FTC Asked to Probe Street View Privacy Snafu

[HardOCP News]

It looks like the FTC is finally getting involved in that Street View data siphoning case. I’m not sure what took the FTC so long, the UK, Ireland, Germany and others have all demanded Google delete the data.

Two of Google's chief congressional critics on Wednesday called on federal regulators to investigate whether the search company's inadvertent collection of Street View Wi-Fi data violates the law. In a letter to Federal Trade Commission Chairman Jon Leibowitz, they prod the agency to evaluate whether accidental capture of brief snippets of Wi-Fi traffic is an "unfair or deceptive act" that has harmed consumers.

Here’s my question…why should we have to ASK to have that data deleted? If it was truly an accident, why doesn’t Google just delete it instead of making each country make a formal request?

 

[ProphetSix]

Why is the FTC and not the FBI involved? Isn't this more a case of Federal Wiretapping and Computer Trespass laws? (I know, I know, open Wi-Fi. But still...)

 

[Skolar]

I don't think there's any way that Google did this by accident, but I don't what the reason is. I don't know the law on open wifi, but if you have an unsecured WAP you're an idiot...

 

[Skolar]

I don't think there's any way that Google did this by accident, but I don't what the reason is. I don't know the law on open wifi, but if you have an unsecured WAP you're an idiot...

Holy typo... I meant to say that I don't care what the reason is that Google collected packets as they drove by.

 

[Nemesis999]

Here’s my question…why should we have to ASK to have that data deleted? If it was truly an accident, why doesn’t Google just delete it instead of making each country make a formal request?

Destruction of evidence.

 

[Vryce]

Didn't Google already state publicly that they were deleting the info?

 

[jynxycat]

Oh noes, teh public dataz.

 

[BBA]

Didn't Google already state publicly that they were deleting the info?

I think instead they might have stated they are too busy defending themselves against privacy charges filed in Germany than to make any public statements.

 

[PWMK2]

Google is holding off on deleting the data because they don't want to be later charged with destruction of evidence if a criminal case is filed. That's why they are asking the involved governments to give them the go-ahead before they delete the data.

 

[Jospeh]

"Delete the data" aka "backup the data"

 

[pgaster]

I thought that it was considered illegal to use open wifi in some places in the US. To go beyond that and save data is way out of line and should cause Google major problems. Why do large companies get away with things an average person cannot?

 

[Frozen8950]

I thought that it was considered illegal to use open wifi in some places in the US. To go beyond that and save data is way out of line and should cause Google major problems. Why do large companies get away with things an average person cannot?

Because if the average person goes away nobody cares.
If you shut Google down then the world ends.
Big companies are vital to keep the economic money train moving.

 

[jwp27577]

I thought that it was considered illegal to use open wifi in some places in the US. To go beyond that and save data is way out of line and should cause Google major problems. Why do large companies get away with things an average person cannot?

Big companies can easily bribe.. oops, I mean "lobby".. government officials, the average person can't.

 

[Derfman]

Here’s my question…why should we have to ASK to have that data deleted? If it was truly an accident, why doesn’t Google just delete it instead of making each country make a formal request?

My guess... They didn't want to rush to delete it just to have the countries of origin request information / copies of the date, specifically important if a case is brought against Google for this. They don't want to be in the situation of tampering with evidence.

If they are asked to delete it and it is requested later, they have an out.

 

[Ualdayan]

My guess... They didn't want to rush to delete it just to have the countries of origin request information / copies of the date, specifically important if a case is brought against Google for this. They don't want to be in the situation of tampering with evidence.

If they are asked to delete it and it is requested later, they have an out.

Yep, and they aren't waiting for people to ask them, they're asking the governments if they want it deleted, and then immediately deleting it if the government says they want them to.

It was a mistake, they merely wanted the MAC address for their Wifi positioning system that Google Maps uses when it can't get a GPS lock, but the code they were using saved the packet of data carrying the MAC address instead of just the MAC address. We're talking a tiny amount of data that amounts to almost nothing that you've been broadcasting unencrypted to your neighborhood anyway. I'm not really seeing Google as some evil entity out to spy on us and violate our privacy for this. AT&T shipped off data wholesale and got retroactive immunity, and yet our government wants to look into Google accidentally saving one packet of data from the occasional unencrypted wifi access point?

 

[Marlfox]

Realistically, could google have been looking for open local webcams to augment their maps with live feed? I know this sort of thing is being developed for bing and google maps and integrated in to both systems.

Can't think of any legitimate reason google would even WANT to collect packets from random unsecured networks.

 

[Ualdayan]

Can't think of any legitimate reason google would even WANT to collect packets from random unsecured networks.

Every packet contains the MAC address of the origin and destination. The MAC address is unique for every router. They look at the MAC address, plot it on a map (since it is the street view cars doing it). Then when somebody has a device trying to use Google Maps that can't get a GPS lock (maybe they're indoors, device doesn't have GPS, or in a city with tall buildings that block the GPS signal) their maps program can say "Well, he has these 4 routers broadcasting around him -- he's....<looks up database of router locations> here."

They wanted to look at a packet, save the MAC address, and discard the data. Their program had a bug that was saving that entire one packet rather than discarding everything but the MAC address. Really quite useless in terms of spying on people (there's thousands of packets sent a second under heavy usage.)

 

[TexUs]

I think the question they're asking is if it was legal for Google to hop onto a network they did not own (regardless of if it was just sniffing, or collecting) to collect data they damn well knew wasn't theirs. That includes the MAC address.

 

[swiftB3]

Every packet contains the MAC address of the origin and destination. The MAC address is unique for every router. They look at the MAC address, plot it on a map (since it is the street view cars doing it). Then when somebody has a device trying to use Google Maps that can't get a GPS lock (maybe they're indoors, device doesn't have GPS, or in a city with tall buildings that block the GPS signal) their maps program can say "Well, he has these 4 routers broadcasting around him -- he's....<looks up database of router locations> here."

They wanted to look at a packet, save the MAC address, and discard the data. Their program had a bug that was saving that entire one packet rather than discarding everything but the MAC address. Really quite useless in terms of spying on people (there's thousands of packets sent a second under heavy usage.)

This. The vast majority of single packets (all they needed for their purposes) have nothing useful in them. If they were really lucky, they might have gotten a single line of text from an instant message. Still hardly a privacy issue.
Yes, it has to be fixed, but no, there is virtually no threat of Google being able to use this data for anything.