being may, but we can't.

Re:Peeping Tom

[Frosty+Piss]

The Medical Information Bureau has all your health history available to anyone with the $$$.

"Medical Information Bureau"? Never heard of them.

But of course, if anyone is releasing medical data on people without their permission, they are already breaking Federal Law...

Re:Peeping Tom

Except that Google drove their peepmobile onto my property without my permission and took pictures through the window of my minor child's bedroom.

They did take the pictures down, admittedly, but not until after the third time I threatened to sue them for dealing child porn. Those shots were up for weeks.

And taking the pictures down does not make what they did right. I have an easement across my property that allows through traffic (moving at a speed that makes peeping through my windows impossible without a high-speed camera peepmobile). This is a privilege I extend to travelers out of good citizenship and a recognition of need. Google is abusive of my generosity and unrepentant about their abuse of road easements worldwide. Just because I am a good neighbor, they are using their tremendous resources to enable the entire Internet to invade my privacy. Nobody needs to see inside my house except thieves and paedophiles, and it's unreasonable to say I have to keep my windows and curtains closed 24/7 or risk Google making a profit off abusing my good citizenship.

Google makes no effort to distinguish public roads from travel easements, and they should be fined strongly enough to remove the profit they gain from this behavior. But don't give the money to me - give it to victims of the criminals who use Google's through-the-window shots to case houses.

Re:Peeping Tom

Hey, thanks for notifying us in advance to disregard your argument by throwing in a "but the children!!11" bit in.

Re:Peeping Tom

[flimflammer]

Your child's window appeared in streetview and you think that's dealing child porn? No wonder they didn't take you seriously the first 2 times. They probably complied if only to shut up a nutter.

Re:Peeping Tom

Links to pics of your daughter?

Re:Privacy protection with custom HOST file... apk

Ok, this is hilariously bad advice. I tested his 645,000 line hosts file under linux. The result: DNS lookups took 3 seconds longer since scanning the hosts file is O(N) and is done for every DNS lookup, before checking the DNS cache, before querying the DNS server.

Under Windows, the situation is the same if you have the local DNS cache server disabled. If the local DNS cache server is enabled, it took almost 2 hours to load the hosts file, during which time all DNS lookups were blocked. Why? Well, the DNS cache isn't designed to holed 645,000 items so after every insert, it rehashes and moves all the previous entries around. That's ~ O(N*N*N) performance.

tl;dr - APK is an idiot or a troll. Probably a troll since his early comments were about Windows being more secure than Linux before he started spewing this HOSTS shit.

Isn't just the users' faults, either

Both parties are to blame in this case. Users with unencrypted home wifi are being careless by taking no precautions to secure their data, and Google is morally in the wrong for taking advantage of that. Just because something is in plain sight and not locked up does not mean you should take it without asking.

Failed analogy alert

Finding a single unlocked door is completely different from deliberately going around and testing every single door you find.

Stumbling across a Euro left "on the sidewalk" is nothing like putting on scuba gear and diving into a wishing fountain and taking all the money you find in it.

Why the hell is there such a "It's GOOGLE so it must be OK" bent here?

Re:Failed analogy alert

Good thing you alerted us about your failed analogies. Now, please do educate yourself about WiFi and keep the pumping up for less technically oriented forums.

Re:Privacy protection with custom HOST file... apk

[nospam007]

"Ok, this is hilariously bad advice. I tested his 645,000 line hosts file under linux."

But there's one benefit.
The hosts stuff is always in his posts, so you can use it to filter the asshole out.

Why were they only capturing the start of frames?

[Branciforte]

The data that was collected consisted of only the beginnings of packets, by an antenna that randomly switched between many different frequencies.

If Google was really trying to collect personal data, why didn't they collect entire packets on all the frequencies? They certainly have the resources to do it right.

Re:LEARN WHY I WAS MODDED DOWN... apk

You really have nothing better to do, do you?

No offense intended but that's very sad.

Jeremiah Cornelius: Grow up

You're embarassing yourself Jeremiah Cornelius http://slashdot.org/comments.pl?sid=3581857&cid=43276741 since you posted that using your registered username by mistake (instead of your usual anonymous coward submissions by the 100's the past 2-3 months now on slashdot) giving away it's you spamming this forums almost constantly, just as you have in the post I just replied to.

Re:Hate to say it, but I kind of like Bing's metho

[drinkypoo]

Hey, some guy driving the car made a mistake going where he/she shouldn't... some private road, some really long driveway that looked like a continuation of the road, etc. It was a mistake by a poor guy that probably got fired / reprimanded for his goof, not some company trying to be evil. Now the whole WiFi thing... meh. Haven't been following up on it.

What I've seen is the groupthink shift from "if the signals are floating through the air it's OK to intercept them while I look for free wifizzz" to "google collecting all this information must be eeeevil!" It's OK if people do it, but not OK if google does it, apparently.

There's some merit to the idea, because google is in a much better position to abuse information. But on the other hand, is your network secure or isn't it?

Here's an Anagram

George Orwell
Google Rewler

Prime example...

...of how laws represent the morale of the masses, not what's right and wrong.

Fines smaller than profits cost of doing business

[Maxo-Texas]

Short of criminal penalties (even a couple days in jail), paying any amount less than the profits is just a cost of doing business.

The fines should be "profits from the illegal activity" plus a reasonable punitive fine on top.

Too much for doing nothing wrong!

[darth_borehd]

It's not like they are hacking into networks--these are *unsecured* wi-fis.

separation of powers

[BBird]

Regulators (and judges) should not complain or make comments about the law, as much as law makers should not comment on how it is applied. If the limit was set (purportedly) low by the law maker, the regulator has to apply it and shut up. If they want to make laws get elected first.