Ed Gluzman already posted an article discussing Google’s confirmation of collecting data from Wi-Fi networks, but I wanted to wait a few days and see how the general feeling about the issue evolved.

I have to say that I am dismayed at the lack of concern over it.  The reaction was comparatively massive when Facebook admitted a privacy breach, but Google’s goes fairly unnoticed.  Why?

I think it comes down to this.  The reaction to a breach in privacy, when it happens to someone else can be:

  • No big deal
  • Perhaps serving a purpose greater than an individual’s right to privacy, such as wiretapping a suspected terrorist
  • Intriguing, when something interesting becomes public
  • Maybe even kind of funny
  • Or, as Google CEO Eric Schmidt was quoted as saying, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”

BUT – that’s as long as it happens to someone else!  The perception with Facebook was it very well could have affected YOU.  The perception with Google seems to be that it most likely didn’t affect you the individual.  Again, why?

Google streetview cars, via Wikipedia, have covered the US, Canada, Mexico, Australia, New Zealand, Japan almost completely.  Much of Europe has been covered, only parts of Asia and Africa, and little of South America.

Does that increase the odds that you were affected?

German authorities questioned Google’s need and motives for collecting WiFi data at all, and Google’s own blog post relayed some of the back and forth between their privacy attorneys and the German authorities.  I encourage you to read this carefully.  Try to envision a car thief admitting the act, but claiming in court that other people repossessed cars, so therefore stealing cars cannot be a crime.  And, the truly critical question from the Germans was not so much the one in which Google says it grabbed any MAC address and SSID from any open WiFi system it came across, but denied any collection or storage of payload data.  It was the following question and answer:

But doesn’t this information identify people?
MAC addresses are a simple hardware ID assigned by the manufacturer. And SSIDs are often just the name of the router manufacturer or ISP with numbers and letters added, though some people do also personalize them.

However, we do not collect any information about householders, we cannot identify an individual from the location data Google collects via its Street View cars.

So, if you have the location of a home, the SSID of the WiFi network at the home, the MAC address of any any individual devices on the home’s network and throw in a nice photo – have you violated anyone’s privacy?

SO LONG as you HAVEN’T collected any data from any device from the home’s network (and the photo is PG) – there could be some debate about any privacy violations.

BUT, AS SOON AS YOU TAKE AND STORE ANY DATA, NOT ONLY HAVE YOU VIOLATED THAT INDIVIDUAL’S PRIVACY, YOU HAVE BROKEN MULTIPLE COMPUTER HACKING LAWS.

Google says it was an accident.  They accidentally:

  • Wrote the code required to sniff an open network for data transmissions
  • Stored that code along with the SSID and Mac address of the device doing the transmission
  • Stored all of those ’snippits’ of payload data, which CAN be used to identify individuals, for years.  Folks, this is a MASSIVE amount of data, even on the Google scale.
  • Shared location data with their partners (Google admitted to sharing location data, but denies sharing payload data)
  • Never noticed any of this was going on by their people in the cars, their management, in their data warehouses, or higher up in the company

AN ACCIDENT!    DON’T BE EVIL!

I’d more easily believe the car thief saying the car accidentally followed him home.

For a nice summary of computer hacking laws, please check out:  http://definitions.uslegal.com/c/computer-hacking/.

I personally don’t think there’s any question Google has violated computer hacking laws.  The question is who will prosecute and/or sue first:

  • USA federal government?
  • A USA individual state government?
  • I’d bet on the European Union as a whole or an individual European country

IF you are tired of having your privacy violated by Google, and watching them shrug their corporate shoulders, here are 8 alternatives to Google Search from PC Magazine that I strongly urge you to consider.

11 Responses to “Google – Have They Broken Hacking Laws?”

  1. KM says:

    Thanks for the alternatives article; I will definitely take a look.

  2. GG says:

    Great article. Thanks for raising awareness and educating on alternatives.

  3. Kathryn Cantrell says:

    yes they make it easy and won’t help. I had to get an google acct. for my droid. They (verizon) picked out the name for me. katie.can.kc@gmail.com. I set it up knew nothing about google and used my e-mail on my cell not very much. Pretty soon I find I have a dashboard,google talk,digg,nothing I signed up for plus my picture taken from facebook and Nasty,Nasty stuff on it. I can’t get google to help me at all. they won’t close it or sms me so I can get in to close or have tuffer computer ware to keep intruders out, the thing is I know it’s my husband, pretending to be me. I caught him. He won’t admitt it but it’s him google talking and looking at girls and guys stuff I wouldn’t show online. Do you know anything I can do? Isn’t it illegal to steal an account and use it as someone else? Any help would be appreciated as I’ve only gotten voice-mail from them. Sincerely Kathyn Cantrlell

  4. Excabus says:

    Your trying to hard to look at this in a bad light. It is… a little bit eeky that they will gather all this info and store it, BUT, it’s not illegal, or atleast, never prosecuted.

    iPhone’s are great, they keep track of ALL of the wireless networks (their SSID and MAC) along with the GPS coordinate at which it was first seen. It stores all of this on the user’s phone.

    Does this mean the user is breaking “hacking” laws? Alot of statutes read “…the INTENTIONAL…” doing of this or that. So, you can argue you didn’t know. Whatever :P

    My question is, where did you come up with this? “BUT, AS SOON AS YOU TAKE AND STORE ANY DATA, NOT ONLY HAVE YOU VIOLATED THAT INDIVIDUAL’S PRIVACY, YOU HAVE BROKEN MULTIPLE COMPUTER HACKING LAWS.”

    What statutes, what country, hrm? Hacking statutes in the US vary state by state. Plus other countries may be completely different. Christ, in Holland you are ALLOWED to crack Wifi networks.

    An understanding of the technology and what data they are collecting will help to better appropriate a reasonable understanding of what Google actually has collected. To be completely honest, the fact google is taking pictures of homes and databasing them with street view is 1000x more threatening and creepy than them having your SSID. An SSID is just an indentifier to your wireless network. If it was supposed to be something that could be seen, etc etc, Wifi technology would of never of been created as such.

    Plus you should look up a few sites that are repositories for wardriving data. These are people that purposefully do what google did “accidentally” and post it all to a website for mapping by plot on a big map.

    Scare tactics. Quit them.

    • Really?
      Your arguments are:
      1) Google hasn’t broken the law, and even if they did, it’s a law that’s never prosecuted. They have been prosecuted in multiple states in the US and countries around the world
      2) Apple does something similar with the iPhone storing users’ locations. Is this the ‘hey, everyone is doing it.’ argument? Even if Apple were driving around, hacking into networks and stealing and storing data from the computers on the network like Google has been, that would not make Google’s actions legal.
      3) Holland allows you to crack WiFi networks. Perhaps they don’t have a statute prohibiting such an act in Holland, but I seriously doubt that hacking is promoted there. And, assuming for a moment that you are right, how does that matter in other parts of the world where it is expressly prohibited?
      4) Other sites are repositories for wardriving data. This seems to be another attempt to say that if someone else is committing a crime that it somehow makes it not a crime. I don’t understand this lack of logic at all (quite glad I don’t).

  5. A Reader says:

    The data is harmless, it cannot identify anyone unless they decided it was a great idea to put their private details as their SSID and broadcast it to anyone who wants it – anyone can easily disable their SSID broadcast. The laws forced Google to admit “fault”, but the data is both harmless and publically available. The writer clearly has some bias or works for Apple or something… the end half of this article was insulting.

    • I’m not sure how you can know the data was harmless. They were able to get actual personal data off of the hard drives of systems on the networks they hacked into. That data could have included anything. Was it unwise for these networks to be left insecure? You bet. But, that hardly makes it OK for an individual or a company to take advantage of the situation.

      • A Reader says:

        It’s equivalent to leaving your car unlocked and then complaining because someone may have only looked inside. Without proof that Google has done anything wrong with the data, regardless of whether accidentally taken or not, there are far more important things to get annoyed about.

        I am not trying to make it out that what they did was OK, but at least these people have been warned. They might think twice before leaving their network open to anyone within range and to access an unsecured network barely even counts as hacking.

        • Why would they go through all the effort and expense to take this data if they had no intention of using it? And, to continue to allow for the possibility that it was accidental is ludicrous. But, as you say, at least they have done a service to the world by warning people about unsecured networks. Really? How kind of them.

  6. Blake Embrey says:

    Okay, I actually stumbled upon this site while researching for my Legal essay, but I have to tell Vince Vizzaccaro that he has absolutely no idea about hacking, let alone computers. All Google did and has done was collect SSIDs and the HWID, which is available for anyone in the world to access. You do realise most devices in the world automatically scan for available Wi-Fi networks and cache the data for quicker access. This data includes SSIDs and HWIDs.

    It is not illegal to do it at all. It has been blown out of proportion by the media and people like you. Those who listen to the media’s every world is no better than the media themselves. Do a bit of research, please, and you’ll realise even your iPhone automatically scans for networks and caches the data.

Leave a Reply to Vince Vizzaccaro

(required)

(required)

© 2011 SearchTerms.com