Police in New Zealand have bounced a complaint about Google's StreetView service back to the country's Privacy Commissioner. The Privacy Commissioner formally referred StreetView's unauthorised collection of Wi-Fi data to the police in June so cops could decide whether a crime had been committed. Police said there was no …
o title where art thou
isn't the plural for for hobbits hobbitses?
Re: o title where art thou
hobbit (plural hobbits)
Public data is public
I don't see how this is massively different to someone going along and stating where all the house numbers and names are on a street and then putting it on a map
Invasion of privacy? Maybe. Crime? Well they might have stolen some bandwidth, but so could everyone else in the area.
Re: Public data is public
It was not their collection of SSIDs, but the capture of wireless traffic which got them into trouble.
In many jurisdictions the interception of private communications is a crime, and, in my opinion, rightfully so.
"In many jurisdictions the interception of private communications is a crime, and, in my opinion, rightfully so."
The key there is "private", which this data wasn't, being on a public WiFi network. Ignorance is no excuse in the eyes of the law, why should it be for network security?
If the owners of these open networks had their network setup properly, all Google would have got would have been meaningless encrypted packets.
Ignorance of defensive measures is no crime
In the UK, intercepting wireless communications without consent is a crime. We use encryption to protect our communications from criminals.
What you're seem to be suggesting is that people who don't encrypt their communications are negligent?
Possibly. But that doesn't mean Google escape criminal liability for exploiting that vulnerability.
In the same way that conventional thieves can't claim an unlocked door justifies their behaviour.
"Possibly. But that doesn't mean Google escape criminal liability for exploiting that vulnerability."
But they haven't exploited any vulnerability. They have simply connected to an access point, and received any data transmitted to them by it. They did not break into the network and forcibly remove the data.
In my eyes, this is no different than you having a phone call to the bank on speaker-phone (be it an exceptionally loud speaker-phone) and me hearing your password as I walk past your house. The fact you don't know I'm listening in is irrelevant. If you don't want me having that information, don't broadcast it (use encryption).
I can't relate this to theft, as nothing has been removed, they haven't port scanned or attempted to access network shares, or even looked about to see if there are network shares.
Re: But they haven't exploited any vulnerability.
How is that even relevant?
Maybe your stuck on the WIFI example, so lets compare this with other real life examples:
It is illegal to intercept telephone calls, encrypted or not. The law doesn't care whether the criminals exploited a vulnerability or not, it's not relevant.
Our emails may pass through the routers of many organizations other than our ISP, some friendly, some not. We literally send emails unencrypted to them through the internet for delivery.
What would you think if the following was a legitimate defense?
"These emails were transmitted to our routers unencrypted. We did not need to exploit any vulnerabilities to read them, therefor we are entitled to read and even copy their contents."
This parallels very closely to what's happening in WIFI.
The wifi packets are directed to a destination which is clearly not the intercepting party, just as the ip packets are.
If you wish the law to allow WIFI interception, on what basis would the law incriminate IP interception and remain consistent?
We've been over this
Leaving your door open does not make it legal for someone to walk inside.
Having an unlocked door does not make theft legal.
Having an unencrypted wireless network is not an invitation to steal data.
And you're still using the wrong analogy
You're shouting out of your open window. They're passing by with a microphone and a recorder, and they're not even stopping to listen to you.
Very different to leaving the door open
Whilst I don't agree with Googles collection of WiFi data . . you comparison about leaving the door open makes no sense. When you use unsecured WiFi you are willfully 'broadcasting' everything to all of those people in range . .
So its more a case of leaving your door open an hurling your belongings in every direction and then complaining that people are looking at them.
Like I said, I don't agree with the way Google has conducted their data slurp . . but if you are incapable of securing your wifi then I would argue that its your own fault . . IMHO I don't see it as a crime at all.
If you have chosen to broadcast your data to everyone in range in an unencrypted fashion. Deal with the consequences.
The convention has been that an unencrypted access point *is* an invitation. It will be a convention that is hard to change. Yes we should have used the convention of putting the word "free" in the SSID or something similar, but we didn't.
You got in before me. darn it
You comparison is wrong...
Problem here is not about just leaving your door open. If you really want to compare unsecured wireless then its more like leaving your front door open then putting the television on the sidewalk hoping no one will take it.
Wireless networks broadcast, throwing your data out there into the spectrum. The only way to not want someone else to read it even though they are able to capture it, is to encrypt it.
Wireless data does not beam in a straight line from your router to your PC. If I can even get some technofobes to encrypt their wireless router then there is no excuse for anyone else in my opinion.
Helicopter, because you never know who is watching.
Re: We've been over this
I agree with other posters analogies are weak. However I'm disappointed that they morally approve wiretapping of unencrypted data.
We need to distinguish between the right to connect, and the right to intercept.
It is reasonable to consider an open access point as an invitation to connect.
However, it would be wrong to legally justify the snooping of information merely because the packets are unencrypted. That would set a terrible precedent legitimizing actions like those of phorm.
Even those who somehow disagree with the privacy issue, still have a copyright issue to deal with. After all, even publicly broadcast works are subject to copyright protection. The ability to copy packets cannot entitle google or anyone else to do so against the wish of the owners.
Cops decide on legal cases in New Zealand?
Since when did cops decide if something was illegal or not? I thought that was the job of the courts. I am sure glad I don't live in a county where the police are the beginning and end of the The Law....oh hang on...
THE JUSTICE SYSTEM DOES NOT WORK THAT WAY!
I dunno about where you live however in NZ, which is based on the UK system, the legislature creates the law, the police are charged with enforcing the laws (AKA deciding who's broken them) and the courts are charged with handing out the punishment for those proven to have broken the law. The NZ police did not find an actionable case, however they've handed the case to the Privacy Commissioner for their specialist investigation into the matter. It's not over yet.
But hang on...
-- But they did say it was a timely reminder for people to switch on their Wi-Fi security in order to stop data being slurped "either inadvertently or for more sinister purposes". --
I thought it had already been found that wireless security does nothing to protect you from StreetViews evil clammy hands?
I don't think wifi data should be considered public, simply because there's no way to constrain it within my 4 walls without using a cable.
The point being, if they snooped on my voice calls that were going to nearby cell tower, that surely isn't public data. Or even if they took a photo of my bank details off a statement I was holding up where it was visible out of my window. It gives them no right to publish or use that information.
Mad, to intercept the call between you and the cell tower would be illegal. The call is encrypted with GSM so the decryption is the illegal part. If your wireless was encrypted and Google captured and decrypted all your data then they 100% deserved to be burn to death.
Same thing for your bank statement. They would have to peer into your windows regardless of where they are. You wireless data is being thrown out the window...
"The call is encrypted with GSM so the decryption is the illegal part."
In New Zealand recording a phone call without at least one of the parties to the conversation knowing it's being recorded is illegal, regardless of whether it is encrypted.
Just because the cops didn't press charges, does not make it legal. It is just not proven to be illegal... Yet...!
Anyone who runs unsecure wireless and expects no issues is like a Titanic passenger with ice water around their ankles hoping for the best.
Can't stop the signal.
I like to stand in the street and enumerate the EM waves as they pass, "That's MY wave, and THAT'S your wave" ...
I can't say that I like Google much but for God's sake, bash 'em for the crimes they DO commit, not casual eavesdropping that anyone with half a brain can do.
Bear in mind
This was not casual eavesdropping by your local pimply faced geek.
This was a systematic and commercial attempt to gather unencrypted communications content data across many countries.
It was no accident, the technology was supposedly even patented by Google.
here is a thought
Before the DMCA Direct TV sued a guy for theft of service . His defense was they are broadcasting the signal in my back yard weather I want it or not . At the time breaking encryption was not illegal . The judge agreed with him .
SO DID THE
So did the nz police take the data from google that was captured so they now have a copy of all hot wi fi spots great. I bet they put that to good use
- Tricked by satire? Get all your news from Facebook? You're in luck, dummy
- Feature TV transport tech, part 1: From server to sofa at the touch of a button
- Google straps on Jetpac: An app to find hipsters, women in foreign cities
- Updated Microsoft Azure goes TITSUP (Total Inability To Support Usual Performance)
- The Return of BSOD: Does ANYONE trust Microsoft patches?