Where I think this gets people concerned is the level of recording and subsequent exposure.
That's one thing which annoys me. The level of recording? One or two packets from your network. For most people, this was a netbios broadcast packet, or a half a sentence from a public webpage, or a small blotch of red from a frame of a youtube video. It was a very low level of recording, and it's almost inconceivable that it would have been enough to both identify a person AND contain information that they'd want to keep private. The subsequent exposure? None at all. They deleted it. See? Not as bad as you thought.
Add to that the fact that the packet or two they did collect was also available to anyone within a few hundred feet of your house. And anyone but Google would probably have a lot more context, collect a lot more packets, and do a lot more with the information. So they grabbed packets which you shouldn't have expected to be private, took such a tiny amount that it COULDN'T harm your privacy, and then deleted it.
That may be - but if he got caught, he wouldn't be able to hide behind 'by mistake' or any other excuse.
I don't believe he should have to. We're talking about unencrypted information which people are broadcasting to the public. I don't listen in on the conversation of the couple sitting in front of me on the bus, but at the same time, they don't have an expectation of privacy, and I'm not breaking the law if I DO listen. An open, unencrypted AP is a public network space. Anyone who has an understanding of the technology realises that open APs provide no privacy, and so nobody should expect any. It's like pinning personal letters up on the local library noticeboard and being surprised when people read them. If we react to situations like this by saying "no, people SHOULD have privacy" then we reinforce to the un-tech-savvy that they can turn encryption off and expect privacy. It just isn't true.
Also, do not forget, that you and me may know enough about hardware/software and how to configure our WiFis to be encrypted, password-protected,
At the risk of a car analogy... If I fail to maintain my brakes, they fail on me, and I kill somebody, the law doesn't car that I don't understand car brake systems. The law expects me (to protect myself and others) to either learn, or pay someone to do it. Anyway, when I signed up for my ISP about two years ago, the WAP they sent me came pre-configured with WPA2. The key was printed on the bottom. The days of needing to understand wireless encryption are (partly? mostly? hopefully?) over. The law shouldn't tell people that they can expect privacy when a 12-year-old with free-off-the-net software can see what they're doing.
If you enter someone elses house uninvited, but hey - the door was open - and then leave, while taking some fairly private details (copies of receipts,
A wireless network isn't a home. There are lots of wireless networks which the owners are happy for me to use: they send me to a page where I can buy internet access through them with my credit card. There are some consumer-grade WAPs you can buy which do this out of the box! If there are some out there I'm allowed to use, and some I'm not, how do I tell? By looking at whether it's open or requires a key. If it's open, I assume I'm allowed to use it.
The thing I don't get about google, is how they can claim that it was by accident. Sure, it was by accident, we started some software that would take dumps of data-packets and store them, when all they wanted to do was just take photos.
Google provided an explanation of this on day one. They were mapping public (= no key required) APs. Several other companies do this as well! Unfortunately, the library they were using to do it just stored the whole frame containing the SSID. This meant that sometimes it would contain incidental network traffic.
I think we need to keep fighting the privacy war. I'm all for privacy protections. But if we start building an expectation of privacy in things which clearly don't provide privacy, we make things worse. People don't understand technology, by and large, so if it gets ruled that they had an expectation of privacy in an open wireless network, people will continue to keep their wireless networks open, and privacy will suffer. The real culprits here are the companies which sold WAPs which were pre-configured to broadcast traffic unencrypted to the world.
I sometimes have to rely on public APs for 'net access. I need to be able to trust that the open ones are there for people to use (lots of them will take my credit card through a trustworthy gateway and let me on the net!) I shouldn't be risking getting in trouble for invading people's privacy by using a network which is configured for open access.
The person in the van, suv, car running the visual street capture software would have known of the wifi strength?
How? Do you think Google employees have wifi implants in their brains? The guy in the van probably didn't know half of what it was going.
And yes if you break data privacy laws you get sued.
But if you don't, you don't. And I can't see how this broke any privacy laws.
I'm guessing that you are from America but I might be wrong.
You are. I'm from Australia.
It is different. Whereas the behaviour that you have described is perfectly acceptable in the USA there are laws against this sort of thing in Europe. Some are Europe-wide (http://ec.europa.eu/justice_home/fsj/privacy/law/index_en.htm) and others are national.
People keep pointing me at the privacy law page, but I honestly can't see an invasion of privacy. My analogy is trying to point that out. If you have a public unencrypted wireless network, it's not private. Just like if you're standing on your front lawn. People keep telling me that it's illegal to photograph people without their permission in Germany, but when I try searching, all of the photography resource pages I can find about Germany tell me that it is, in fact, legal to take photos of people in public; just not to publish them without their permission (and even then, only if they're prominent in the photo).
(a) he uses wireless telegraphy apparatus with intent to obtain information as to the contents, sender or addressee of a message (whether sent by means of wireless telegraphy or not) of which neither he nor a person on whose behalf he is acting is an intended recipient, or
If this is intended to apply to wireless networks and collecting unencrypted frames, that makes any use of a wireless network with more than two connected computers illegal. If you see a frame on the network and you collect it, but it wasn't intended for you, you've committed a crime. If you don't collect it, you don't know whether it's for you or not. Fortunately, the law says "with intent to obtain
I'm not confusing anything: I'm making a joke at the expense of anyone who thinks WEP is effective. You can buy key recovery dongles off ebay these days which will get a WEP key in about 15 minutes.
The analogy is way too stretched to think I'm suggesting it's not illegal to break WEP encryption.
Its not googles call to say a network was open and to keep the data because they wanted it.
You're completely right. It's the network owner's call. And when the network owner set it up as a closed network, Google respected that (they could easily have collected that data too and taken it back for decryption: a single home PC is powerful enough to break WEP encryption, I'm sure Google could manage that). When the network owner instead set it up as an open network, Google took a peek. Because, you know. It was set up as open.
These people need to sue the person who sold them a WAP which was set up by default to broadcast unencrypted to the public.
Ok, why is this stupid? Because the entire world has grown up to understand the idea that there is a difference between doing something and doing something a lot.
There is a difference between peeking in a magazine and reading it at the store. There is a difference between listening to music and listening to music at 100dbls in a party. There is a difference between walking around naked in your house and doing so in your glass house. There is a difference between selling your old computer in your garage and turning your garage into a used hardware store. There is a difference between selling your 2 tickets to a concert you won't attend and selling your 100 tickets to the same concert. In fact the whole RIAA has successfully sold (or rather bought) the idea that it is not the same to share a movie with your friend than sharing it with your other hundred thousand friends.
There is a difference between buying a t-shirt and buying 10,000 t-shirts. There is a difference between running 1km and running 100km. That doesn't make buying 10,000 t-shirts or running 100km illegal. I get that there are differences. But in general, if doing something once is legal, doing it lots is also legal. You need specific laws (noise control, scalping, and so on) to make lots of something illegal when a little bit is okay.
And yet you are unable to understand that there is a difference between broadcasting SSID and MAC addresses to let your equipment interoperate inside your home and volunteering them to a global geolocating database of the entire Internet!
A number of companies have done this before Google, and they're not in trouble. There's an iPhone app.
And yet you are unable to understand that there is a difference to let your neighbors see your face and having an omnipresent and omniscient entity mapping and logging every detail about you!
Hardly every detail about me. Actually, pretty much nothing about me (in this instance). I opted out by turning encryption on. People should be suing the companies that sold them WAPs with encryption off by default and didn't explain to them that they were broadcasting their traffic to the public by using it. Even if my encryption was off, one or two frames of network traffic is far from "every detail about [me]". I think you're panic mongering.
Google is abusing both people's thrust in their neighborhood --who could have known that Google is watching you everywhere?-- and their ignorance. Is it ok to take something from someone just because they didn't knew they had it?
Google basically played "easier to ask forgiveness than ask permission". Are you really so incapable to realize the difference between an individual and a corporation?
Google is not watching you everywhere. Panic monger. Google is driving around taking photos (this shouldn't really surprise anyone) and collecting information about public networks. Not much information, by the way - a little more than they intended to, but when they discovered that they stopped it, and disclosed. I just don't get the big deal. They didn't collect anything that any member of the public couldn't. When they realised they had more than they'd planned to collect, they disclosed and started deleting.
No matter how juicy the invitation? So you're saying that a girl wearing trashy clothes is a juicy invitation to rape? I disagree.
An open WAP, however, is an invitation: in fact, anyone walking past with a Windows laptop with the wrong box ticked in the network settings will automatically connect and start using the network! ipods did this by default when they first came out! The comparison to rape is not valid. Pretty much everyone accepts that rape is a crime. Lots of people don't accept that what Google did was a crime. Further, rape pretty much implies intent. Google has a very plausible explanation showing they didn't intend to do it.
"Your mother was a hamster, and your father smelt of elderberrys!" -- Monty Python and the Holy Grail
