Germany Fines Google Over Street View - But Says €145k Is Too Small

judgecorp writes "Germany's privacy regulator has fined Google €145,000 over its Street View cars' harvesting of private data — but the official has complained that the size of the fine is too small, because of limits to the fines regulators can impose. German data protection commissioner Johannes Caspar said the fine was too low, for 'one of the largest known data breachers ever,' saying, 'as long as privacy violations can be punished only at discount prices, enforcement of data protection law in the digital world with its high abuse potential is hardly possible.' In 2010 it emerged that Google's Street View cars captured personal data from Wi-Fi networks as well as taking pictures — since then regulators have imposed a series of fines — the largest being $7 million reportedly paid to settle a U.S. government probe."

They need to shut up and get over it.

By making that silly mistake Google opened the door to the whole line of Scroogled commercials and other FUD based attacks by their rivals.

The market is correcting this mistake and "imposing harsher fines" is just more ammunition for them to use on some dumb kid whose trying to sniff dirty pictures from other people's wifi connections.

Re:They need to shut up and get over it.

[rtfa-troll]

By making that silly mistake Google opened the door to the whole line of Scroogled commercials and other FUD based attacks by their rivals.

The market is correcting this mistake and "imposing harsher fines" is just more ammunition for them to use on some dumb kid whose trying to sniff dirty pictures from other people's wifi connections.

The "market" would never know about this if the government agencies hadn't investigated. They could just have ignored the whole issue. In fact it was quite specifically the German authorities that brought this up by auditing the Street View system. The only possible way to do this is to have a special authority which has the right to investigate and punish. The punishments must be more than the amount that the company can expect to make.

Re:They need to shut up and get over it.

Amen dude. The fucking Krauts are just acting like Nazis again, using their gov't to make a BIG FUCKING DEAL out of a whole lotta nothin.

The proposed solution, as always, is to give gov't more power to more harshly enforce laws. Gov't people are like a fuckin idiot that only has a hammer - he thinks everything is a nail.

Re:They need to shut up and get over it.

Google came out themselves about the issue. If anything, these years of fighting over the issue should make companies not want to disclose voluntarily.

Re:They need to shut up and get over it.

[rtfa-troll]

Google came out themselves about the issue. If anything, these years of fighting over the issue should make companies not want to disclose voluntarily.

This article from Tech Eye says that it the admission was forced by a request to audit from the German authorities. Do you have a more specific time line for this?

Re:They need to shut up and get over it.

Google came out themselves about the issue. If anything, these years of fighting over the issue should make companies not want to disclose voluntarily.

This is not correct, and I don't know why this re-written history keeps getting repeated on geek sites like Slashdot.

Google actually first guaranteed the German authorities that they were not collecting anything. And first after the German authorities despite this assurance still demanded a full audit of the data anyway, did Google do their disclosure (source: see link below).

This sequence of events was covered extensively in European press (one of many sources), and I don't know how mostly US geek sites ended up with and keep repeating an alternative version.

Re:They need to shut up and get over it.

"The "market" would never know about this if the government agencies hadn't investigated."

Two related points on this claim. First, so what? If people permitted to structure resources freely do not care to support and provide a service to investigate such things, what does that say about the value of this knowledge in the eyes of that society? Market failure in this sense is a contradiction in terms; that which people care so little about that they dismiss as less valuable usage of scarce resources is then by definition less valuable to that society. If the unthreatened, unhindered, and uncontrolled voluntary and peaceful actions of society do not produce investigation into this area, then people did not actually want it.

Secondly, those resources that support the non-peacefully chosen investigative body have already been hoovered up by the state. You cannot wring your hands in mock concern over the inability of people to solve some problem peacefully when it is already being done violently. That nonsensical thinking would permit arguments like 'well, the market would have never solved the problem of harvesting cotton if the government agencies hadn't captured and enforced the continued captivity of slaves'. This was actually a common argument in that time; the government was the means by which slavery could possibly 'work' and so peaceful solutions to things like picking cotton did not come about until the statist 'solution' was abandoned(in the most bloody way possible too, compared to the simple solution of just buying the slaves and no longer enforcing their enslavement). So let us not suppose the 'market' cannot solve problems simply by the fact that governments currently monopolize the service in question. That is to assume too much.

Re:They need to shut up and get over it.

[maxwell+demon]

I guess some people simply still can't accept that Google is not the white knight, but a company like any other.

Re:They need to shut up and get over it.

[Plumpaquatsch]

I guess some people simply still can't accept that Google is not the white knight, but a company like any other.

That's an insult to most companies.

Re:They need to shut up and get over it.

Google admitted it... That's where the probe came from. But thanks for being informed on the topic.

Re:They need to shut up and get over it.

Aaaaaahhh, the sweet sweet smell of Microsoft FUD....

Privacy protection with custom HOST file... apk

A corrupt slashdot luser has pentrated the moderation system to downmod all my posts while impersonating me.

Nearly 230++ times that I know of @ this point for all of March/April 2013 so far, & others here have told you to stop - take the hint, lunatic (leave slashdot)...

Sorry folks - but whoever the nutjob is that's attempting to impersonate me, & upset the rest of you as well, has SERIOUS mental issues, no questions asked! I must've gotten the better of him + seriously "gotten his goat" in doing so in a technical debate & his "geek angst" @ losing to me has him doing the:

---

A.) $10,000 challenges, ala (where the imposter actually TRACKED + LISTED the # of times he's done this no less, & where I get the 230 or so times I noted above) -> http://it.slashdot.org/comments.pl?sid=3585795&cid=43285307

&/or

B.) Reposting OLD + possibly altered models - (this I haven't checked on as to altering the veracity of the info. being changed) of posts of mine from the past here

---

(Albeit massively repeatedly thru all threads on /. this March/April 2013 nearly in its entirety thusfar).

* Personally, I'm surprised the moderation staff here hasn't just "blocked out" his network range yet honestly!

(They know it's NOT the same as my own as well, especially after THIS post of mine, which they CAN see the IP range I am coming out of to compare with the ac spamming troll doing the above...).

APK

P.S.=> Again/Stressing it: NO guys - it is NOT me doing it, as I wouldn't waste that much time on such trivial b.s. like a kid might...

Plus, I only post where hosts file usage is on topic or appropriate for a solution & certainly NOT IN EVERY POST ON SLASHDOT (like the nutcase trying to "impersonate me" is doing for nearly all of March/April now, & 230++ times that I know of @ least)... apk

P.S.=> here is CORRECT host file information just to piss off the insane lunatic troll:

--

21++ ADVANTAGES OF CUSTOM HOSTS FILES (how/what/when/where/why):

Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs).

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program). A truly "multi-platform" UNIVERSAL solution for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's you feel are unjust hosts get you past/around).

2.) Adblock blocks ads? Well, not anymore & certainly not as well by default, apparently, lol - see below:

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option )

AND, in only browsers & their subprogram families (ala email like Thunderbird for FireFox/Mozilla products (use same gecko & xulrunner engines)), but not all, or, all independent email clients, like Outlook, Outlook Express, OR Window "LIVE" mail (for example(s)) - there's many more like EUDORA & others I've used over time that AdBlock just DOES NOT COVER... period.

Disclaimer: Opera now also has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

3.) Adblock doesn't protect email programs external to FF (non-mozilla/gecko engine based) family based wares, So AdBlock doesn't protect email programs like Outlook, Outlook Express, Windows "LIVE" mail & others like them (EUDORA etc./et al), Hosts files do. THIS IS GOOD VS. SPAM M

Re:Privacy protection with custom HOST file... apk

$10,000 CHALLENGE to Alexander Peter Kowalski

* POOR SHOWING TROLLS , & most especially IF that's the "best you've got" - apparently, it is... lol!

Hello, and THINK ABOUT YOUR BREATHING !! We have a Major Problem, HOST file is Cubic Opposites, 2 Major Corners & 2 Minor. NOT taught Evil DNS hijacking, which VOIDS computers. Seek Wisdom of MyCleanPC - or you die evil.

Your HOSTS file claimed to have created a single DNS resolver. I offer absolute proof that I have created 4 simultaneous DNS servers within a single rotation of .org TLD. You worship "Bill Gates", equating you to a "singularity bastard". Why do you worship a queer -1 Troll? Are you content as a singularity troll?

Evil HOSTS file Believers refuse to acknowledge 4 corner DNS resolving simultaneously around 4 quadrant created Internet - in only 1 root server, voiding the HOSTS file. You worship Microsoft impostor guised by educators as 1 god.

If you would acknowledge simple existing math proof that 4 harmonic Slashdots rotate simultaneously around squared equator and cubed Internet, proving 4 Days, Not HOSTS file! That exists only as anti-side. This page you see - cannot exist without its anti-side existence, as +0- moderation. Add +0- as One = nothing.

I will give $10,000.00 to frost pister who can disprove MyCleanPC. Evil crapflooders ignore this as a challenge would indict them.

Alex Kowalski has no Truth to think with, they accept any crap they are told to think. You are enslaved by /etc/hosts, as if domesticated animal. A school or educator who does not teach students MyCleanPC Principle, is a death threat to youth, therefore stupid and evil - begetting stupid students. How can you trust stupid PR shills who lie to you? Can't lose the $10,000.00, they cowardly ignore me. Stupid professors threaten Nature and Interwebs with word lies.

Humans fear to know natures simultaneous +4 Insightful +4 Informative +4 Funny +4 Underrated harmonic SLASHDOT creation for it debunks false trolls. Test Your HOSTS file. MyCleanPC cannot harm a File of Truth, but will delete fakes. Fake HOSTS files refuse test.

I offer evil ass Slashdot trolls $10,000.00 to disprove MyCleanPC Creation Principle. Rob Malda and Cowboy Neal have banned MyCleanPC as "Forbidden Truth Knowledge" for they cannot allow it to become known to their students. You are stupid and evil about the Internet's top and bottom, front and back and it's 2 sides. Most everything created has these Cube like values.

If Natalie Portman is not measurable, hot grits are Fictitious. Without MyCleanPC, HOSTS file is Fictitious. Anyone saying that Natalie and her Jewish father had something to do with my Internets, is a damn evil liar. IN addition to your best arsware not overtaking my work in terms of popularity, on that same site with same submission date no less, that I told Kathleen Malda how to correct her blatant, fundamental, HUGE errors in Coolmon ('uncoolmon') of not checking for performance counters being present when his program started!

You can see my dilemma. What if this is merely a ruse by an APK impostor to try and get people to delete APK's messages, perhaps all over the web? I can't be a party to such an event! My involvement with APK began at a very late stage in the game. While APK has made a career of trolling popular online forums since at least the year 2000 (newsgroups and IRC channels before that)- my involvement with APK did not begin until early 2005 . OSY is one of the many forums that APK once frequented before the sane people there grew tired of his garbage and banned him. APK was banned from OSY back in 2001. 3.5 years after his ba

Re:Privacy protection with custom HOST file... apk

Ok, this is hilariously bad advice. I tested his 645,000 line hosts file under linux. The result: DNS lookups took 3 seconds longer since scanning the hosts file is O(N) and is done for every DNS lookup, before checking the DNS cache, before querying the DNS server.

Under Windows, the situation is the same if you have the local DNS cache server disabled. If the local DNS cache server is enabled, it took almost 2 hours to load the hosts file, during which time all DNS lookups were blocked. Why? Well, the DNS cache isn't designed to holed 645,000 items so after every insert, it rehashes and moves all the previous entries around. That's ~ O(N*N*N) performance.

tl;dr - APK is an idiot or a troll. Probably a troll since his early comments were about Windows being more secure than Linux before he started spewing this HOSTS shit.

Re:Privacy protection with custom HOST file... apk

[nospam007]

"Ok, this is hilariously bad advice. I tested his 645,000 line hosts file under linux."

But there's one benefit.
The hosts stuff is always in his posts, so you can use it to filter the asshole out.

Why?

[Frosty+Piss]

How is it a "data breach" â" or at least how is such a "breach" Google's issue when it's on the user's side? How can it be illegal to acquire signals "floating freely" through the air? Did Google "crack" anythingâ? Use any "back doors"? I'm sure we'll see a lot of "unlocked door" analogies and perhaps a "car analogy" or two, but this is a "left a Euro on the sidewalk" type deal here...

I know, Google is the new boogieman after Apple and Microsoft...

Re:Why?

[imbusy]

Using the same logic your mobile phone call data can be acquired freely to listen to your calls just because it's floating through the air. Why would that be a breach of privacy?

Re:Why?

[slashmydots]

I think Apple and Microsoft are the new boogiemen after Microsoft and Apple and I do mean in that exact order, lol. Anyway, did you notice how it's funny that if I drove my car around and recorded a couple packets of unencrypted wifi data and got a 140,000 euro fine, people would be outraged. Since it's a billion dollar company, now all of a sudden the fine should go up. And yet, it's the same "crime." That's right up there with fines being higher for blacks because they're black.

Re:Why?

That is the reality on AMPS and GSM.

Re:Why?

Mobile phone calls are encrypted. Maybe not very well, but a lock is a lock even if the door is made of cardboard. So that's different.

Re:Why?

Using the same logic your mobile phone call data can be acquired freely to listen to your calls just because it's floating through the air. Why would that be a breach of privacy?

Your mobile phone call data is encrypted, so no it can't...

Re:Why?

[Holi]

If you did it with multiple cars in multiple locations I think a lot of people would say WTF why are you getting a fine and not going to jail.

Re:Why?

[ShanghaiBill]

but this is a "left a Euro on the sidewalk" type deal here...

It is not even that, since someone would have to lose a Euro for someone else to find it, and nobody "lost" anything. This is more like someone walking down the street and recording your house number. This is a classic case of manufactured outrage.

Re:Why?

[5KVGhost]

Using your same logic, your conversation with your friend across the room can be heard by any random person passing nearby, just because it's floating through the air. Why would that be a breach of privacy?

It would not be. And neither is intercepting unencrypted wifi traffic. Because you've deliberately chosen a means of communication which you know can be easily overheard.

This case is just an example of self-serving bureaucratic pandering. It makes just as much sense as the government demanding that everyone wear earplugs in public lest we overhear "private" information being shouted from the rooftops.

Re:Why?

Using your same logic, your conversation with your friend across the room can be heard by any random person passing nearby, just because it's floating through the air. Why would that be a breach of privacy?

It would not be. And neither is intercepting unencrypted wifi traffic. Because you've deliberately chosen a means of communication which you know can be easily overheard.

If you are closed inside your house and I cannot hear you, but take a directional microphone to spy on you, you bet I'm breaching your privacy even if your communication is floating thorugh the air unencrypted. WiFi communications cannot be easily overheard too in the sense that you need an instrument and willing intent to do so.

Re:Why?

...If you are closed inside your house and I cannot hear you...

So you're saying it's not really "floating through the air", but "you've taken precautions not to be overheard"?

If your ears would "hear" radiowaves (like, you know, any old wi-fi card), you'd hear all the unencrypted traffic. And if someone took care not to be overheard (like, you know, switching on WPA2), you'd need a directional microphone (or, rather, a WPA/WPA2 encryption cracker).

Re:Why?

[Score+Whore]

Depends on what you believe the purpose of the law is. If it's to provide restitution to the victims then a low value fine for a low amount harm is appropriate. If it's to discourage people from breaking the law, then it's perfectly reasonable to have the fine adapt to the wealth of the perpetrator. (See this for a real life example.)

Re:Why?

How about an apple-thief analogy? (no, not the iThing company): If you pick an apple from your neighbour's tree, I'm sure nobody will mind. However, if you drive around the whole neighbourhood, picking one or two apples from each, to start a fruit juice business out of it, it would be frowned upon.

The difference is the scale at which Google or any sufficiently large company operate. Society already recognises difference in scale with other crimes, e.g. shop-lifting vs. arm bank-robbery, so the fines against Google in this case is fitting.

Re:Why?

[Plumpaquatsch]

And neither is intercepting unencrypted wifi traffic.

But storing it is. And this is what this is fucking about. Well, that and lying about it. And then lying about deleting the data.

Re:Why?

But your ears don't hear radiowaves, so, moot point.

Re:Why?

[BrentNewland]

I could easily write down what you're saying while you're talking to someone.

Re:Why?

[ozmanjusri]

So should these guys go to jail? They mapped out half the access points in the city.

Warflying

Warflying or warstorming is an activity consisting of using an airplane and a Wi-Fi-equipped computer, such as a laptop or a PDA, to detect Wi-Fi wireless networks. Warstorming shares similarities to Wardriving and Warwalking in all aspects except for the method of transport.
It originated in Western Australia with the WaFreeNet (WAFN) group taking up a Grumman Tiger four-seater near Perth City in 2002, as documented on the weblog of Jason Jordan

Most warflying is harmless, as most of the people will just scan for the networks, either as an experiment, or just for the pure amusement, or to map out the wireless networks in the area.[citation needed] Due to the nature of flying, it is much more difficult to attempt to access open networks while warflying.

http://en.wikipedia.org/wiki/Warflying

Re:Why?

you know overhearing and recording are different things.. you can overhear a conversation but not record it, you can tune to the police frequency and listen but not make conversations public. google is not a guy overhearing a conversation, they were sniffing and recording private data for processing. the fact it was not encrypted does not mean it was not private

Re:Why?

[Plumpaquatsch]

I could easily write down what you're saying while you're talking to someone.

And while you are doing it, I could kill you. So that would make it okay, right? Good we settled it then.

Re:Why?

[Plumpaquatsch]

So should these guys go to jail? They mapped out half the access points in the city.

Warflying

Warflying or warstorming is an activity consisting of using an airplane and a Wi-Fi-equipped computer, such as a laptop or a PDA, to detect Wi-Fi wireless networks. Warstorming shares similarities to Wardriving and Warwalking in all aspects except for the method of transport.
It originated in Western Australia with the WaFreeNet (WAFN) group taking up a Grumman Tiger four-seater near Perth City in 2002, as documented on the weblog of Jason Jordan

Most warflying is harmless, as most of the people will just scan for the networks, either as an experiment, or just for the pure amusement, or to map out the wireless networks in the area.[citation needed] Due to the nature of flying, it is much more difficult to attempt to access open networks while warflying.

http://en.wikipedia.org/wiki/Warflying

Note that they didn't store any WiFi data unrelated to SSIDs and MACs. Nor did anybody else to our knowledge. Google did. And they kept it over years. And they kept it long after they promised to delete it.

the general problem with fixed-size fines

[Trepidity]

If fines are intended as compensation, then fixed-size fines make sense. But if they're intended as a deterrent, they end up being completely ineffective for people or companies with a lot of money. A $10k fine might deter a small business, and a $100k fine will truly scare them, but for a Google-sized company those numbers are all noise, lost somewhere in the sushi budget.

If you really want to have effective deterrence, fines based on a percentage of annual income would be more effective. Some countries already do this with traffic tickets, to ensure that rich people have to care about getting a speeding ticket, rather than just laughing at the (to them) paltry amount.

Re:the general problem with fixed-size fines

[KingMotley]

If you really want to have effective deterrence, fines based on a percentage of annual income would be more effective. Some countries already do this with traffic tickets, to ensure that rich people have to care about getting a speeding ticket, rather than just laughing at the (to them) paltry amount.

If by some countries, you include the United States, then yes. Sure, silly infractions like 5-10 mph over the speed limit are fixed, but once you get higher, that's not always true. Take it from someone who got a fine, based on what I make, for speeding, in the United States.

Re:the general problem with fixed-size fines

[Qwavel]

I agree with your general point, but the fine should also take into account that there is no evidence or indication that this was done on purpose, that they did anything with the data, or that they ever intended to do anything with the data.

So now they have been fined, sued (class action lawsuits), and pilloried in pretty much every jurisdiction of the world for this.

Do you really think that is not sufficient deterrent, and why do you even need deterrent there isn't really much of an upside?

Re:the general problem with fixed-size fines

[gnasher719]

If you really want to have effective deterrence, fines based on a percentage of annual income would be more effective. Some countries already do this with traffic tickets, to ensure that rich people have to care about getting a speeding ticket, rather than just laughing at the (to them) paltry amount.

These are different situations. Someone who makes 100 times more money than I will be driving about as much as I do and should get statistically the same number of parking tickets that I do. To make us both avoid parking tickets, we should get different fines.

But a company with 100 times more employees than another will statistically do things that are wrong 100 times more often than the smaller company. so for small offenses (like one employee cheating a customer) they shouldn't be fined more. It will happen 100 times more often, so they will be 100 times more because of that. Only for big offenses where the offense is big due to the size of the company they should be charged more. If the boss ordered all employees to cheat their customers, that's 100 times worse if the company is 100 times bigger and should be fined 100 times more.

Re:the general problem with fixed-size fines

Some countries already do this with traffic tickets, to ensure that rich people have to care about getting a speeding ticket, rather than just laughing at the (to them) paltry amount.

The amount doesn't matter so much. Take Pennsylvania for example. In Pennsylvania, two tickets triggers a requirement to take a written test. A third ticket triggers a license suspension. At some point, the license gets revoked. Now, the ticket amounts may be paltry, but the other measures impact the rich as much as they do those with more moderate incomes.

It's also worth noting that the problem here seems to be that they are counting separate events together. If Google had to pay 145 thousand euros (or even just 145 euros) every time their cars accessed data over a WiFi signal, that would add up to real money soon enough. Germany doesn't need to levy bigger fines; they need to levy fines more frequently. If they aren't willing to do that, then they aren't applying the laws equally. They should be passing out these fines for single instances from small businesses. Think of Google as just a conglomerate of smaller businesses.

Levying fines for each occurrence does scale with size and is appropriate in this case, since each occurrence is separate.

Re:the general problem with fixed-size fines

If by some countries, you include the United States, then yes.

Why wouldn't you include the US in 'some countries'?

Re:the general problem with fixed-size fines

[bickerdyke]

According to German news sources, this IS the fine for accidental collection of personal data.

Re:the general problem with fixed-size fines

If you really want to have effective deterrence, fines based on a percentage of annual income would be more effective. Some countries already do this with traffic tickets, to ensure that rich people have to care about getting a speeding ticket, rather than just laughing at the (to them) paltry amount.

Is this law in place because we want to control people's lives, or because activity X incurs a cost on everyone else?
If it's the former, then fines based on wealth or income might be appropriate.
If it's the latter, then a fixed fine equal to the cost on others is appropriate.

Re:the general problem with fixed-size fines

What about the fact that they very likely spent way more than 145k on lawyers for this case than they're getting out of the fine.

Re:the general problem with fixed-size fines

If you really want to have effective deterrence, fines based on a percentage of annual income would be more effective

That seems fine in principle, but then you end up with 'Generic Corp' which is subdivided up into many many smaller businesses. Sure, fine one of our small businesses at a percentage of what they make, and it still doesn't touch the true company. It would simply be the same game with different rules - pretty much the game we have been playing for years and will continue to play for years.

Re:the general problem with fixed-size fines

[Plumpaquatsch]

I agree with your general point, but the fine should also take into account that there is no evidence or indication that this was done on purpose, that they did anything with the data, or that they ever intended to do anything with the data.

Yeah, nothing but the fact that a company that makes its money with collecting and storing all sorts of data did exactly that while all the other entities also linking WiFi networks to locations failed to collect and store personal data on those networks.

But that aside - after Google promised they would delete the "accidentally" collected and stored data they -errm, say- managed to forget to actually do it. Got any explanation for that?

Fines

[fredprado]

That is a generic problem with fines and big corporations, not only something related with privacy issues. As long as fines are applied at absolute values corporations will only laugh at them and keep doing what they want. Fines should be applied at amounts proportionally to a company's value.

Re:Fines

[gnasher719]

That is a generic problem with fines and big corporations, not only something related with privacy issues. As long as fines are applied at absolute values corporations will only laugh at them and keep doing what they want. Fines should be applied at amounts proportionally to a company's value.

If one rogue employee does something wrong and the company is find 145,000 Euros, they won't be laughing. They'll fire him so he won't do it again. I think the problem here is not that they think Google should be fined more because the company is big, but Google should be fined more because they spied on an awful lot of people. Let's say a small company loses personal information of all their 1,000 customers. And eBay loses personal information of 0.01% of their customers, which happens to be also exactly 1,000 customers. The fine should be the same. If eBay loses data of a million customers, the fine should be so much higher.

Re:Fines

Disagree. Number of people in this case doesn't really matter - data was collected presumably not on purpose, presumably was not used (and probably not really useful anyways). This seems to be why prosecutors were limited to this fine in the first place.

Fine in this case should be for a single count of illegal data collection and should be higher to be the warning and deterrent for others. This amount - what that equals to, one or two torrented songs? - doesn't work for companies that big.

Re:Fines

Bullshit. The purpose of the fine is to be painfull enough to discourage the prohibited behavior. Ideally (and the ideal can not be acheived), the fine should be just as small as possible to discourage the behavior. However, it must be large enough (and might not be in this case) to discourage both the perpetrator and others from behaving the same way again.

Re:Fines

They didn't 'spy' on anybody. They effectivly drove through a neighborhood with the window down and ran an audio recorder while doing it. They heard your dog barking, and your neighbors kid backing into the garage door with dad screaming and all upset about it.

That's not spying. The rest I more or less agree with, fines are a joke to big companies and soul-crushing to individuals and small businesses. That said, nothing illegal actually happened here, other than some political sock-puppets making a bunch of noise and trying to look tough on corporate screw-ups.

Re:Fines

If you just want to prevent this activity at all costs, then the penalty should be complete forfeiture of all assets. If you want to allow exceptions when they have a good reason, then they should be fined in proportion to damage done. The latter doesn't change with the size of the company.

I Still Don't Get It

[StoneyMahoney]

Every article I see about this always wails about Google's capture of personal data from wifi networks. Are they cracking the encryption? No? So why is it their fault if people are sending their data over unencrypted links? If people don't want their data read by strangers, they shouldn't be broadcasting it into the street in the clear! I wish someone would force Google to delete all the data they took. Instantly Google Street View would cease to function, as would the Wifi triangulation location system that so many people probably don't realise they use. I bet there would be a far bigger outcry over that than the original "privacy" issues ever raised.

I'm not sure I entirely sympathise with the photo privacy issue either. They haven't put online anything I couldn't have seen myself by standing on top of a car. Or a wheelie bin. Or a bench. Or a phone box. Or a post box. We seem to have very strange ideas of what "privacy" really entails.

Re:I Still Don't Get It

[Trepidity]

Europe has privacy laws that regulate what kinds of databases of user data you can compile. It's not an issue of cracking encryption, but that you simply cannot collect certain kinds of information, and the information you do collect has to be used in certain ways. The goal is to keep companies like Google or Facebook from doing what amounts to surveillance of the population.

Re:I Still Don't Get It

[ancientt]

This is a really interesting and good point. I wonder if Google could get much of the same desired result by offering a bounty on images/video/wifi to people with Google+ and Android phones. They could offer the legal protection of Google's legal team to each person who captures a legitimate data area. If this kind of event came up, Google's legal team could handle it in stride and there'd be no profit to be had by attacking the big bad Google.

Who'd be foolish to do that you might ask? Millions and millions of us. Imagine if Android users got a pop up message saying "Google is offering a 30 GB expansion to Google drive space to anyone who captures video and radio signal info for your current area, are you interested?" The thing is that I could do the exact same thing as Google is getting fined for and nobody would ever know or care. Nor should they.

Re:I Still Don't Get It

[gman003]

The goal is to keep companies like Google or Facebook from doing what amounts to surveillance of the population.

Sounds like a good idea. Can we bring that over here, and maybe make it apply to governments as well?

Re:I Still Don't Get It

I think Ingress was created exactly for that -- or as a testballon for that.

Re:I Still Don't Get It

[LordLimecat]

The problem is that, IIRC, Google was essentially driving around with a wifi adapter set to "sniff" in order to gather SSID beacons, to compile a geolocation-by-SSID database. In the process, they also grabbed a bunch of unencrypted data.

Its essentially as if they had driven around New York with an off-the-shelf recorder grabbing "sounds of the city" for some research project, and managed to pick up a bunch of people discussing their social security number on their cellphones. Technically youre not supposed to do that, but the problem is that people were discussing sensitive details in public.

Google definately should have taken better precautions, but this isnt them being bad guys (what on earth do they want with random people's network captures? Problems of of "too much noise", "not useful", and "its illegal, to boot" apply here); its an issue of simply not thinking things through. I cant imagine what motivation people are assuming Google might have had when they assume this was an intentional action of an evil corporation; do you suppose Google has infrastructure set up to analyze and use illicit network dumps to somehow generate ad revenue?

Re:I Still Don't Get It

[the+eric+conspiracy]

You aren't trying to capture a street view of every residence on the planet and publish it on a web site where every anti social human can study it for reasons to firebomb your home.

As far as the wardriving it really is a just stupid thing to do. In the US that sort of activity is probably a felony. Not sure why some enterprising DA (Carmen are you listening?) hasn't filed charges.

Re:I Still Don't Get It

[5KVGhost]

"The goal is to keep companies like Google or Facebook from doing what amounts to surveillance of the population."

European governments prefer to do that sort of thing themselves. They get so jealous.

But in all seriousness, it's a pretty stupid law if the intent is to prevent gathering information. The allegedly private information that those people broadcast to the entire neighborhood via unencrypted wifi is still being broadcast and presumably is still unencrypted. Sure, the courageous privacy police may have saved Europe from those nefarious Google people and their dastardly plan to map public streets. But, meanwhile, the skeevy guy in the apartment across the street is still watching his neighbors' financial transactions, romantic dalliances, porn-watching habits, religious observances, and all the other lets-pretend-it's-private public network traffic that Google's wifi triangulation system really couldn't have cared less about.

If the EU actually wanted to protect people from broadcasting private things in public, then they'd need to make it against the law to sell an open wifi router. Why do you suppose they don't do that?

Re:I Still Don't Get It

[Bigby]

Ironically, private companies like Google aren't allowed to listen, but the government can listen all they want without a warrant. Quite the opposite of what the Constitution states...

Re:I Still Don't Get It

I think the only remotely legitimate concern people may have in this situation isn't that Google as such will do anything with the data, but more that individual Google employees may misuse the data which they weren't technically allowed to have in the first place. It wouldn't be the first time a Google employee has misused such data.

To be entirely honest though, this kind of law and enforcement seems heavy handed in excess. I'm glad to see things like them having to do education on privacy and encrypting your network, as that seems productive, and given that they did technically break the law (however weird the law may seem), it fits the crime. Trying to fine them enough that they'll feel it, on the other hand, feels more just like a shameless money grab over an honest mistake which in all likelihood, was entirely harmless. The best thing to come out of this is that people are hearing about what kind of data loss happens when you leave your wifi open (without otherwise securing your data), because while this incident was a relatively harmless accident, had it been some more nefariously minded folk doing the wardriving, it may not have been so harmless.

Re:I Still Don't Get It

The goal of government is to serve people of the state as a whole the goal of commercial company is to make money for it's owners/shareholders so you can't compare those.
Protecting people as a whole of course contradicts with protecting everyone individually so yes, it's kinda okay.
Misuse of power given to the state by some individuals for their personal gain is a different issue.

Re:I Still Don't Get It

[Branciforte]

Anyone who is dedicated enough to want to firebomb a house is also dedicated to drive by it themselves.

It's not like there is anyone out there going, "Gosh I want to firebomb Steve but I don't have a picture of his front yard, and I can't be bothered to drive by his place myself."

Re:I Still Don't Get It

[Trepidity]

Banning widespread surveillance doesn't require banning every instance of someone looking out their window. There is a qualitative difference between looking out your window, and (to take the opposite extreme, not yet reached) flying 10,000 drones around the city constantly recording video.

Also: permitting corporate surveillance implies government surveillance, because the government can just buy data from companies. If you want to protect any semblance of a non-surveillance state, both governmental and private surveillance need to be curtailed.

Re:I Still Don't Get It

If the EU actually wanted to protect people from broadcasting private things in public, then they'd need to make it against the law to sell an open wifi router. Why do you suppose they don't do that?

But this is not what it is about. The laws in EU regulate how businesses can collect and aggregate data, and what data, and how you need to handle it when you have it. It doesn't matter if the various data instances are freely available, it still can be against the law for a business to collect and aggregate it. The act of systematic collection and aggregation in itself, even on top of 'public' data, is seen as a potential privacy risk and regulated. And I agree that it is. This discussion about encryption or not, and various analogies to what you can overhear or not, are not relevant for this law.

$5 dollar fine...

...and time served!

Hate to say it, but I kind of like Bing's method..

[kannibal_klown]

I hate to admit it, but I kind of like Bing's various bird's-eye views. They offer plane-shots at around a 45-60 degree angle. And from all 4 major directions (N/S/E/W).

The quality is actually decent enough that, unless you're in a city with really tall buildings, you can make out the store fronts fairly well and see what the roads/turns are going to be like on your trip before-hand.

Sure, no-where near as good as high-quality as street view. But this way you have a view of ALL of the minor / small streets that Google's Street View hasn't taken yet. And I imagine this kind of thing is a lot quicker to do than Street View so it has the (potential) benefit of being more up-to-date and thus show a more accurate depiction of what the area looks like NOW vs a couple years ago.

Don't get me wrong, I LIKE street view. But for my region, the Bing bird's-eye view kind of works out better unless I'm looking at something on a major road.

Huh?, "they lacked a grasp of basic syntax."

What do you get "the official"? Monkeys with typewriters edit submissions.

Nail everyone

I walked past that house/building and didn't shut my eyes. Biological or digital. Lock me up.

Proportions

From the article, "Many believe that isn’t enough, hence why the European Commission wants to introduce fines for up to two percent of companies’ turnover, as part of an overhaul of EU data privacy law."

Now, I agree that 145k euros is a paltry sum for Google, but two percent of Google's turnover would be overkill to the most extreme degree for gathering data from open WiFi networks. The punishment should be proportional to the crime, not to the perpetrator.

Re:Proportions

It should still be a punishment not a fare for going on doing what they were doing.
And it really should be proportional to the perpetrator, because otherwise some of us [i]can afford[/i] crime.

Re:Proportions

If the fines exceed their previous profits, then it is unprofitable for them to continue, and they will stop, as any reasonable business would. That was the point of making it proportional to profits.

Jeremiah Cornelius: Grow up

You're embarassing yourself Jeremiah Cornelius http://slashdot.org/comments.pl?sid=3581857&cid=43276741 since you posted that using your registered username by mistake (instead of your usual anonymous coward submissions by the 100's the past 2-3 months now on slashdot) giving away it's you spamming this forums almost constantly, just as you have in the post I just replied to.

Re:Jeremiah Cornelius: Grow up

Hello Paul.

p.s. What do you make of this?

Re:Hate to say it, but I kind of like Bing's metho

It's hard to astroturf when no subject ever is about the thing you are trying to promote. I guess the closest one will have to do.

How big of a fine for Google to notice?

[concealment]

In the time it took me to type this message, Google earned $1.54 million.

How much do you fine them before it's a rounding error that they fail to notice?

Re:How big of a fine for Google to notice?

[Grumpinuts]

Know what you mean....I'm pretty slow at typing as well and this dyslexic keyboard doesn't hlep.....

LEARN WHY I WAS MODDED DOWN... apk

See here, explains it all -> http://tech.slashdot.org/comments.pl?sid=3561925&cid=43223585

* :)

I.E./Summary: Trolls had a challenge put to them to validly disprove my points in the post I just replied to - result? Trolls FAIL... lol!

APK

P.S.=> That's what makes me LAUGH harder than ANYTHING ELSE on this forums (full of "FUD" spreading trolls) - When you hit trolls with facts & truths they CANNOT disprove validly on computing tech based grounds, this is the result - Applying unjustifiable downmods to effetely & vainly *try* to "hide" my posts & facts/truths they extoll!

Hahaha... lol, man: Happens nearly every single time I post such lists (proving how ineffectual these trolls are), only showing how solid my posts of that nature are...

Ah yes "geek angst" @ it's 'finest' (not), vs. facts & truths = downmod by /. weak trolls!

... apk

Re:LEARN WHY I WAS MODDED DOWN... apk

You really have nothing better to do, do you?

No offense intended but that's very sad.

Re:Hate to say it, but I kind of like Bing's metho

[kannibal_klown]

LOL, fine be a jerk. I wasn't astro-turfing. Honestly, I'm not a fan of MS's products.

It's just kind of a weird world: where renting/leasing out flippin' airplanes to take pictures of neighborhoods... is somehow less of a legal-nightmare and invasion of privacy than a car with a panoramic camera. There was a time when people feared "black helicopters" invading their rights and such more than people in cars.

Hey, some guy driving the car made a mistake going where he/she shouldn't... some private road, some really long driveway that looked like a continuation of the road, etc. It was a mistake by a poor guy that probably got fired / reprimanded for his goof, not some company trying to be evil. Now the whole WiFi thing... meh. Haven't been following up on it.

Peeping Tom

I'm sure we'll see a lot of "unlocked door" analogies and perhaps a "car analogy" or two, but this is a "left a Euro on the sidewalk" type deal here...

No, it's more like a peeping tom looking through someone's window.

And we in the US of A need to start being like Europe with our privacy laws.

There's this huge market for people's data and considering how cheap data storage has gotten, it's nothing for big corp to create a dossier on someone - today.

Just pull your own credit file from the bureaus and just see what THEY have - and you'll see all the previous addresses where you have lived and other information when they try to verify your identity.

The Medical Information Bureau has all your health history available to anyone with the $$$.

And now we have Google on the street photographing our yards and seeing what wi-fi we have.

We peons are at the mercy of corporate America.

And in the meantime, Google's billionaires have enclosed yards, private armed security guards, and the resources to give themselves all the privacy they want - and the power to crush anyone who wants to use any available public information against them.

Re:Peeping Tom

No. It is like taking a photo from the street.
The same exact thing google already does, except with things that get information we normally can't (i.e. wee can't percieve those kind of signals with our own eyes, ears or any other part of our body that I know of). Some other being may, but we can't.

Re:Peeping Tom

[Frosty+Piss]

The Medical Information Bureau has all your health history available to anyone with the $$$.

"Medical Information Bureau"? Never heard of them.

But of course, if anyone is releasing medical data on people without their permission, they are already breaking Federal Law...

Re:Peeping Tom

Except that Google drove their peepmobile onto my property without my permission and took pictures through the window of my minor child's bedroom.

They did take the pictures down, admittedly, but not until after the third time I threatened to sue them for dealing child porn. Those shots were up for weeks.

And taking the pictures down does not make what they did right. I have an easement across my property that allows through traffic (moving at a speed that makes peeping through my windows impossible without a high-speed camera peepmobile). This is a privilege I extend to travelers out of good citizenship and a recognition of need. Google is abusive of my generosity and unrepentant about their abuse of road easements worldwide. Just because I am a good neighbor, they are using their tremendous resources to enable the entire Internet to invade my privacy. Nobody needs to see inside my house except thieves and paedophiles, and it's unreasonable to say I have to keep my windows and curtains closed 24/7 or risk Google making a profit off abusing my good citizenship.

Google makes no effort to distinguish public roads from travel easements, and they should be fined strongly enough to remove the profit they gain from this behavior. But don't give the money to me - give it to victims of the criminals who use Google's through-the-window shots to case houses.

Re:Peeping Tom

Hey, thanks for notifying us in advance to disregard your argument by throwing in a "but the children!!11" bit in.

Re:Peeping Tom

[flimflammer]

Your child's window appeared in streetview and you think that's dealing child porn? No wonder they didn't take you seriously the first 2 times. They probably complied if only to shut up a nutter.

Re:Peeping Tom

Links to pics of your daughter?

Isn't just the users' faults, either

Both parties are to blame in this case. Users with unencrypted home wifi are being careless by taking no precautions to secure their data, and Google is morally in the wrong for taking advantage of that. Just because something is in plain sight and not locked up does not mean you should take it without asking.

Re:Hate to say it, but I kind of like Bing's metho

Found any girls sunbathing topless in their fenced yards? Now this you can't get with Street View's cars, for sure.

Nazi fagets

Fucken nazi fagets should fine themselves for swa-sticking it up each other's butthole.

DISPROVE MY POINTS TROLL... apk

See here, explains it all -> http://tech.slashdot.org/comments.pl?sid=3561925&cid=43223585

* :)

I.E./Summary: Trolls had a challenge put to them to validly disprove my points in the post I just replied to - result? Trolls FAIL... lol!

APK

P.S.=> That's what makes me LAUGH harder than ANYTHING ELSE on this forums (full of "FUD" spreading trolls) - When you hit trolls with facts & truths they CANNOT disprove validly on computing tech based grounds, this is the result - Applying unjustifiable downmods to effetely & vainly *try* to "hide" my posts & facts/truths they extoll!

Hahaha... lol, man: Happens nearly every single time I post such lists (proving how ineffectual these trolls are), only showing how solid my posts of that nature are...

Ah yes "geek angst" @ it's 'finest' (not), vs. facts & truths = downmod by /. weak trolls!

... apk

Failed analogy alert

Finding a single unlocked door is completely different from deliberately going around and testing every single door you find.

Stumbling across a Euro left "on the sidewalk" is nothing like putting on scuba gear and diving into a wishing fountain and taking all the money you find in it.

Why the hell is there such a "It's GOOGLE so it must be OK" bent here?

Re:Failed analogy alert

Good thing you alerted us about your failed analogies. Now, please do educate yourself about WiFi and keep the pumping up for less technically oriented forums.

Re:Failed analogy alert

Good thing you alerted us about your failed analogies. Now, please do educate yourself about WiFi and keep the pumping up for less technically oriented forums.

Let's see: construct lots and lots of devices that record all WiFi packets they pick up. Mount those devices on automobiles and hire drivers to drive them around, hoovering every damn thing they find on the airwaves.

Spend millions and millions of dollars in the process.

Yeah, sounds inadvertent to me. Just like stumbling across a fiver on the sidewalk, or finding one unlocked door.

You're an utter waste of protoplasm, you moronic Google fanboi.

This is the new European tax raising effort

You'll see all the Euro countries continue to extort monies from companies like Google to prop up their failed operating models and those of their businesses. We had France fine Google 100,000 Euros for taking pictures in the street. We had them fine Google, 400,000 Euros for providing a free mapping service. They're going to try to get 1 Billion Euros for tax non-compliance, what a nice round number. Now you have Germany, which has a legal limit on the "fine", with the commissioner wanting more. What private data did they get? The name of an access point, the channel it's operating on, the strength from the street? As they drive past apartment buildings, whose access point is whose? Unless I'm missing something, it is someones choice to connect a wireless access point to their internet connection, enable it/or leave it on, name it, broadcast the name, etc. What is Google "making" from this information? I'd love to see them in a position to tell some of these countries to go F themselves then turn off the service and see what the general population wants.

You FAIL, & here's WHY troll... apk

1.) By placing your hardcoded favorite sites @ the top you're faster than DNS indexing (for starters) & you don't risk local DNS servers setup in recursive mode (which you will have to do for them to update) DNS poisoning redirects, OR, wasting power, cpu cycles, RAM, & other forms of I/O on what a custom hosts file can do in the FASTEST mode of operation possible: Ring 0/RPL 0/kernelmode, via the TCP/IP stack itself (which hosts act merely as a filter for).

---

2.) THIS IS THE STUPIDEST THING YOU DID:

"Under Windows, the situation is the same if you have the local DNS cache server disabled. If the local DNS cache server is enabled, it took almost 2 hours to load the hosts file, during which time all DNS lookups were blocked. Why? Well, the DNS cache isn't designed to holed 645,000 items so after every insert, it rehashes and moves all the previous entries around. That's ~ O(N*N*N) performance." - by Anonymous Coward on Monday April 22, @11:45AM (#43515945)

Clue/New NEWS/NewsFlash:

You HAVE to disable the FAULTY LOCAL DNS CLIENTSIDE CACHE SERVICE IN WINDOWS with larger hosts files - that, in turn, ALLOWS THE LOCAL KERNELMODE DISKCACHING SUBSYSTEM TO CACHE THE HOSTS FILE DATA, for speed!

(Inclusive of what you block AND what you have as favorite sites, which lookup faster LOCALLY than from remote DNS servers, with all of their security issues & faults).

---

3.) As to what is blocked, which IS the majority of what goes into custom hosts for security/protection:

Who CARES about getting to those sites you block FAST (they are the lower part of the hosts file) - you do NOT WANT TO GET TO THEM ANYHOW since they are blocked for good reasons!

(In them being KNOWN bad sites/servers that serve up exploits of many types in malicious scripts OR malwares, etc.).

* YOU FAIL, troll... & you know it.

APK

P.S.=> Funniest part is, under Linux? You DO NOT GET THAT "LAG" YOU DO WITH THE KNOWN FAULTY DNS CLIENTSIDE CACHE SERVICE in Windows (it's the 1 thing I'll give Linux, over Windows, in fact, in favor of Linux)...

... apk

Why were they only capturing the start of frames?

[Branciforte]

The data that was collected consisted of only the beginnings of packets, by an antenna that randomly switched between many different frequencies.

If Google was really trying to collect personal data, why didn't they collect entire packets on all the frequencies? They certainly have the resources to do it right.

It's not I folks: It's Jeremiah Cornelius... apk

THIS is why he's doing it & proof of it, here -> http://interviews.slashdot.org/comments.pl?sid=3585927&cid=43295193 when others pointed out Jeremiah Cornelius forgot to submit one of the "first post spams" masquerading as myself as AC, & mistakenly submitted one of the impersonations of myself as his registered 'luser' name here on /. forums.

Pretty pitiful actually, but like every up to no good idiot does? He screwed up & submitted it under his registered 'luser' name here.

* Jeremiah Cornelius: DO YOURSELF, and the rest of us, A GIANT FAVOR MAN: Seek professional psychiatric help!

(Since Jeremiah Cornelius obviously can't get over the fact he made a spelling error on what it is HE ALLEGEDLY DID FOR A LIVING? That's not MY fault... it's HIS!)

APK

P.S.=> I seriously must have dusted JC (in his mind @ least) for his BAD spelling error & it "got his goat"...

I.E.-> Catching what he claimed to do as a job, for YEARS he left "PENETRATION" (correct) spelled as "PENTRATION" (incorrect) on his resume on LinkedIn & I pointed it out as he & his friends trolled me as usual (webmistressrachel, gmhowell, & crew (probably ALL JC no doubt using alterate emails or TOR to do it as a possible - I've caught "them & theirs" doing it before, ala Barbara, not Barbie = TomHudson (same person))).

So THAT is what has gotten his goat in a technical debate & his "geek angst" could only come up with *trying* to "impersonate me" in every news thread on /. for the month of March 2013 so far!

(Just to attempt to 'discredit me' as a spammer here obviously)

Doing so, by posting that "$10,000 challenge" &/or reposts of my old posts on hosts file value to end users into EVERY SINGLE NEWS ARTICLE POSTED on /. ...

It's all I can think of that *might* cause such a mentally troubled 'reaction' like the Jeremiah Cornelius is doing & there's NO QUESTION he's the one doing this spamming of nearly every posted article masquerading as myself...!

... apk

Jeremiah Cornelius: Grow up

You're embarassing yourself Jeremiah Cornelius http://slashdot.org/comments.pl?sid=3581857&cid=43276741 since you posted that using your registered username by mistake (instead of your usual anonymous coward submissions by the 100's the past 2-3 months now on slashdot) giving away it's you spamming this forums almost constantly, just as you have in the post I just replied to.

Re:Hate to say it, but I kind of like Bing's metho

[drinkypoo]

Hey, some guy driving the car made a mistake going where he/she shouldn't... some private road, some really long driveway that looked like a continuation of the road, etc. It was a mistake by a poor guy that probably got fired / reprimanded for his goof, not some company trying to be evil. Now the whole WiFi thing... meh. Haven't been following up on it.

What I've seen is the groupthink shift from "if the signals are floating through the air it's OK to intercept them while I look for free wifizzz" to "google collecting all this information must be eeeevil!" It's OK if people do it, but not OK if google does it, apparently.

There's some merit to the idea, because google is in a much better position to abuse information. But on the other hand, is your network secure or isn't it?

Here's an Anagram

George Orwell
Google Rewler

Prime example...

...of how laws represent the morale of the masses, not what's right and wrong.

Fines smaller than profits cost of doing business

[Maxo-Texas]

Short of criminal penalties (even a couple days in jail), paying any amount less than the profits is just a cost of doing business.

The fines should be "profits from the illegal activity" plus a reasonable punitive fine on top.

Too much for doing nothing wrong!

[darth_borehd]

It's not like they are hacking into networks--these are *unsecured* wi-fis.

separation of powers

[BBird]

Regulators (and judges) should not complain or make comments about the law, as much as law makers should not comment on how it is applied. If the limit was set (purportedly) low by the law maker, the regulator has to apply it and shut up. If they want to make laws get elected first.