Google – Have They Broken Hacking Laws?
Ed Gluzman already posted an article discussing Google’s confirmation of collecting data from Wi-Fi networks, but I wanted to wait a few days and see how the general feeling about the issue evolved.
I have to say that I am dismayed at the lack of concern over it. The reaction was comparatively massive when Facebook admitted a privacy breach, but Google’s goes fairly unnoticed. Why?
I think it comes down to this. The reaction to a breach in privacy, when it happens to someone else can be:
- No big deal
- Perhaps serving a purpose greater than an individual’s right to privacy, such as wiretapping a suspected terrorist
- Intriguing, when something interesting becomes public
- Maybe even kind of funny
- Or, as Google CEO Eric Schmidt was quoted as saying, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”
BUT – that’s as long as it happens to someone else! The perception with Facebook was it very well could have affected YOU. The perception with Google seems to be that it most likely didn’t affect you the individual. Again, why?
Google streetview cars, via Wikipedia, have covered the US, Canada, Mexico, Australia, New Zealand, Japan almost completely. Much of Europe has been covered, only parts of Asia and Africa, and little of South America.
Does that increase the odds that you were affected?
German authorities questioned Google’s need and motives for collecting WiFi data at all, and Google’s own blog post relayed some of the back and forth between their privacy attorneys and the German authorities. I encourage you to read this carefully. Try to envision a car thief admitting the act, but claiming in court that other people repossessed cars, so therefore stealing cars cannot be a crime. And, the truly critical question from the Germans was not so much the one in which Google says it grabbed any MAC address and SSID from any open WiFi system it came across, but denied any collection or storage of payload data. It was the following question and answer:
But doesn’t this information identify people?
MAC addresses are a simple hardware ID assigned by the manufacturer. And SSIDs are often just the name of the router manufacturer or ISP with numbers and letters added, though some people do also personalize them.
However, we do not collect any information about householders, we cannot identify an individual from the location data Google collects via its Street View cars.
So, if you have the location of a home, the SSID of the WiFi network at the home, the MAC address of any any individual devices on the home’s network and throw in a nice photo – have you violated anyone’s privacy?
SO LONG as you HAVEN’T collected any data from any device from the home’s network (and the photo is PG) – there could be some debate about any privacy violations.
BUT, AS SOON AS YOU TAKE AND STORE ANY DATA, NOT ONLY HAVE YOU VIOLATED THAT INDIVIDUAL’S PRIVACY, YOU HAVE BROKEN MULTIPLE COMPUTER HACKING LAWS.
Google says it was an accident. They accidentally:
- Wrote the code required to sniff an open network for data transmissions
- Stored that code along with the SSID and Mac address of the device doing the transmission
- Stored all of those ’snippits’ of payload data, which CAN be used to identify individuals, for years. Folks, this is a MASSIVE amount of data, even on the Google scale.
- Shared location data with their partners (Google admitted to sharing location data, but denies sharing payload data)
- Never noticed any of this was going on by their people in the cars, their management, in their data warehouses, or higher up in the company
AN ACCIDENT! DON’T BE EVIL!
I’d more easily believe the car thief saying the car accidentally followed him home.
For a nice summary of computer hacking laws, please check out: http://definitions.uslegal.com/c/computer-hacking/.
I personally don’t think there’s any question Google has violated computer hacking laws. The question is who will prosecute and/or sue first:
- USA federal government?
- A USA individual state government?
- I’d bet on the European Union as a whole or an individual European country
IF you are tired of having your privacy violated by Google, and watching them shrug their corporate shoulders, here are 8 alternatives to Google Search from PC Magazine that I strongly urge you to consider.