dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3228
share rss forum feed


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3

Google accused of criminal intent over StreetView data

quote:
Google is "almost certain" to face prosecution for collecting data from unsecured wi-fi networks, according to Privacy International (PI).

The search giant has been under scrutiny for collecting wi-fi data as part of its StreetView project.

Google has released an independent audit of the rogue code, which it has claimed was included in the StreetView software by mistake.

But PI is convinced the audit proves "criminal intent".

"The independent audit of the Google system shows that the system used for the wi-fi collection intentionally separated out unencrypted content (payload data) of communications and systematically wrote this data to hard drives. This is equivalent to placing a hard tap and a digital recorder onto a phone wire without consent or authorisation," said PI in a statement.

This would put Google at odds with the interception laws of the 30 countries that the system was used in, it added.
Ever had that feel that technology companies are going to start avoiding Europe?

»news.bbc.co.uk/2/hi/technology/10278068.stm

Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool

OZO
Premium
join:2003-01-17
kudos:2

Did they collect the unencrypted data from cell phone towers, while conducting the StreetView too? Accidentally, of cause...
--
Keep it simple, it'll become complex by itself...



ashrc4
Premium
join:2009-02-06
australia

1 recommendation

reply to Link Logger

Google was talking of firing the employee that wrote the code.
Google said the code was never ment for anything.
Now google says code was commisioned as part of research/experimental code/project.
Yet they claim a mix-up in it's inclusion with street view (world wide inclusion)
And now they are aware that it seperates specific data worth collecting...hmmm

Iwonder what the story will be next week.?
--
Paradigm Shift beta test pilot. So far nothing to report.
Now is the not right time to stop folding.



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
reply to Link Logger

• Related
»Top cops worldwide grill Google over Wi-Fi snoop



Jahntassa
What, I can have feathers
Premium
join:2006-04-14
Conway, SC
kudos:4
reply to Link Logger

said by Link Logger:

This is equivalent to placing a hard tap and a digital recorder onto a phone wire without consent or authorisation," said PI in a statement.
Is it really? I could be wrong, but I don't recall Wi-Fi networks being included in Federal Wiretap laws.

I still proclaim that if you're going to keep your wireless network unsecured, that you have no expectation of privacy. Now, if it was even WEP secured, that'd be one thing. Even though it can be cracked nearly instantly, there's still an expectation of privacy there.


ashrc4
Premium
join:2009-02-06
australia

1 edit

1 recommendation

said by Jahntassa:

said by Link Logger:

This is equivalent to placing a hard tap and a digital recorder onto a phone wire without consent or authorisation," said PI in a statement.
Is it really? I could be wrong, but I don't recall Wi-Fi networks being included in Federal Wiretap laws.

I still proclaim that if you're going to keep your wireless network unsecured, that you have no expectation of privacy. Now, if it was even WEP secured, that'd be one thing. Even though it can be cracked nearly instantly, there's still an expectation of privacy there.
It is and always has been illegal to gather information or traffic from someone's network. Google or anyone else for that matter should be fully aware of this.
"It serves them right" for being password free is not an excuse i would recommend google try an use.
--
Paradigm Shift beta test pilot. So far nothing to report.
Now is the not right time to stop folding.


Jahntassa
What, I can have feathers
Premium
join:2006-04-14
Conway, SC
kudos:4

Well, to cite the US legal code (if this reference is correct: »www.law.cornell.edu/uscode/html/···00-.html), it would appear you are correct.

intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication;
I suppose under the guise of 'electronic communication'. In which case, yes, Google did violate federal wiretap laws. While i'm sure stiff punishment will occur, I have a feeling a lot will hinge on the claim that it was unintentional and unrealized until this whole mess started.

Regardless, just because the wiretap laws make interception of signals (unencrypted or otherwise), illegal, doesn't mean it's a good idea to run wireless networks unencrypted.


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3

1 recommendation

reply to ashrc4

said by ashrc4:

Google was talking of firing the employee that wrote the code.
Google said the code was never ment for anything.
Now google says code was commisioned as part of research/experimental code/project.
Yet they claim a mix-up in it's inclusion with street view (world wide inclusion)
And now they are aware that it seperates specific data worth collecting...hmmm

Iwonder what the story will be next week.?
I'm wondering how much data space this 'data' would take and would someone notice it and ask where the heck it was coming from and why? Or is it a case of 'as long as its showing up we just take a little peak at it until someone says something'? What was Google used to say about your privacy?

Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool


ashrc4
Premium
join:2009-02-06
australia

1 recommendation

reply to Link Logger

»www.theage.com.au/technology/tec···ostart=1

"The independent audit of the Google system shows that the system used for the Wi-Fi collection intentionally separated out unencrypted content (payload data) of communications and systematically wrote this data to hard drives. This is equivalent to placing a hard tap and a digital recorder onto a phone wire without consent or authorisation," it said.

The organisation claimed the data collection went well beyond the "mistake" that has been cited by Google.

It said communications law of most countries permitted the interception and recording of content of communications only when a police or judicial warrant was issued.

"All other interception is deemed unlawful," it said."
--
Paradigm Shift beta test pilot. So far nothing to report.
Now is the not right time to stop folding.



AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1

notice that the source is a UK news site.
--
standard disclaimers apply.



AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1

1 recommendation

reply to Jahntassa

said by Jahntassa:

Well, to cite the US legal code (if this reference is correct: »www.law.cornell.edu/uscode/html/···00-.html), it would appear you are correct.

intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication;
I suppose under the guise of 'electronic communication'. In which case, yes, Google did violate federal wiretap laws. While i'm sure stiff punishment will occur, I have a feeling a lot will hinge on the claim that it was unintentional and unrealized until this whole mess started.

Regardless, just because the wiretap laws make interception of signals (unencrypted or otherwise), illegal, doesn't mean it's a good idea to run wireless networks unencrypted.
quote:
(g) It shall not be unlawful under this chapter or chapter 121 of this title for any person—
(i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public;
open APs exempt.
--
standard disclaimers apply.


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3
reply to AVD

said by AVD:

notice that the source is a UK news site.
And for interest what difference would that make?

Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Clearwire Wireless
·Time Warner Cable
reply to Jahntassa

said by Jahntassa:

... I have a feeling a lot will hinge on the claim that it was unintentional and unrealized until this whole mess started.
Yup, that's the difference between doing something that's illegal & doing something with criminal intent.
There's a world of difference between them.


cowboyro
Premium
join:2000-10-11
Shelton, CT
Reviews:
·AT&T U-Verse
reply to OZO

said by OZO:

Did they collect the unencrypted data from cell phone towers, while conducting the StreetView too? Accidentally, of cause...
Cellular data is encrypted.


Jahntassa
What, I can have feathers
Premium
join:2006-04-14
Conway, SC
kudos:4
reply to AVD

said by AVD:

quote:
(g) It shall not be unlawful under this chapter or chapter 121 of this title for any person—
(i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public;
open APs exempt.
Good catch. Goes to show how much legalize I can read before blanking out.

lorennerol
Premium
join:2003-10-29
Seattle, WA
reply to Link Logger

Do no evil??



Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3

said by lorennerol:

Do no evil??
That was it, has the definition of 'evil' been changed lately as I might have missed that memo?

Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool

lorennerol
Premium
join:2003-10-29
Seattle, WA

said by Link Logger:

said by lorennerol:

Do no evil??
That was it, has the definition of 'evil' been changed lately as I might have missed that memo?

Blake
Sometimes they act, as a company, like some pubescent script-kiddie. "Hey, wouldn't it be cool to collect some WiFi data while we're driving around with the mapping trucks? Oh sweet dude, war-driving on a mass scale. Hells yes, let's do it!"

I don't think they actually intend to be evil, they just sometimes seem remarkably stupid for such bright people.


Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
kudos:4
reply to Link Logger

Google Wi-Fi Data Capture Unethical, But Not Illegal

PC World | June 12

quote:
Google is under global scrutiny for its "accidental" gathering of wi-fi data while driving about photographing the world with its Street View camera cars. In the court of public opinion Google's actions cross ethical boundaries, but whether or not the activities were illegal depends on the laws in place for the given jurisdiction. Businesses in the United States should understand that the interception of publicly available data traversing the airwaves is probably not illegal.

Granted, "probably" is not a very legally precise term, but the reality is that publicly-available wireless networks fall into a legal gray area that isn't defined very well. Google didn't "steal" anything, or even violate any expectation of privacy per se. All Google did was intercept airwaves that were trespassing in its vehicles.

The lesson for businesses and IT administrators is that you have to put forth some effort to at least give the appearance that you intend for the information to be private in order for there to be any inherent expectation of privacy. The burden should not be on Google, or the general public to have to determine whether the data you let freely fly about unencrypted is meant to be shared or is intended for a specific audience.

Some will equate Google's actions to someone taking property from a business with an unlocked door. The comparison is not apples to apples, though. If a business has an unlocked, or even a wide open door, passersby still know that entering it would be trespassing, and that taking property from inside would be stealing.

However, in Google's case, it is more like the business took its property and set it out in the middle of the street. In fact, it might not even be in front of the business, or even on the same street--since the wi-fi signal from the wireless router is broadcast for a respectable distance in all directions. If someone were walking down the street and found a laptop, or a copy machine in the middle of the street, taking it would be neither trespassing, nor stealing--just serendipitous.

Google did not "access" the open networks. It simply intercepted the unencrypted data that businesses and individuals beamed through the air willy-nilly. The data was left in the middle of the street so to speak, and Google gathered it as it drove through collecting photograps.
»www.networkworld.com/news/2010/0···cal.html
--
Smokey's Security Forums »www.smokey-services.eu/forums/
Smokey's Security Weblog »smokeys.wordpress.com/
*OTL Log Analysis - The Only Way To Combat Fast Evolving Malware*


ashrc4
Premium
join:2009-02-06
australia
reply to Link Logger

Received, filtered and stored. Intent would be in displayed in these actions.
Most of what has been said so far is assumption on or for Googles behalf.
Something a bit more solid would be good.
--
Paradigm Shift beta test pilot. So far nothing to report.
Now is the not right time to stop folding.



Blue2
Premium
join:2004-04-14
France
kudos:1

1 edit
reply to Jahntassa

said by Jahntassa:

I still proclaim that if you're going to keep your wireless network unsecured, that you have no expectation of privacy.

While I'd proclaim that:

Many don't know that their wireless network is unsecured. And many wouldn't have a clue how to secure it, particulary if their ISP leads them to believe that they're "good to go".

I believe that there have been several cases where parking a in front of someone''s house so you could access their unsecured network has been a violation of state/local law.

In any case, a company like Google will be expected to know better. They are going to have a hard time convincing European authorities, which like to clamp down on American companies profiting in Europe without giving much back in return. The EU did it to MS, the French government has taken steps to thwart Google's book scanning plans, etc.

Google is just too visible a target to keep changing their explanations to European authorities about how, what and why data was collected, and think that they aren't going to be hit with a hefty fine.


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1

said by Blue2:

I believe that there have been several cases where parking a in front of someone''s house so you could access their unsecured network has been a violation of state/local law.
That was for accessing the underlying network, not monitoring the wireless traffic . There is a big distinction between the two.
--
standard disclaimers apply.


Lagz
Premium
join:2000-09-03
The Rock

1 edit

said by AVD:

said by Blue2:

I believe that there have been several cases where parking a in front of someone''s house so you could access their unsecured network has been a violation of state/local law.
That was for accessing the underlying network, not monitoring the wireless traffic . There is a big distinction between the two.
»news.bbc.co.uk/2/hi/uk_news/maga···0304.stm

My thoughts are similar to the following...

"If the wireless owner has not asked for nor expects a payment for use of their broadband and you have not broken into the system but have connected through normal means then I cannot see how you have either "dishonestly" obtained a service nor avoided any payment. Securing your wireless network is clearly recommended in the instructions so I see no reason not to imply that an open network is open for public use. If you don't want people to use your connection, ...

I have not asked, nor do I particularly want to be irradiated by the wireless networks from my neighbors - I can pick up about a dozen. If it enters my house, I should be able to do with it what I want."
--
To talk much and arrive nowhere is the same as climbing a tree to catch a fish.


Blue2
Premium
join:2004-04-14
France
kudos:1
reply to AVD

said by AVD:

That was for accessing the underlying network, not monitoring the wireless traffic . There is a big distinction between the two.
That distinction is a moot point. The issue will be how the EU interprets data laws, and if they want to fine Google, they'll interpet the law accordingly as there are few laws that have caught up with these issues.


AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1

lets be consistent, we talking about the US or Europe here?
--
standard disclaimers apply.



Blue2
Premium
join:2004-04-14
France
kudos:1

said by AVD:

lets be consistent, we talking about the US or Europe here?
Let's stop the "I'm in the US, and nothing else counts" attitude. As the internet is ubiquitous, the US is just one country of many where Google is present.

Pehaps you haven't been reading lately. Google has been brought up in Europe, Australia and elsewhere on violations of THEIR privacy laws. (And I suspect in many countries it will be targeted because it is an American country that profits without giving back in kind.)

As the initial post stated "This would put Google at odds with the interception laws of the 30 countries that the system was used in" and LinkLogger concluded, "Ever had that feel that technology companies are going to start avoiding Europe?"


Lagz
Premium
join:2000-09-03
The Rock

said by Blue2:

and LinkLogger concluded, "Ever had that feel that technology companies are going to start avoiding Europe?"
I think this is highly likely to be the case eventually. The EU or its former individual countries didn't have a dark age for nothing.
--
To talk much and arrive nowhere is the same as climbing a tree to catch a fish.


Blue2
Premium
join:2004-04-14
France
kudos:1

said by Lagz:

The EU or its former individual countries didn't have a dark age for nothing.
Right, and about 100 years after that the US displayed its enlightenment and showed what it learned in those 100 years by burning witches in Salem (good 'ol liberal) Massachusetts.

So now that we've dispensed with the historical analogies, we can focus on why would google be exempt from European privacy laws.

Mind you, Europe isn't ahead of the US in most regards (and no doubt doesn't like American companies treading on its turf), but perhaps the US should pay more attention to Europe's privacy and data controls, which were put in place well before WWW was a gleam in Tim Berners-Lee's eyes.


Blue2
Premium
join:2004-04-14
France
kudos:1
reply to Link Logger

From those wonderful folks who brought you the Stasi, how ironic..

German Regulators Welcome Street Panorama Privacy Law Draft »news.yahoo.com/s/pcworld/2010062···15121710

"Google is in hot water in Hamburg over the recording of unencrypted Wi-Fi traffic by the cars taking photos for Street View. The data recording was an accident, Google told the Hamburg regulator -- and privacy regulators in France, Spain and Italy, who are also investigating the case."

So Google's being a succceful American company will not exempt them from European regulations or prevent regulators from passing stricter laws to protect their citizens. So when a Chinese or German company starts snooping on wi-fi traffic in the US, we're all going to stand up and clap, right?



AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1

If that's what you want to do, fine. I'm going to change my WPA-AES password and move on with my life.
--
standard disclaimers apply.