dslreports logo
 story category
FTC Drops Google Street View Wi-Fi Investigation
Satisfied with Google claims that they've reformed procedures

Back in April of this year, Google was busted using their Google Street View cars to collect Wi-Fi data from areas they passed through. Google initially stated they only collected publicly available SSID and MAC Address data -- then later acknowledged that they were collecting snippets of actual transmitted data -- though Google insisted they did so accidentally, and only from unsecured hotspots. Several studies subsequently found that not a whole lot of useful data was collected, given collection vehicles automatically changed channels roughly five times a second -- and also faced physical obstacles and interference.

Click for full size
Given Google CEO Eric Schmidt's love of creepy statements and sometimes-justified paranoia concerning Google power, the company found itself facing inquiries in dozens of countries over the admitted screw up. Here in the States however, the FTC has sent a letter (pdf) to Google attorneys this week saying they're closing their investigation into the matter. The FTC had concerns about Google's obliviousness, but those concerns have apparently faded:
quote:
...we note that Google has recently announced improvements to its internal processes to address some of the concerns raised above, including appointing a director of privacy for engineering and product management; adding core privacy training for key employees; and incorporating a formal privacy review process into the design phases of new initiatives. The company also publicly stated its intention to delete the inadvertently collected payload data as soon as possible.5 Further, Google has made assurances to the FTC that the company has not used and will not use any of the payload data collected in any Google product or service, now or in the future.
Letting things sit isn't too surprising for an FTC that came on watch promising significant new online privacy rules but hasn't moved much in that direction. That said, Google has at least clearly admitted error, deleted the data (which wasn't of much use anyway), and claims to have reformed internal procedures to help prevent further screw ups of this nature.
view:
topics flat nest 

Anon6
@comcast.net

Anon6

Anon

Hmm

I don't believe google deleted the data, but that's just me.

james16
join:2001-02-26

james16

Member

Re: Hmm

said by Anon6 :

I don't believe google deleted the data, but that's just me.
I don't believe you don't believe google deleted the data, but that's just me.

PierJes
join:2001-04-17
Quebec, QC

PierJes to Anon6

Member

to Anon6
said by Anon6 :

I don't believe google deleted the data, but that's just me.
Perhaps they didn't.... but they can't use it.
Otherwise it would be known sooner or later and they'd get in deep trouble.

My way of seeing it.

joako
Premium Member
join:2000-09-07
/dev/null

joako to Anon6

Premium Member

to Anon6
said by Anon6 :

I don't believe google deleted the data, but that's just me.
Who cares? It was information that was transmitted in the open and without encryption. It's not like Google broke into people's houses and installed tracking devices. They had no expectation of privacy.

Instead of blaming Google it should be a wakeup call for people with vulnerable networks.
Crookshanks
join:2008-02-04
Binghamton, NY

Crookshanks

Member

Re: Hmm

You could say the same thing about analog cordless phones but it's a Federal crime to record snippets of that conversation. Google should have known better. A simple filter would have kept them from recording anything besides the SSID and MAC. Surely somewhere there is smart enough to have considered what they'd be capturing without such a filter?

insomniac84
join:2002-01-03
Schererville, IN

insomniac84

Member

Finally some common sense.

Dumping raw unecrypted wifi traffic to a log file is not a crime.

Krisnatharok
PC Builder, Gamer
Premium Member
join:2009-02-11
Earth Orbit

1 edit

Krisnatharok

Premium Member

Re: Finally some common sense.

said by insomniac84:

Dumping raw unecrypted wifi traffic to a log file is not a crime.
If it's a corporation doing it, it is.

/sarcasm

notyet321
@verizon.net

notyet321 to insomniac84

Anon

to insomniac84
I don't know that I'd call it common sense when a govt. agency decides to do nothing much... pretty much par for the course.

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

FFH5 to insomniac84

Premium Member

to insomniac84
The only ones that will pay are probably the programmers & managers involved that let this code get on to the Street View cars. They are probably looking for work elsewhere.
28619103 (banned)
join:2009-03-01
21435

28619103 (banned) to insomniac84

Member

to insomniac84
said by insomniac84:

Dumping raw unecrypted wifi traffic to a log file is not a crime.
That is a good question. How is the law interpreted here?

»www.law.cornell.edu/usco ··· 00-.html

TITLE 18 > PART I > CHAPTER 119 > § 2511
quote:
§ 2511. Interception and disclosure of wire, oral, or electronic communications prohibited

(1) Except as otherwise specifically provided in this chapter any person who—
(a) intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication;

joako
Premium Member
join:2000-09-07
/dev/null

joako

Premium Member

Re: Finally some common sense.

If you keep on reading:
quote:
(g) It shall not be unlawful under this chapter or chapter 121 of this title for any person—
(i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public;
It is not even saying intent. Just the fact that the device is configured, even from the factory, without encryption it is not illegal to intercept.

insomniac84
join:2002-01-03
Schererville, IN

insomniac84 to 28619103

Member

to 28619103
said by 28619103:

said by insomniac84:

Dumping raw unecrypted wifi traffic to a log file is not a crime.
That is a good question. How is the law interpreted here?

»www.law.cornell.edu/usco ··· 00-.html

TITLE 18 > PART I > CHAPTER 119 > § 2511
quote:
§ 2511. Interception and disclosure of wire, oral, or electronic communications prohibited

(1) Except as otherwise specifically provided in this chapter any person who—
(a) intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication;
There is no intention. Every wifi device has no choice but to intercept all wifi traffic in it's range. The radio picks it up no matter what.

Dumping the traffic from ram to a hard drive doesn't change anything.
Kearnstd
Space Elf
Premium Member
join:2002-01-22
Mullica Hill, NJ

Kearnstd to insomniac84

Premium Member

to insomniac84
that law likely does not apply here since they would have to prove intent to intercept the contents of the the communications.

Also does anyone else not wonder why the governments are so worried with what has been sniffed up to wanting to see it? rather than just wanting evidence the data was completely destroyed.

Jim Gurd
Premium Member
join:2000-07-08
Livonia, MI

Jim Gurd

Premium Member

No big deal

Anyone who encrypted their wireless connection has nothing to worry about. That's part of the basic setup and anyone who isn't doing so has much bigger things to worry about than Google.

TuxRaiderPen
A Warm Embrace
join:2009-06-02
Outer Rim

TuxRaiderPen

Member

Re: No big deal

True, however, human nature is to blame somebody else first for one's own incompetence.

Nightfall
My Goal Is To Deny Yours
MVM
join:2001-08-03
Grand Rapids, MI

Nightfall

MVM

Re: No big deal

said by TuxRaiderPen:

True, however, human nature is to blame somebody else first for one's own incompetence.
I have to agree. People are upset when Google drives by and finds wireless connections? Isn't that like google's street view driving by and finding a 3 year old running around the yard naked?

»www.geekologie.com/2010/ ··· stre.php

Or half naked girls sunning themselves?

»googlesightseeing.com/20 ··· et-view/

The point is if your wireless is secure, they aren't going to catch anything. Heck, if you don't roam around outside naked or half naked, you won't get caught with your pants down (no pun intended). Same goes with your wireless point. If you secure it, then there is nothing to see here.
jjeffeory
jjeffeory
join:2002-12-04
Bloomington, IN

jjeffeory

Member

Re: No big deal

Heh, that's two different issues, not related.

Nightfall
My Goal Is To Deny Yours
MVM
join:2001-08-03
Grand Rapids, MI

Nightfall

MVM

Re: No big deal

said by jjeffeory:

Heh, that's two different issues, not related.
It is related if you think about it. What is stopping someone who is wardriving from getting access to an open wireless point? What is stopping someone from driving through your neighborhood and seeing your kid running around naked in the yard? Nothing! If you don't want people to see it or get access to it, then secure it. Its a very simple procedure.

insomniac84
join:2002-01-03
Schererville, IN

insomniac84 to Nightfall

Member

to Nightfall
said by Nightfall:

The point is if your wireless is secure, they aren't going to catch anything.
They do catch it all. They were just dumping raw wifi packets to a log.

Since google does research they datamined things that were not encrypted to see if anything useful could be learned.

But if it is encrypted, the act of breaking the encryption is a crime. Make no mistake, it is easily decrypted. But legally, they can't do it.

Nightfall
My Goal Is To Deny Yours
MVM
join:2001-08-03
Grand Rapids, MI

Nightfall

MVM

Re: No big deal

said by insomniac84:

said by Nightfall:

The point is if your wireless is secure, they aren't going to catch anything.
They do catch it all. They were just dumping raw wifi packets to a log.

Since google does research they datamined things that were not encrypted to see if anything useful could be learned.

But if it is encrypted, the act of breaking the encryption is a crime. Make no mistake, it is easily decrypted. But legally, they can't do it.
Capturing the packets of an encrypted network accomplishes nothing. Especially if you are running WPA2.

insomniac84
join:2002-01-03
Schererville, IN

insomniac84

Member

Re: No big deal

said by Nightfall:

Capturing the packets of an encrypted network accomplishes nothing. Especially if you are running WPA2.
You can still crack it passively. But it is unlikely that you got enough of a sample to do it while driving around.

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

FFH5 to insomniac84

Premium Member

to insomniac84
All Google was looking for was the SSIDs of open WiFi APs to put in to their database of open WiFi for hotspots. The data capture, other than SSIDs was unintentional.
chgo_man99
join:2010-01-01
Sunnyvale, CA

chgo_man99 to Jim Gurd

Member

to Jim Gurd
lol! good point!
Kearnstd
Space Elf
Premium Member
join:2002-01-22
Mullica Hill, NJ

Kearnstd to Jim Gurd

Premium Member

to Jim Gurd
WPA2-AES cannot be cracked*

*With in any reasonable time frame unless data is so important you can devote a petaflop class supercomputer to the cause.
hottboiinnc4
ME
join:2003-10-15
Cleveland, OH

hottboiinnc4

Member

Another Pay Off

Another pay off by a large company. I'd like to know how they claim Google won't do anything with the data in the future. you can't say they deleted all the information they had. Hell everyone knows that the data will NEVER go away unless the hard-drives it was stored on were burned and then shot into the space and back again. Just pushing the "delete" button won't do a damn thing. maybe other countries will put Google in their place and slap them around a bit.
zolcos
join:2010-05-19
Houghton, MI

1 edit

1 recommendation

zolcos

Member

Re: Another Pay Off

said by hottboiinnc4:

Another pay off by a large company. I'd like to know how they claim Google won't do anything with the data in the future.
And what exactly could be done with all these instances of one-fifth of a second of captured wifi data that people were publicly transmitting, where anything important was likely encrypted anyway (if not by wep/wpa then with https?)

ArrayList
DevOps
Premium Member
join:2005-03-19
Mullica Hill, NJ

ArrayList

Premium Member

Re: Another Pay Off

thanks for the shred of common sense.

koam
Pink Pecker
Premium Member
join:2000-08-16
East Puddle

koam

Premium Member

Trust

When you donate over $800,000 to Obama's campaign, they trust your word that you can handle these things internally.

ArrayList
DevOps
Premium Member
join:2005-03-19
Mullica Hill, NJ

ArrayList

Premium Member

Re: Trust

obama had nothing to do with it.

Harddrive
Proud American and Infidel since 1968.
Premium Member
join:2000-09-20
Fort Worth, TX

Harddrive

Premium Member

FTC got a small tap on the shoulder.

"hello, this is the NSA. we are in cahoots with Google over this whole thing. we're putting the data to good use in the fight against terrorism. move along to something else... or else."

toddbs98
join:2000-07-08
North Little Rock, AR

toddbs98

Member

Missing the point.

I think most people are missing the the point here. Its not so terrible that they "accidentally" captured wifi data. But that they lied about it. First they said they didnt capture any data, then only SSID's then finally admitted what they really did. So how is anyone supposed to take their word that the have changed their ways?