back to article Google to ICO: We had no idea Street View data slurp was happening

Google has denied that it tried to cover up certain aspects of its Street View data slurp as the UK Information Commissioner's Office reopens its investigation into the incident. The ICO recently cracked open its cold case files on the Street View cars' sniffing of data from unsecured Wi-Fi networks. This was a result of the …

COMMENTS

This topic is closed for new posts.
  1. James Micallef Silver badge
    FAIL

    Destroying evidence

    Asking Google to destroy the data was a major mistake, it's basically destroying evidence. That this was requested by the office that would probably be responsible for a prosecution against Google is quite troubling. Does the regulator have a clue?

  2. ukgnome

    I still think that people that leave their wifi open are asking for trouble - in all likelihood the cars were looking for BT openzone and the like.

    I think it would be too much hassle adding all the ssid names to the data slurper due to the vast number. Much easier to slurp all unprotected ssid so that you can build a hotspot map that includes all providers. At least that way you won't run into a legal entanglement when you miss off a provider.

    1. Daf L

      Data Capture

      It still wouldn't account for why they actually captured and recorded data that was being sent by any users of the WiFi access point.

      In reality nothing that was too confidential would have been captured and the capture so brief as to not provide anything meaningful. Which makes it all the more bizarre that it was captured in the first place. I can only think that there was an excitable young engineer who was adding more and more features to the smart bit of coding he had done and went a bit over spec.

      The idea that it was a pre-meditated idea and a feature requested seems far fetched due to the extremely limited use of the data and the risks involved.

    2. Antony Riley
      Facepalm

      The cars were looking for wifi networks of any type (encrypted included), mostly to build a database for agps.

      The issue is that instead of just writing packet headers to the hard drive on the streetview cars, they wrote out entire packets, which in the case of unencrypted networks included private data.

      My personal feeling is that if you transmit unencrypted data on a public channel then it's your own bloody fault, and frankly google grabbing your private data and not using it for anything is the least of your worries.

      Still, the whole thing is entertaining to read about, not least for highlighting quite how clueless the people responsible for policing this stuff are.

      1. M Gale

        "google grabbing your private data and not using it for anything is the least of your worries"

        Exactly this.

        Seriously, people worried about Google while they're broadcasting everything in plaintext? Are they fucking mental, or just looking for a scapegoat?

        Wardriving should not ever be a criminal offense. Not securing your network then calling the waahmbulance because somebody listened in to your porn surfing damned well should be.

        1. Anonymous Coward
          Anonymous Coward

          @M Gale

          So you wouldn't mind if Google drove around with an array of directional microphones recording everyone's conversations?

          It would be your damn fault for not whispering.

          1. M Gale

            Re: @M Gale

            Why yes, if I was broadcasting stuff on CB channel 19 and Google recorded it, I would only have myself to blame.

            As for directional microphones, how do you think investigative journalists work?

            1. Anonymous Coward
              Anonymous Coward

              "how do you think investigative journalists work?"

              Given recent news, not sure if investigative journalists are the best example to make your point http://www.theregister.co.uk/2012/04/18/phone_hack_cps_mulls_over_11_suspects/.

          2. Tim Brown 1
            Pint

            Re: @M Gale

            The analogy of someone using a directional microphone is a particularly bad one. It implies an effort to target you specifically.

            If you want an analogy, how about you standing on your front doorstep and having a shouting row with your other half and then complaining that your neighbours overheard you.

            1. Anonymous Coward
              Anonymous Coward

              @Tim Brown

              I said an array of microphones. Just like the Streetview cars have an array of Wifi antennas.

          3. Fingerless Pyro
            WTF?

            Re: @M Gale

            Well, just to toss a couple of SWAGs out there, if the car is going 30 miles an hour, and your microphone array has, say 100 foot range, that means the car records about a 4 second snippet of your oh-so-important conversation.

            If you routinely make four second statements that, as a complete standalone entity even make sense, let alone divulge anything 'private', then you need to spend less time on Twitter.

            Besides, you just *know* that 90% of the audio recorded is going to be: "Hey, is that one of those Google Cars? Quick, yell something dirty!"

    3. Wayland Sothcott 1
      Coat

      Clueless

      To be charitable to you I will assume you are clueless. Too much trouble adding all the SSIDs to the data slurper? Have you ever written a computer program? Computers are FAST, they have VAST memories. They handle data such as strings and hex integers very adeptly.

      Companies have built global maps of Wireless MAC addresses of peoples home WiFi linked to GPS. It's how a non-GPS smartphone can bring up a map of where you are.

      However I suspect that Google did not hack peoples passwords. I feel that they 'admitted' they did just to see if they would get into trouble. Having established that they can get away with the crime they will now feel free to indulge in these crimes.

      Icon = Google pick pocketing

      1. Gordon 10

        Re: Clueless @ Wayland

        WIFI vs GPS - Thats not entirely true. Afaik the main non-gps location technology is Cell tower triangulation not Wifi.

    4. Mike Flugennock

      re: "asking for trouble"

      I still think that people that leave their wifi open are asking for trouble - in all likelihood the cars were looking for BT openzone and the like...

      Very true, but that still doesn't excuse what Google was doing. Unlocked door, burglar, etc. We've been through all this.

      1. Anonymous Coward
        Anonymous Coward

        Re: re: "asking for trouble"

        > Unlocked door, burglar, etc. We've been through all this.

        Yes we have so you should know by now that the unlocked door, burglar analogy doesn't apply. Google did not have to enter any private property.

    5. Anonymous Coward
      Anonymous Coward

      It's irrelevant.

      If you've got location services enabled, all it has to do, is pass in all the SSIDs it can here, and ask where they are.

      Over time, some phones will know where they are, and once they do, if they still hear the SSIDs they know where the SSIDs are.

      The real issue is intercepted emails and the like.

      Looking for BT Openzone? Was that a troll? Or was it irony?

    6. Voland's right hand Silver badge
      Devil

      Not just hotspots

      Android (and iOS for that matter) use SSIDs to improve location fix from GPS in addition to old good cell site data.

      In order to have a usable database for this you have to do some slurping first and not just open APs - you slurp all SSIDs and MACs as well to distinguish between hotspots and remote offices.

      I suspect that they do not need to do that any more as the phones provide enough data to keep it up to date.

  3. Anonymous Coward
    Anonymous Coward

    Dear Google..

    We think you might have lied to us before, so we want you to tell the truth this time, did you do it on purpose?

    Regards

    ICO

    Dear ICO,

    No one knew anything, for realz!

    Regards

    Google

  4. Anonymous Coward
    Anonymous Coward

    Other purposes?

    This reminds me of the "TV Detector" vans that prowled the streets of Britain in the 1950s/60s. Their ostensible purpose was to detect unlicensed (i.e.untaxed) televisions. Years later, it was claimed they were really secret police vans looking for radio systems used by spies.

    Did the Google streetcars have some other purpose?

  5. Primus Secundus Tertius
    FAIL

    Raw Data

    I am astounded that the ICO did not secure an original Google disk or a bit-for-bit copy of one. How can anyone rely on data that have been "processed"?

    The ICO seems to be stuffed with lawyers rather than people who actually know about computing.

    1. Anonymous Coward
      Anonymous Coward

      Re: Raw Data

      The request seems to have been for something with a few readable words in it.

  6. Mike Flugennock
    Coffee/keyboard

    "We had no idea Street View data slurp was happening"

    Pardon me while I laugh until I piss myself.

  7. Anonymous Coward
    Anonymous Coward

    Beyond Belief

    That they had a car with hard and software setup to grab the data.

    But then the ICO are particulary gullable and useless, so nothing will happen.

    Particularly since Cameron appears to be in Google's pocket.

    Whilst Google's pockets are closed to the UK tax man.

  8. Anonymous Coward
    Anonymous Coward

    The ICO is right to resume this

    The ICO detected an interesting difference between what they were told, and what Google has formally stated elsewhere. For those with a minimal command of the English language I'll translate that: they lied, and were stupid enough to prove that by means of statements elsewhere. Thus, the ICO correctly calls them on it.

    Secondly, the German defence ("Ich habe es nicht gewusst" - I didn't know) hasn't worked since WW II, in Google's case you'd end up with having to believe that their software release model is so bad that they failed to detect code that was AND in the vehicles AND in the back end to store that data. Not a chance in hell.

    Thirdly, it is immaterial what you think to be private or not. You can argue until the cows come home, but the ICO and the law define that, and in their eyes it is private information, so Google was flagrantly in breach. Not that that is a surprise, the US model seems to be to break the law and trying to get away with it instead of paying any attention to it. Worked well for Wall Street too, that's why the global economy is in such a mess, but I digress.

    Instead, let me adjust your insight a bit. The good folks here generally have a degree of technical competence, but a lot of people at home do not. This means that quite a few of those WiFi access points are still left at their default settings and passwords, much like VCRs used to blink 12:00 in many homes. Those people are as much entitled to their privacy as you are, and this is why the law considers this data private. The law is to protect a basic human right, for all of us.

    I have no idea how it will pan out, but I hope Google gets a fine that actually *hurts*. It's time they realise that laws exist to be complied with, not to be creatively avoided like tax payments..

    1. Anonymous Coward
      Anonymous Coward

      Re: The ICO is right to resume this

      Which still will get you nowhere.

      ICO can resume the rap and throw a tantrum all it likes. Result will be zero if not subzero.

      UK Is not USA. In the USA if you ie to the regulator or lie to a question formally asked while under oath in a congressional inquiry you get a more or less automatic perjury investigation and prosecution asks for maximum tariff.

      In the UK (as the current press "ethics" inquiry shows) you can lie until your pants need the whole London fire brigade to extinguish them and there will be no consequences. The fact that the ICO "is reopening" the inquiry instead of asking the CPO for a perjury investigation is a good example of this "subtle" difference.

    2. Anonymous Coward
      Anonymous Coward

      Re: The ICO is right to resume this

      Fine. Let's all screw Google for this.

      Meanwhile, I can carry on finding people's public APs and using them to DDoS the shit out of your email servers. How does that sound?

      If the ICO was to publically say that Google did nothing wrong and you idiots should set your public routers to private if you don't want them broadcasting publically, then I bet about 90% of those public APs would be private inside of a month.

      But hey, let's just carry on blundering, eh?

      1. Anonymous Coward
        Anonymous Coward

        Re: The ICO is right to resume this

        It appears you didn't manage to get to my 3rd point: not everyone has the technical nous to set up WiFi security, but that doesn't automatically deprive them of their right to privacy.

        In addition, I personally don't even WANT Google to store my SSID and router MAC address, but I have had no say in the matter.

        *not* good.

        1. Anonymous Coward
          Anonymous Coward

          Re: The ICO is right to resume this

          But you are broadcastng your SSID and MAC address into public airspace. As for technical nous, most routers these days tend to be set up something along the lines of "press button on router, press button on device, there you go".

          And really, if you don't have the technical nous to type a password into a textbox, how in hell did you manage to turn that computer on?

          I guess you wouldn't want people recording CB conversations, or logging IRC chats either?

  9. toadwarrior

    Ignorance isn't an excuse.

    My belief is if you leave your wifi wide open it's your fault however if what they did is deemed wrong then saying they didn't know any better isn't an excuse.

    1. Anonymous Coward
      Anonymous Coward

      Oh, cute. So ignorance is no excuse for the home owner, but is a perfectly acceptable defence for a company that has the technical people and the lawyers to know better?

      Do you spot the logical flaw or do you need help with that?

This topic is closed for new posts.

Other stories you might like