back to article Google to pay laughably minuscule fine over Wi-Fi slurp across US

Google has reached a peanut-sized $7m settlement with 38 US states, after its controversial Street View prowl cars deliberately collected payload data including emails and passwords from unencrypted Wi-Fi networks across America. The company said in a statement that it was pleased to have inked an agreement with Connecticut …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    So that, packet cotents may be useful cost $7M. That tech was not so smart.

  2. Anonymous Coward
    Anonymous Coward

    As much as that!

    That's like the equivalent of a cup of coffee for you and me.

    1. LarsG
      Meh

      Re: As much as that!

      The legal system must be seen to be doing something!

      The punishment is akin to saying 'Well boys will be boys'.

  3. Annihilator
    Alert

    Hmm..

    The oddly amusing thing is, Google would have probably paid several times that in order to buy such data. Or rather more ominously, is probably holding much more private data, which we willingly give it every day, and selling it on at enormously greater values than $7m. Hell, it's Google's business model!

    1. Silverburn

      Re: Hmm..

      More ominous is:

      - the fine was for "hampering", not for slurping per se

      - that they will "eventually" destroy the data

      - that their staff need education on user privacy

      - The project leaders never wanted this data, and didn't use it or even look at it...of course they didn't

      - nobody was checking this guys work

  4. Don Jefe
    WTF?

    Google News

    This story appeared on the Google News page before it showed up in the Reg app. Weird.

  5. Anonymous Coward
    Anonymous Coward

    Consumers have a reasonable expectation of privacy

    Errm, then they should have switched on their Wifi security then...

    Let's not forget, it was "laughably minuscule" for two very sensible reasons.

    1) It was a unintentional error that ONLY affected unprotected hotspots.

    2) the data was never used, and discarded.

    All in all, a non-story when you look at the FACTS (as opposed to the fiction that some seem to be passing around).

    1. Anonymous Coward
      Anonymous Coward

      Re: Consumers have a reasonable expectation of privacy

      I have to agree with you here. I would ask those who think this was done "accidentally on-purpose" what it is they think Google gained from this data?

      Consider, they were connected to each access point for at most 10-20 seconds as they drove past; maybe a few minutes if stuck in traffic or at traffic lights.

      Assuming the connection was even being used at that time, at most they'll have gotten a HTTP request or two, maybe parts of a network file transfer, but on it's own, this is useless information. Anything important should have had an SSL connection (banking, email etc.) and if not, the owner has far more to worry about than Google.

      There's not enough data to build any kind of usage habits and when you consider the data they can already obtain from their own services, why would they bother doing this in the first place knowing it's illegal?

    2. messele
      FAIL

      Re: Consumers have a reasonable expectation of privacy

      Let's have a look at some of your FACTS shall we?

      Errm, then they should have switched on their Wifi security then...

      Yes they should, but hey, not everybody is as uber intelligent as you, clearly. Shock, horror, some people enjoy using the internet and are not technical geniuses. Scratch that, you're a fucking moron for not realising that yourself.

      1) It was a unintentional error that ONLY affected unprotected hotspots.

      No, it was INTENTIONALLY designed into those cars' software. Whether you believe the company knew or not is another argument but it was put there by an employee of the company, therefore the company is responsible and liable for the actions of that employee.

      2) the data was never used, and discarded.

      You know this do you? (Tip: you don't) Google were already busted once after they said the data had been deleted yet they'd kept a backup which was uncovered when the right questions were asked.

      1. tempemeaty

        Re: Consumers have a reasonable expectation of privacy

        The Fact Google was found to have been keeping a backup after it claimed to have discarded the Wi-fi data in question that it slurped begs of intention doesn't it?

    3. Anonymous Coward
      Anonymous Coward

      Re: Consumers have a reasonable expectation of privacy

      I take MASSIVE exception to point 1...

      "1) It was a unintentional error that ONLY affected unprotected hotspots"

      So...

      someone *unintentionally* wrote the code to capture this info,

      and then *unintentionally* persisted it somewhere,

      and assuming it was a db then this db *unintentionally* had an appropriately designed table with the required columns needed to store this *unintentionally* data.

      This is google we're talking about here, where "do what we want until caught" seems to be the unofficial company motto.

      Think of the book scanning debacle, insisting webm is "open" & free when it later turns out it wasn't, and the forthcoming grab-your-popcorn public backlash once the first highly-embarrassing videos captured without consent via Glasses goes viral

      Sorry, rant off. I actually quite like Google but I really do wish they'd pack in this whole "we're open and trustworthy" BS.

      It doesn't fool the tech crowd, and stories like this make the public more aware of what they saw != what they do.

    4. JohnG

      Re: Consumers have a reasonable expectation of privacy

      "Errm, then they should have switched on their Wifi security then..."

      No, that''s not how the law works and if a private individual captures and stores payload data from someone's WiFi, they can expect a criminal prosecution if caught. If you or I are expected to know and comply with the law, how much more a big multinational corporation with many technical experts and lawyers at their disposal?

      Google's "unintentional" defence was blown out of the water by the fact that they only stored unencrypted payload data - so, the application bothered to check for encryption, discarded that which was not useful and stored that which was unencrypted. If the goal was simply to link access point MAC addresses with physical locations, they need not have stored any payload data whatsoever.

    5. Anonymous Coward
      Anonymous Coward

      Re: Consumers have a reasonable expectation of privacy

      Disagree!

      This issue is tied to business regulation. Politicians don't want to put up barriers to internet businesses as it might hurt corresponding jobs and government obsession with GDP Growth. With this prevailing view, human rights and privacy will always lose. My politics are firmly on the side of privacy.

      This type of problem is not going away, not with so many new OPEN Wi-Fi spots growing every day.

      The fines need to reflect a disincentive to trawl what is essentially people's PRIVATE INFORMATION.

      There needs to be a substantial financial penalty system in place now to prevent tech companies thinking it only makes good business sense to capture this data, whether or not they ever use it now or in the future.

      Otherwise as with Big-Oil & Big Chemical pollution, firms will act as they please when the only consequences are miniscule fines, as it only makes good business sense!

      1. Fred Flintstone Gold badge

        Re: Consumers have a reasonable expectation of privacy

        There needs to be a substantial financial penalty system in place now to prevent tech companies thinking it only makes good business sense to capture this data, whether or not they ever use it now or in the future.

        Although I agree with you, the Google affair is effectively a lost opportunity to fine the crap out of an organisation and set an example. It was plain illegal what they did (and AFAIK even criminal in some countries), and anyone with half a braincell knew that their claim that is was an accident was total BS (that means "accidental" extra capture code on the cars and "accidental" availability of a back end to collect all the data) - the very fact that they tried to lie their way out of it was to me the clearest indication that it wasn't an accident at all.

        The problem, however, starts with users. Even on this forum here are many people who don't know the law and seem to find it even morally acceptable that an unencrypted WiFi is a license to invade someone's privacy (maybe because they are actively using someone else's link?).

        Your rights are being sold, right now. It would be better not to let that happen, because turning the clock back is a lot harder.

  6. Anonymous Coward
    Anonymous Coward

    Is it time for an Erin-Brockovich of PRIVACY...?

    Erin Brockovich (2000) *Julia Roberts*

    This reminds me of the paltry fines handed down to polluting s-h-i-t-t-y-corps. i.e. when by-products from BIG-Chemical or BIG-OIL leak into the local water supply. We need an Erin Brockovich of PRIVACY!! Otherwise it only makes good business sense to continue, after all corporations are people too!

    1. Anonymous Coward
      Anonymous Coward

      Re: Is it time for an Erin-Brockovich of PRIVACY...?

      A BBC journalist dubbed me the "Red Adair" of privacy, but in those days Red Adair was still alive :/

      Yes, we need a champion, but even on the Register there are many, many apologists for what really amounts to wilful, hard core offenders of Data Protection laws which are an incarnation of rights we all have as human beings: the right to privacy as enshrined in the Universal Declaration of Human Rights. It does not matter if you are rich or poor, famous or invisible, competent or a Daily Mail reader, it is your right by birth.

      Annoying as it is for journalists, paperazzi, Google, Facebook, government, spies, intelligence gatherers, 123.com et al - we have inalienable rights. Anyone who tries to imply that your privacy does not matter is asking you to implement countermeasures, and I do that for clients. It's my business to make their business none of your business :).

  7. RyokuMas
    Mushroom

    ... and yet...

    ... if it were Microsoft, there would be all kinds of hell erupting on these forums. Remember - if Microsoft does collapse (as some on here seem to hope for with almost religious dedication), it'll probably be these guys who take over...

    I'm not saying I advocate Microsoft - quite the opposite, it fact, customer choice and anti-monopoly all the way. Just be careful what you wish for...

    1. Silverburn

      Re: ... and yet...

      I don't think google are getting off too lightly here. One refreshing thing about el Reg is that blatant corporate piss taking will be slated - the vast majority will rightly twist the knife, with no brand loyalty. As it should be.

      1. Anonymous Coward
        Anonymous Coward

        Re: ... and yet...

        "I don't think google are getting off too lightly here"

        Yeah, but you seem to think that Ayn Rand didn't go far enough, that tax is theft and that companies should be able to do what they want.

        1. Invidious Aardvark
          Facepalm

          Re: ... and yet...

          "I don't think google are getting off too lightly here"

          Fine for breaking the law: $7m

          Performance bonuses for last year:

          Eric Schmidt: $6m

          David Drummond (their head legal person): $3m

          Patrick Pichette (CFO): $2.8m

          Nikesh Arora (CBO): $2.8m

          Yeah, that fine is really going to hurt them...

        2. Silverburn

          Re: ... and yet...

          It should be noted that I was referring to this statement:

          ... if it were Microsoft, there would be all kinds of hell erupting on these forums.

          ..rather than the actual fine itself.

  8. toadwarrior
    Thumb Down

    Google supposedly hires the smartest people in their field and yet they happen to make a school boy error that results in getting too much data? I don't buy it and they're probably protecting the engineer knowing if they drop him in it then he'll drop them in it.

  9. h3

    I think it is reasonable considering the circumstances.

    These days the trend is for fines to be disproportionate far too often.

  10. supreme-overlord

    Do no evil (tm)

    1. Someone Else Silver badge
      Boffin

      Re: Do no evil (tm)

      ...unless we can get away with it.

      There, fixed that for ya.

  11. Herby

    So...

    Taking pictures of public things is OK, but using different wavelengths (ie radio) to take "pictures" is evil and bad? What is the difference? Someone threw it out into the open (unsecured wireless) and Google took a picture of it? Where is the harm.

    I'm sure that those who have open WiFi access points (I run 4 of them) might worry, but if they are "open" what do you expect (I really don't care).

    Either turn off the publicness of the access point (use some security protocol), or you get logged. In my case if I see things I don't like, I add the MAC address to the "you can't connect" list and they don't exist.

    For the most part WiFi signals don't propagate much further than the residential lot anyway, so it makes little difference.

    To others: Your mileage may vary, see store for details (limited time offer!).

    1. Anonymous Coward
      Anonymous Coward

      Re: So...

      You're primarily thinking residentially and narrowly only thinking of your own area...

      Public Wi-Fi is in wide use in countries where STREET VIEW is currently used. I can't give you a complete list, but from travelling in recent years there were cities in the USA (often in conjunction with Libraries or public spaces), and many cities in Asia and South America, among other developing countries.

      Cities are actively trying to introduce and promote open connections as we speak. Even in the UK, Skype is offering incentives to restaurants and pubs to open up their pipe. So this issue isn't about dumb people leaving routers open! Stop apologising for Google.

      There needs to be PRIVACY LAWS for data-suckers like Google and FB FULL-STOP!!!

    2. Anonymous Coward
      Anonymous Coward

      Re: So...

      Wi-Fi boosters used in Public Spaces such as Shopping Malls, Restaurants, Coffee shops, Libraries, Concert Halls, Airports etc have much higher power. It is possible to drive by and pick everything up! I've done installs where owners thanked me because they could sit in their car outside and still get a signal which saved them going back in after locking up. Residential Wi-Fi has low wattage but NOT commercial public Wi-Fi!

  12. Malcolm Boura

    Fine in understandable units

    States 7M$ is about 20 hours profits.

    FCC 25k$ is about 5 minutes.

    France 100kE is about 20 minutes.

  13. Shane Kent

    More than Canada...

    As I recall our "so called" privacy commissioner did nothing and let them walk. What a sell out, I guess we could call her the privacy de-missioner!!! I have to wonder if Google isn't feeding CSIS or CSEC, or likely both, data and have our government look the other way. I say this because when I worked MS Canada phone support we were not allowed to use the remote tools to connect and fix people's pc, and I was told it was because of privacy laws here.

    This makes absolutely no sense to me because Canada has more stringent privacy laws which is why we are not allowed to bring spy equipment back from Florida. Maybe next time I go to Florida I could bring some back and say it is all good with our privacy de-missioner, maybe if I start my own corporation it would be OK then?

This topic is closed for new posts.

Other stories you might like