Oz privacy boss says Google Wi-Fi slurp breached law The Australian Privacy Commissioner has ruled that Google ran afoul of the country's privacy laws when its Street View cars collected personal data from open Wi-Fi networks. "On the information available I am satisfied that any collection of personal information would have breached the Australian Privacy Act," said Privacy …
But it's not there for all to see on an unsecured network.. It might not be encrypted, but it's only there to be seen if you connect to it.. It's back to the worn old analogy of leaving your house or car doors unlocked or even open. That only makes it easier for someone to burgle you. That doesn''t make the burglar right. S/he is still breaking the law.
Yes, the insurance company probably won't pay out, but they aren't the people who get to decide if the burglar broke the law and should do time.
"Yeah yer 'onour, the door was like just open y'see and I accidentally walked in. I didn't mean to help myself to the family silver but I've been collecting silver for years and that stuff was like, y'know, just there for all to see."
Connecting to a computer and/or network without permission is wrong in law. It doesn't matter if it's not secured. The assumption is that if you don't know if you have permission then you don't connect and you don't copy data of any kind from it.
Then there's the whole privacy thing. The company Data Controller is supposed to declare what personal information is collected, why it's collected, what it's used for and how long it's retained for and have justifications for all of those points. Did Google declare to the UK Data Commissioner what they were doing?
you can collect packets "from the air". Especially if you're Google and have people skilled in software and hardware design.
And if it _was_ their own hardware and software doing the capturing rather than- say- Wireshark running on a Laptop it'd have been less tested so more likely to accidentally capture the rest of the packets.
So the analogy is you shouting out your credit card's pin number then calling the police on the guy behind you because he's heard it and now knows your credit card pin.
Not shouting it out is the best way of stopping it, but shouting out a non-obvious way you remember it (say, APPLE! DIMM! ALUMINIUM! BUDWEISER! rather than 0123) is a good compromise.
It really should be criminal to ship WiFi APs with the default being unencrypted. If you _want_ unencrypted you can enable it- but this means you're happy for everyone to "hear" everything you do.
Unfortunately your 'open door' analogy falls over in this respect. If I am walking around with any laptop (especially one running Windows) it will automatically connect to any open wi-fi point.
It's closer to someone shouting from the roof top through a megaphone and then complaining because someone heard them.
I totally agree on the issue at hand.. but I have to be honest.... "and regularly consult with her about "personal data collection activities arising from significant product launches" in Australia." had me cracking up. Machiavellian much?
That she doesn't even encrypt her own WiFi says waves about how much she would understand about what they're doing when they do explain themselves.. so what's the use?
<shrug> At least she got the Privacy bit right.
Let us not forget the first and second generation of cordless phones.
It was possible to take one vendor's handset, walk close to your neighbor's house and use their phone... So, at the time, if someone recorded a conversation that they captured over the air... was that not an illegal wire tap?
Second... I wager that the US Government doesn't do anything to Google. Why do you think the White House's CTO still has his connections to Google and his GMail account?
It will take the press putting pressure on the politicos in order to get things done.
Just ask the reporters from the Cleveland Plain Dealer who put pressure on the local police concerning the murder of Dr. Sam Sheppard's wife.
Google may have taken the data but it wasn't viewed or used. It was only when various government watchdogs all insisted on viewing the data that it was actually exposed.
Kind of like Google taking letters off peoples doormats, but the governments insisting on opening the letters for a good read.
Fetch me my tin foil hat because I'm not sure the governments didn't have another agenda here.
I'm tired of people saying that just because the wifi network isn't encrypted, it's public. You have a cell phone? A cordless phone? You expect your conversations on THOSE to be private? By your argument, they aren't.
The law, in MANY countries, states that you aren't allowed to listen to radio communications you aren't supposed to be a part of. It's the same laws that prevent people just wiretapping your phone without a warrant. It's illegal and a breach of privacy. People say it's like shouting on the street, when in fact, it's a lot closer to talking in your living room and someone with a listening device listening to your conversation from the street and through your wall.
Don't expect Joe user to know how to secure his wifi network when he can't even be bothered to have a password on his computer.
If you're too ignorant to know that when you're using a god damned radio to broadcast your unencrypted credit card number into the homes of all your neighbors, then you're too ignorant to be allowed to complain when one of your neighbors starts using it. If the Googlecars are driving around in the street are able to pick your shit out of the air, take a fucking minute to stop and think about how many cars drive down that street. Each of those are capable of doing the same damn thing. If you think Google is a villain because they accidentally wiresharked your email when they were driving about, you need to stop and worry about the assholes that actually want to target you. The ones that are going to cause you serious pain.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
