Google's WiFi snooping: How bad will this get?

Google's WiFi snooping: How bad will this get?

Summary: This could be the biggest of Google's string of privacy-related screwups. It won't be a Google-killer, but it will make their enterprise products a tougher sell.


Well, to make a long story short, pretty bad.  So many lawsuits are piling up over Google's collection of unencrypted personal WiFi data that the company is now asking that they be combined into one big lawsuit.  And while they continue to claim that they just "made a mistake," it's increasingly clear that they have been intentionally collecting a whole lot of data in those StreetView cars.

All the anti-Google privacy advocates out there are probably thinking, "Well it's about time, Dawson - you've finally come to your senses about Google!" I hate to dash any hopes against the rocks, but I haven't stopped Googling things.  I'm still creating Google Docs left and right.  I still love my Android phone and leave the location features turned on because the personalized local search rocks.  Google Maps still gets me where I'm going, even if Google will know forever where I go.

However, in all of these cases, I knowingly and implicitly consent to Google collecting all sorts of information on me and ultimately monetizing that information.  I know that a lot of users don't fully understand what they authorize Google to do when they use their services, but I do and I'm comfortable with it because the services are useful enough to me to trade a degree of privacy. When Google collected information from wireless routers in people's homes, being too ignorant, naive, or stupid to encrypt their traffic doesn't count as consent.

Next: Click here to find out what really torques my twister about this whole thing »

What gets me the most, though, is the way Google collected these 600GB of personal data. As Ars Technica reports,

Put simply, a program called "gslite" sniffed packets from unprotected WiFi networks as Google's Street View cars rolled down the street, separating out encrypted and unencrypted content. The encrypted data was dumped while the unencrypted data was then written to the car's hard drive.

This isn't a "Woops, sorry, as we took note of your access point location, SSID, and MAC address, we accidentally grabbed just a wee bit of data." This is intentional harvesting of data without consent. I would even argue that their request for a single lawsuit in a northern California district court should be rejected. There shouldn't be an easy out for Google on this one. This actually needs to be a catalyst for a change in corporate culture.

This sort of nonsense, although precisely the sort of thing that any engineer would think was pretty cool to be able to do, makes Google's enterprise products a much tougher sell. How can I really address potential adopters of Google Apps concerned about entrusting student data (in the case of Edu Apps) or corporate data on the Premiere Apps side when Google flouts privacy like this?

I genuinely believe in Google Apps as a platform around which business communication and collaboration can be built cost-effectively and quickly. The Apps work well and are constantly under improvement. A growing ecosystem of third-party applications and an easy, open development platform make Google Apps even more compelling for organizations looking to embrace the cloud. However, blatant disregard for the privacy of ordinary citizens who simply lack the wherewithal to secure and mask their own Internet connections only serves to reinforce the concerns of decision-makers about the cloud and SaaS in general and Google specifically.

At this point, Google either needs to really examine the way it does business or hope that Microsoft does something particularly stupid with their collaborative and hosted offerings. Ideally, they'd choose the former.

Topics: Google, Mobility, Networking, Wi-Fi

Christopher Dawson

About Christopher Dawson

Chris Dawson is a freelance writer, consultant, and policy advocate with 20 years of experience in education, technology, and the intersection of the two.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • I don't suppose

    I TOLD YOU SO! is in order? I hope this hits them where it hurts - Cloud storage and ChromeOS two of the biggest jokes in computing today. If they are collecting user data from streetview cars, I wonder where and when the line is drawn? I somehow doubt they'll stop there. If they are already crawling gmail for keywords to sell you ads, then I doubt they are above crawling your cloud data as well.

    Google is all about collecting user data. Their main business is ad space, NOT software development. It is for this reason alone I consider any and all Google software spyware, and is treated as such.

    I'm glad governments are waking up to GOOG's actions. Their actions as of late have been quite disconcerning and serious.
    The one and only, Cylon Centurion
    • Addenum:


      [i]"How can I really address potential adopters of Google Apps concerned about entrusting student data (in the case of Edu Apps) or corporate data on the Premiere Apps side when Google flaunts privacy like this?"[/i]

      Don't. Personally, I think if you direct someone to willingly throw their security away like that, you are liable.

      I hope Schmidt get what's coming to him, and I hope People look down on Google with more suspicion and disgust than they do Enron or even Microsoft. Their actions make me disgusted, and should not be encouraged in the least bit.

      Do no evil. Nice Trojan horse Google. You had people falling for it, but not anymore.
      The one and only, Cylon Centurion
  • RE: Google's WiFi snooping: How bad will this get?

    How about all the contacts on your contacts list that you sync to Google's cloud, do they also [i]"knowingly and implicitly consent to Google collecting all sorts of information on"[/i] them too?

    Buzz, buzz, buzz.
  • Makes ya wonder

    Makes ya wonder just how many other places they have collected data without permission. Sometimes the cost of free is just too high.
  • need I mention...

    Google was funded by Sequoia Capital, the (OPENLY admitted) CIA 'investment firm.'

    It is part of the "national security" apparatus. Use at your own peril, and that of any progeny you may have, if you want them to inherit a free, open and honest world.
    • Re: need I mention...

      @pgit What makes you think I am going to believe you? For all I know you are a CIA Agent bent on destroying me!!!! Excuse me while I adjust my aluminum foil hat...
      • don't believe me, look it up for yourself

        @carlsonk@... <br><br>Kleiner Perkins = Sequoia, both of which were all the venture capital behind google. That is public info. These funds have a clear agenda:<br><br><a href="" target="_blank" rel="nofollow"><a href="" target="_blank" rel="nofollow"></a></a><br><br>BTW facebook was also funded by K-P, and a former K-P (or Sequoia, can't recall which atm) exec is on the facebook board.<br><br>TIA gone out in the open, because people have proved stupid enough to spew personal info voluntarily.<br><br>I forgive you for being ignorant. But I do not forgive willful stupidity. You didn't bother looking for anything about K-P, Sequoia and the fact that they are openly CIA money, meaning off budget $$$$$$$$$$$$$$$$$$$$$$$$$$ stolen from YOU to develop a command and control grid to control YOU like cattle.<br><br>Go here (link below) and refresh until you see the graphic "cool, or connected?" The graphic provides a bazillion links to all the proof you need.<br><br>Unless you wish to be WILLFULLY ignorant. Then there is no help for you.<br><br><a href="" target="_blank" rel="nofollow"></a>
  • Where's the harm?

    If you have an unencrypted WiFI network that's the same as standing on a street corner and shouting. You have no expectation of privacy under those circumstances, what you say is public.

    Even if it wasn't, how much data could Google acquire by driving down a street?, at most they would have a minute of traffic. That's hardly likely to contain anything that's of interest to Google or anyone else.

    As for a list of open WiFI networks, that's useless information because network status changes constantly. It's also information that's available to anyone standing on the street. If a malicious person want's to access open networks all they have to do is drive around with a smart phone or a laptop, they aren't going to use Google to fine out where those networks are.
    • Where is the harm?


      Google was using packet sniffers to collect data off of unsecured wireless networks. Intentionally. Why would they even need to do that in the first place? Why were they capturing wireless traffic?

      There is alot of harm going on there.
      The one and only, Cylon Centurion
      • RE: Google's WiFi snooping: How bad will this get?

        @NStalnecker <br><br>You need only some very basic understanding of component technology used for software development. Sometimes components are badly documented, and when you use them you may not be aware of all what they do.<br><br>Besides of that - without questionning your hate campaign - it was Google themselves who, once the error was identified, informed the public. There was no smoking gun.
      • RE: Google's WiFi snooping: How bad will this get?


        [i]"Besides of that - without questionning your hate campaign - it was Google themselves who, once the error was identified, informed the public. There was no smoking gun."[/i]

        It was found out only after the German Government inquired.
        The one and only, Cylon Centurion
    • Hold on!, Hold on!

      @bjrosen@... <br>Sorry but the laws in most foreign countries and all in the United States of America would disagree with you. The law says if someone leaves their doors unlocked and you go into their home and take some or all of their property, you committed theft.You can make all the excuses you want but off to jail you go, you go. The same holds true for Google. They committed theft and they should be punished.
      • RE: Google's WiFi snooping: How bad will this get?

        DAs and police try all the time to argue that no warrant is needed for snooping on unencrypted wireless transmission because "it is broadcast and there is no assumption of privacy." Sometimes, the courts agree, and sometimes they don't. That a lot more relevant example than a front door.
      • RE: Google's WiFi snooping: How bad will this get?


        you mean they went into people's homes?

        I haven't heard of that before.
    • Surreptitious Monitoring of Electronic Signals

      @bjrosen@... what Google did is a crime, pure and simple.<br><br>Here's an analogy: Think of a peeping tom. His excuse for intruding into the intimate personal life of an unsuspecting victim is usually something like "well, she left her window open and didn't close the blinds. She WANTED to put on a show. I just watched and wasn't doing any real harm."<br><br>Sound familiar? It should! "Well, they left their Wi-Fi unencrypted and didn't set a password. They WANTED to let others in. We just peeked a little as we drove by..."<br><br>BOTH of those excuses come from sick perverts who need to be held accountable for their actions, and need to be monitored so they don't do it again.<br><br>And if the peeping tom made photos or video (i.e. a record of the event) he would be in more trouble. And if that record became publicly available, even more damage would accrue to the victim. Further, if the perp assembled a list of places with open windows and offered them to other perverts looking to intrude, it might be called a conspiracy.<br><br>So Google, willfully and deliberately, builds a vehicle for wardriving, travels around an area intruding into people's personal networks, and when they find an open one, casually record whatever data they happen to encounter as they drive by.<br><br>"Where's the harm?"<br><br>Wake up. Perverts are perverts. Enterprise crime is a crime. Google has clearly demonstrated both.<br><br>And the victims deserve proper remuneration, including both compensatory AND heavy punitive damages.

      And if the courts DARE to consider a settlement involving "free services" from Google provided to the victims, I hope they'll consider this concept and discard the idea immediately. Imagine having a peeping tom mow the lawn of his victim. It would be an unthinkable insult, no?

      I shiver when I think of it, and pray that someone will have some sense. But time will tell...
      • Spam?

        Whoever called my message "spam" - I hope it never happens to you.
  • RE: Google's WiFi snooping: How bad will this get?

    They took *0.2 sec* of unsecured WiFi data from each place, which obviously cannot contain much valuable and identifiable information. And they claim this data was never accessed too.
    • But why even have it?


      Is the question. If it is just going to sit in storage why even have it? If they never planned to access it, then they shouldn't have been using sniffers in the first frakkin place.
      The one and only, Cylon Centurion
      • Google can byte...

        @NStalnecker parallel port!!! I don't want my data - secured or unsecured, stored or poop-canned, or whatever, to be sucked up and analyzed and pored over and used to send their adsense and nonsense to me! No Thanks!!!

        Oh, and I just busted you as a Battlestar Galactica fan. LOL! "frakking" aye!!! awesome.
        (yes, I know... gmail. oh well.)
      • BSG Fan


        Till the end! :)
        The one and only, Cylon Centurion