×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google Says It Mistakenly Collected Wi-Fi Data While Mapping

timothy posted more than 3 years ago | from the just-accidentally-of-course dept.

Google 215

Even if Google says there's nothing to worry about, newviewmedia.com writes, the company "said it would stop collecting Wi-Fi network data from its StreetView cars, after an internal investigation it conducted found it was accidentally collecting data about websites people were visiting over the hotspots. From the WSJ article: 'It's now clear that we have been mistakenly collecting samples of payload data from open [i.e. non-password-protected] Wi-Fi networks, even though we never used that data in any Google products.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

215 comments

Hey, (5, Insightful)

Threni (635302) | more than 3 years ago | (#32214602)

they're not called `open networks` for nothing. Tighten up, or shut up. Oh, and postmen read your postcards too.

Re:Hey, (-1, Troll)

sopssa (1498795) | more than 3 years ago | (#32214646)

There's a difference between using an open Wi-Fi hotspot and doing a man-in-the-middle attack to collect data about what sites other people using the hotspot are visiting.

Re:Hey, (4, Insightful)

marcansoft (727665) | more than 3 years ago | (#32214746)

It's not a man-in-the-middle attack. They were probably just capturing all WiFi traffic in order to search for hotspots, but forgot to filter it so only beacon frames were stored. A proper set of cards sniffing are much more effective at detecting faint hotspots than just mashing on the "scan" button on one card, which probably discards stray beacons.

It's your fault if you're broadcasting your data all over the airwaves unencrypted where anyone with a passive receiving antenna can pick it up.

Re:Hey, (0, Flamebait)

tomhudson (43916) | more than 3 years ago | (#32215120)

Several points:

1. Maybe I know my neighbors, so I trust them/know they're not that talented.

2. If you read the article, they had included software that collected traffic, like emails, etc.

3. This is the same company that produced this choice quote: "Google CEO Eric Schmidt recently said Internet users shouldn't worry about privacy unless they have something to hide."

4. This is the same google that confiscates all cameras before outsiders are allowed on-campus. THEY certainly have something to hide ... so why isn't it okay for the proles to enjoy the same privacy?

Re:Hey, (1)

jibjibjib (889679) | more than 3 years ago | (#32215236)

2. If you read the article, they had included software that collected traffic, like emails, etc.

Yes. As in, they collected /all/ wireless traffic with the intention of checking which hotspot it came from and measure its signal strength. I don't think there's any indication that they specifically tried to log emails or that they did any of this for purposes other than locating hotspots.

Re:Hey, (3, Insightful)

tomhudson (43916) | more than 3 years ago | (#32215982)

The article indicates that the original software was expressly written with logging capability. They somehow "forgot" to remove it. And nobody noticed. For three years!?!

Re:Hey, (1)

icebraining (1313345) | more than 3 years ago | (#32215256)

1) And just like Google, *anyone* can sniff that data, not just your neighbors. They don't have any special powers, they use the same public anyone else can use.

2) It's called a sniffer. Has GP said, it's much more effective at finding APs, exactly because it finds any packets. Storing the payload may or may not be an accident.

3) That quote is largely taken out of context.

4) First, they are actively protecting their data - why aren't you? Not only you're not protecting it, you're broadcasting it to public space, and you want privacy?
"I'm running naked on the street, how dare people look at my penis?"

I'm no Google fanboy, and I really dislike their Ad-network prevalence, but being offended by this is ridiculous.
Personally, I use a double network system: WPA-Enterprise for my machines, open for anyone else.

Re:Hey, (3, Insightful)

tomhudson (43916) | more than 3 years ago | (#32215996)

They were storing the payload for the last 3 years. Three years, and NOBODY noticed? Nobody said "is this even legal in all the places we operate?" Nobody said "Can this come back and bite us on the ass?"

3 years is a long time to "accidentally" be doing something when it's your profession.

Re:Hey, (0)

Anonymous Coward | more than 3 years ago | (#32215400)

Your "4" is just plain wrong. You can walk on campus from the street, first of all... there's nothing stopping anyone from doing this with a camera... although if you don't have legitimate business, I suppose you'd technically be trespassing.

  Second of all, even inside the buildings when you go to sign-in, they don't ask you to turn in anything like a cellphone that has a camera in it. Stop spreading FUD.

Re:Hey, (3, Informative)

calmofthestorm (1344385) | more than 3 years ago | (#32215460)

I've personally been to Google Boston and Mountain View and not only was I not searched or even asked if I had a camera, I was told explicitly at Mountain View that photography was permitted outdoors and to please ask first indoors. I was asked not to take pictures in Boston, but again, not searched or asked for camera.

I was at Mountain View about two years ago and at Boston two months ago.

Re:Hey, (3, Informative)

Arancaytar (966377) | more than 3 years ago | (#32214978)

man-in-the-middle attack

That word does not quite mean what you think it means.

An MITM attack is where you actively intercept a point to point connection, negotiating a secure connection with each end-point while pretending to be the other. It is not feasible to do this to a wifi connection because you can't block the real end-points' reception of each other.

This is just passive sniffing. You can do it on any wifi network, open or not, although you can obviously only read unencrypted data.

Re:Hey, (0)

Anonymous Coward | more than 3 years ago | (#32215448)

That word does not quite mean what you think it means.

Inconceivable!

Re:Hey, (1)

Jurily (900488) | more than 3 years ago | (#32215002)

And there's a difference between malice and having so many devices it's practically impossible to turn them off all at once.

Re:Hey, (2, Funny)

Mordok-DestroyerOfWo (1000167) | more than 3 years ago | (#32214658)

An open network, much like an unlocked door or a drunkenly passed out girl is not an invitation for invasion. Granted like most people here I use WPA and don't even broadcast my AP. I agree with you that it is stupid practice, but that doesn't make intrusion morally right.

Re:Hey, (4, Informative)

marcansoft (727665) | more than 3 years ago | (#32214804)

I disagree. An open network is not an invitation to join it and use it (associate), but an unencrypted network is an invitation for anyone to sniff your traffic passively. This would be like satellite TV providers sending their feeds unencrypted and then complaining that non-subscribers are watching their channels. What do you expect if you're broadcasting your data on the air in the clear into public space?

Granted, sniffing everything is not nice of Google (and probably an unintended screwup), but you really shouldn't expect that people won't do it.

Re:Hey, (0)

Anonymous Coward | more than 3 years ago | (#32215032)

disabling SSID broadcast does little:

http://technet.microsoft.com/en-us/library/bb726942.aspx

Re:Hey, (4, Informative)

Anonymous Brave Guy (457657) | more than 3 years ago | (#32214800)

Sure, and your sister was asking for it with that dress she was wearing, right?

Fortunately, most of the world is enlightened enough to realise that such statements are absurd, and just because someone is vulnerable to something unpleasant that does not make it their fault if someone else does that unpleasant thing to them.

FWIW, the actions described would probably be criminal and carry jail time if they occurred in the UK (e.g., under the Wireless Telegraphy Act 2006).

Re:Hey, (0, Troll)

Daengbo (523424) | more than 3 years ago | (#32215054)

Try using Kismet some time. You'll realize that either you or your UK laws are wrong.

Re:Hey, (2, Informative)

Anonymous Brave Guy (457657) | more than 3 years ago | (#32215674)

The law I'm thinking of [opsi.gov.uk] is actually written rather carefully. It does not criminalise all networking or monitoring broadcasts that would normally be intended for public use. It does criminalise either intentionally obtaining certain types of information or disclosing such information even if it was obtained unintentionally.

I suspect even Google's lawyers would have difficulty arguing that employees of one of the most high-tech companies in the world, driving around in a specially equipped vehicle, with the goal of monitoring and recording transmissions from other people's wireless networks, storing personal messages or other sensitive information, did not breach the "intentionally obtaining" part of the Act.

Re:Hey, (1)

Anonymous Brave Guy (457657) | more than 3 years ago | (#32215712)

Sorry to reply to my own post, but I should correct myself: the law I cited doesn't allow jail time for that particular offence, only a fine. There are other similar offences (e.g., accessing data on a computer without authorization, under the Computer Misuse Act) that do carry jail time, but without talking to a lawyer I don't know if they would apply here.

Re:Hey, (1)

Gorimek (61128) | more than 3 years ago | (#32216566)

UK Law: ...uses wireless telegraphy apparatus with intent to obtain information as to the contents, sender or addressee of a message ... of which neither he nor a person on whose behalf he is acting is an intended recipient, or

If you read the actual Google blog post [blogspot.com], it's made very clear that getting content was not intentional. They're only after IDs and locations of the wifi spots.

You've clearly never worked at any "of the most high-tech companies in the world", if you think this kind of accident couldn't happen in such a place.

Re:Hey, (2, Interesting)

KrugalSausage (822589) | more than 3 years ago | (#32215588)

Ah, the thought of comparing a postman reading mail to rape. I wonder what moral relativism will look like for my grandchildren. Oh, and in the UK they arrest you for just about anything these days. I'm sure you know about the guy arrested for saying homosexuality is a sin? http://www.nydailynews.com/news/world/2010/05/03/2010-05-03_gay_cop_arrests_preacher_for_saying_homosexuality_is_a_sin.html [nydailynews.com]

Re:Hey, (1)

Anonymous Brave Guy (457657) | more than 3 years ago | (#32215772)

Well, firstly, I wasn't talking about the postman reading mail. But in any case, the principle of saying that someone vulnerable to harm is not automatically at fault if someone else then causes that harm is exactly the same, whether we are discussing invasion of privacy, theft from an unlocked car, date rape, or murder with a sniper rifle from 500m. No-one is trying to equate the damage caused by these different offences, but the immorality of the "asking for it" defence is the same in every case.

Re:Hey, (0)

Anonymous Coward | more than 3 years ago | (#32216284)

Gawd Lewd, let me see if I am too drunk to understand it:
Google was caught sniffing someone's open WiFi hotspot using a 4G stolen iPhone while doing a man-in-the-middle attack in a drunk naked girl that had passed out on a lawn while reading a postman's postcard?
Damn, that is way too much evil together for a "do no evil" organization!

Re:Hey, (1)

Dirtside (91468) | more than 3 years ago | (#32215226)

You might be stupid for leaving your network open, just as you might be stupid for leaving your house door open, but it's still not okay to use either one of them without permission. I won't have a lot of sympathy for you, but I'm not going to let the intruder off the hook, either.

Re:Hey, (1)

nurb432 (527695) | more than 3 years ago | (#32215310)

Just beacuse you leave your bedroom window open it doesn't give your neighbors the right to walk over and peek in.

Re:Hey, (1)

CAIMLAS (41445) | more than 3 years ago | (#32215342)

Yeah, but they did it "accidentally". That's like accidentally slipping and putting your dick in someone's vagina: mapping APs and associating the traffic going through them does not occur without intention.

Re:Hey, (0)

bonch (38532) | more than 3 years ago | (#32215818)

Once again, Slashdotters rush to the defense of their beloved company, Google, to defend it from actions that they would crucify other companies for, like Microsoft. As Google continues to be proselytized as an open source company, their primary business--search and advertising--is as closed source as Windows. And as Facebook gets criticized for its privacy missteps, all Google has to do when it collects data about websites people are visiting on their wifi networks is say, "Oops! We weren't using it for anything, promise," and Slashdotters will genuflect and forgive.

Re:Hey, (0)

Anonymous Coward | more than 3 years ago | (#32216224)

Maybe so, but I don't need Google anymore after this. They now suck and they can't win me back.

I use Google a lot but... (3, Insightful)

Mordok-DestroyerOfWo (1000167) | more than 3 years ago | (#32214632)

How in the heck do you "accidentally" gather information over a wireless network? If all you want is a collection of AP's that's one thing, but any storage of packet data no matter how temporary cannot be considered an accident. It has to be planned out and executed. An accident is stubbing my toe on the nightstand, this is an invasion of privacy.

Excuse (1)

Dan East (318230) | more than 3 years ago | (#32214714)

Since they made up an excuse before they were caught they're in the clear on this one.

Re:I use Google a lot but... (3, Informative)

iserlohn (49556) | more than 3 years ago | (#32214744)

Looks like you never used a sniffer (like tcpdump) before...

The accident is leaving off the filter that restricts the traffic you capture...

Try it on a machine you ssh into and you will know what I mean...

Re:I use Google a lot but... (5, Informative)

marcansoft (727665) | more than 3 years ago | (#32214770)

AP information is packet data (they're called beacon frames). Looking for beacon frames is a lot more effective at finding APs on the move than using whatever built-in scan feature your card drivers have. They probably had a SNAFU and forgot to filter out data packets in their capturing setup, instead storing everything that hits the antenna (or some engineer didn't realize it would be an issue).

Re:I use Google a lot but... (1)

Dreadneck (982170) | more than 3 years ago | (#32215300)

Google PR Flak: We at Google take you privacy seriously. That's why, after discovering that we had inadvertently collected 600+ GB worth of private citizens' data, we're doing the responsible thing, in this post 9/11 world, and turning the data over to the government for proper disposal.

Yep, nothing to see here. Move along!

Re:I use Google a lot but... (1)

Ethanol-fueled (1125189) | more than 3 years ago | (#32215862)

But why are they collecting that data at all?

The maps and street-view are understandable because they are for the most part static and do not change, but people move in and out of buildings and change things all the time. It's not rocket science to determine that corporations and branches of Starbuck's will have their wireless networks, so why the unecessary invasion of privacy like sniffing MAC addresses? There are other ways to get the location of public access points and the like without having to sniff private residential networks.

Re:I use Google a lot but... (1)

RoFLKOPTr (1294290) | more than 3 years ago | (#32215952)

The maps and street-view are understandable because they are for the most part static and do not change, but people move in and out of buildings and change things all the time. It's not rocket science to determine that corporations and branches of Starbuck's will have their wireless networks, so why the unecessary invasion of privacy like sniffing MAC addresses? There are other ways to get the location of public access points and the like without having to sniff private residential networks.

Because it's not for locating public wireless access points. It's about using the location of ANY Wi-Fi network that's broadcasting an SSID (secure or insecure) to assist in geolocation. Google's Street View vans scan for SSIDs and detect signal strength to essentially triangulate the location of every SSID-broadcasting wireless router, and they can use that information with Google Maps Mobile and perhaps other applications to help your device locate you when there's a weak or inexistant GPS signal.

Also, ffs, learn to use HTML tags.

Re:I use Google a lot but... (0)

Anonymous Coward | more than 3 years ago | (#32215036)

Google was supposedly photographing houses with 6 cameras. Now we find out it also has had collecting APs and 'payload'. That does imply that they had databases capable of storing such information.

Reminds me of the Texas hospital that collected DNA from newborns without informing parents.

Re:I use Google a lot but... (2, Funny)

Ossifer (703813) | more than 3 years ago | (#32215080)

I accidentally gathered the credit cards numbers of all my neighbors.... Oops.

Meanwhile Skyhook makes no statement (0, Troll)

kindbud (90044) | more than 3 years ago | (#32214638)

Even though Skyhook does exactly the same thing Google is doing. But Skyhook created the location API licensed by Apple, so it's all OK.

Amidoinitrite?

Re:Meanwhile Skyhook makes no statement (1)

dangitman (862676) | more than 3 years ago | (#32214716)

Huh? What evidence do you have that Skyhook was inspecting packets that travel over those access points?

Re:Meanwhile Skyhook makes no statement (3, Interesting)

kindbud (90044) | more than 3 years ago | (#32214758)

What evidence do you have that Google was, other than Google's own statement?

If Google made no statement, would you assume they were not capturing payload, like you assume Skyhook isn't?

Double standard, dude.

Re:Meanwhile Skyhook makes no statement (1, Informative)

Jugalator (259273) | more than 3 years ago | (#32215000)

What evidence do you have that Google was, other than Google's own statement?

Why is more evidence necessary?

If Google made no statement

but they did

Suuuuure It Was A Mistake ... (2, Funny)

WrongSizeGlass (838941) | more than 3 years ago | (#32214644)

They're probably worried about some legal complications ... or even German WiFi [slashdot.org] police ;-)

New portmanteau : Google + Oops! = Goops!

Re:Suuuuure It Was A Mistake ... (1)

Sooner Boomer (96864) | more than 3 years ago | (#32215082)

"New portmanteau : Google + Oops! = Goops!"

I think in this case it has already been done: (open wi-fi) + Google + Oops! = Oogle!

Shenannigans! (1)

jtownatpunk.net (245670) | more than 3 years ago | (#32214648)

You don't "accidentally" collect samples of payload data. That's just absurd.

Re:Shenannigans! (0)

Anonymous Coward | more than 3 years ago | (#32214732)

Of course you can, they were probably just running a default kismet configuration and didn't disable packet capture.

Re:Shenannigans! (5, Insightful)

Anonymous Coward | more than 3 years ago | (#32214756)

Yeah you do. When you say "Hey, let's see what open wi-fi stuff is out there", and tune into those signals, you pick up on some spare traffic...and if you're saving every packet you come across for later processing (like 'what open wi-fi router was this'), then yeah, it's going to get saved like the rest.

Then they looked at the data they'd saved, said "Oh hey we didn't mean to get that stuff". Kind of like if you're logging all data that someone sends when they're connected to your open Telnet port, and you realize later that it saves their username/password along with the rest--it wasn't a conscious decision, you might not have thought about it at all, you might never plan to even look at the logs except in some specific cases, and while a workaround might take some time...you kind of drop a brick when your legal team realizes you have it.

Sounds like my daughter when she was 6 (5, Insightful)

Locke2005 (849178) | more than 3 years ago | (#32214680)

Me: "Why are there drawings all over the wall?!?"
Her: "It was an accident! I didn't mean to do it!"

Re:Sounds like my daughter when she was 6 (0)

Anonymous Coward | more than 3 years ago | (#32214730)

I "accidentally" put a rootkit [eff.org] into that music CD you just tried to play.

Re:Sounds like my daughter when she was 6 (2, Funny)

Anne_Nonymous (313852) | more than 3 years ago | (#32214914)

You forgot the other appropriate responses:

"What drawings?"
"I didn't do it."
"Pooh Bear did it."
"Davy did it."
"Davy made me do it."
"Davy told me to do it."

and the ever popular,

"I love you, Daddy."

Re:Sounds like my daughter when she was 6 (0)

Anonymous Coward | more than 3 years ago | (#32215436)

So you're Google in this scenario, receiving and remembering something your daughter didn't anticipate being seen?
And your daughter is someone who got logged accessing a webpage (your facebook wall?) over open wifi?

Because the other way around makes no sense.

Sooner or later the world needs to stop basing it's expectations of privacy on the perceptions of metaphorical 6 year olds.
If you beam information out in the clear in common and well documented formats for all the world to see, sooner or later someone might see it.

Skyhook competitor (2, Insightful)

ad454 (325846) | more than 3 years ago | (#32214700)

Now that Google has all that StreetView WiFi data, maybe they can put together a free WiFi geo-location service alternative to Skyhook:

http://en.wikipedia.org/wiki/Skyhook_Wireless [wikipedia.org]

With regards to privacy, Skyhook has already let the cat out of the bag.

Re:Skyhook competitor (1)

ad454 (325846) | more than 3 years ago | (#32214754)

When I said free, I mean purely advertisement supported, since nothing Google does is really free.

Re:Skyhook competitor (1)

Fencepost (107992) | more than 3 years ago | (#32214902)

They might be doing so. Google Maps on my Blackberry 8320 (no GPS) shows my location to within a few hundred meters in a few places, and I can think of multiple ways they could be doing so all of which involve WiFi.

Re:Skyhook competitor (1)

Matt_R (23461) | more than 3 years ago | (#32214910)

Now that Google has all that StreetView WiFi data, maybe they can put together a free WiFi geo-location service

Like this? [mozilla.com]

Re:Skyhook competitor (1)

Drew M. (5831) | more than 3 years ago | (#32215608)

Google has that already. Any Android device, Chrome browser or Google Gears installation can already locate itself using that exact method. Try it.

Riiiiiiiight. (1)

LurkerXXX (667952) | more than 3 years ago | (#32214734)

So if you were going to set up a wireless rig to map open wireless locations, exactly how would you 'slip' to start also mapping what traffic was passing through them? That takes a good bit more work than simply noting the SSID. Accident my ass.

Re:Riiiiiiiight. (1)

chill (34294) | more than 3 years ago | (#32214824)

Actually, it takes LESS code. They probably wrote a sloppy bit of code to grab a few seconds of packets, then filtered out SSIDs later. Probably just a Perl script hooking into libpcap and dumping to a file.

Google is great and all... (1, Insightful)

Spykk (823586) | more than 3 years ago | (#32214762)

As much as I like Google I hope they get the book thrown at them over this. To claim that they have accidently been collecting this data for three years is just silly. If you can make money breaking the rules and there are no consequences when you get caught then why would anyone follow the rules? Corporations are rarely influenced by things like morals or ethics unless there are financial penalties making it the cheapest option.

Re:Google is great and all... (1)

Jimbookis (517778) | more than 3 years ago | (#32214876)

Corporations? We have to stop pretending corporations are 5000 pound three year olds who needs constant berating and correction to be kept in line. There are intelligent PEOPLE in corporations who are making these decisions and they need their arse handed to them on a plate.

Re:Google is great and all... (0)

Anonymous Coward | more than 3 years ago | (#32214948)

Breaking what rules, exactly? This like talking over a CB radio and then getting pissed that other people might have heard. Tough shit.

Re:Google is great and all... (4, Insightful)

Dirtside (91468) | more than 3 years ago | (#32215296)

As far as I can tell, Google posted this message without being forced to by any government. Most companies would keep this kind of thing quiet, or lie about it, especially if privacy advocates got wind of it. Google, within a few days of finding out about the issue, posts an APOLOGY for doing something that MIGHT have possibly damaged a few people, IF the information they collected had been leaked.

Unless we have reason to believe otherwise, Google screwed up, and as soon as they were aware of the mistake, took steps to rectify it and then went public about the mistake. If we get evidence that Google is lying about this, that's another story, but has there been any such evidence yet? I'm all for raking corporations over the coals when they make mistakes and don't own up, but how often do you see a giant corporation blurting out "mea culpa" like this?

Also:

As much as I like Google I hope they get the book thrown at them over this. To claim that they have accidently been collecting this data for three years is just silly.

It's not remotely silly. A week ago I discovered a DB table at my (multinational media conglomerate) company that had been silently logging data for -- wait for it -- three years. It wasn't any personal info, or data we needed, but everyone had forgotten about it. The idea of Google making a similar mistake is not "silly" at all.

Re:Google is great and all... (0)

Anonymous Coward | more than 3 years ago | (#32215304)

RTFA

What money did they make from this?

Also what rule other than their own internal policy would stop them from gathering packets that were broadcast into their car from people's open networks???

Their only issue is that they were accidentally grabbing data in addition to the "header" packets, which it sounds like no one in the company ever actually looked at or knew about the data(hell it took 3 years just to figure out it WAS being stored)

Re:Google is great and all... (3, Insightful)

FriendlyPrimate (461389) | more than 3 years ago | (#32215378)

I respectfully disagree. If they're telling the truth (and I have no reason to believe that they're not), then they didn't even realize they were collecting this information. They did not use it for monetary gain.

If anything, this gives me more respect for Google, since they did not have to reveal this information (they could have indefinitely stonewalled...there's no external evidence that they kept this data). They're willing to admit when they do something wrong. That scores points in my book. Kudos to Google.

Re:Google is great and all... (2, Insightful)

Anonymous Coward | more than 3 years ago | (#32215598)

So let me get this straight:

- A company accidentally collects data that careless users broadcast to anyone who is listening.
- The data is largely worthless anyway due to the circumstances. (car was in range for almost no time, users would have had to be transmitting at exactly the right time)
- The company doesn't realize they actually have this data, and doesn't do anything with it.
- Once they actually find out they have this data, instead of trying to hide it or make excuses, they voluntarily come forth and detail exactly what happened and exactly how they're going to get rid of the data, including allowing third-parties to inspect their code.

... and you think they should be PUNISHED for this? If anything, all companies should act this way.

Re:Google is great and all... (2, Insightful)

tftp (111690) | more than 3 years ago | (#32216324)

- A company accidentally collects data that careless users broadcast to anyone who is listening.

Two people have a quiet, private conversation in an empty street. They have a reasonable expectation of privacy. A car with a sensitive microphone drives by and records several seconds of the conversation, without participants' knowledge.

- The data is largely worthless anyway due to the circumstances.

Google wouldn't deploy a system for collecting worthless data on thousands of StreetView cars over three years. It's not like a lowly code monkey made a build with a few extra #defines, threw it over the wall and forgot about it. The car has to have WiFi, the operators have to be trained to use the system, and the collected data has to be taken out of the car and stored somewhere on company's servers. This can't happen accidentally.

- The company doesn't realize they actually have this data, and doesn't do anything with it.

That assumes that thousands of Google coders, workers and managers are idiots. Far more likely is that Google, being in data mining business, were perfectly aware of every aspect of this collection. It costs money to run StreetView cars, so they packed the cars with everything they could think of, and collected everything that they could.

- Once they actually find out they have this data, instead of trying to hide it or make excuses, they voluntarily come forth

The "voluntarily" part was forced - see the TFA:

Alan Eustace, senior vice president of engineering and research for Google, wrote in a blog post that the company uncovered the mistake while responding to a German data-protection agency's request for it to audit the Wi-Fi data

Google was silent about it for three years, but once they were asked a direct question they decided not to lie. When a lawyer asks a question he already knows the answer, so lying in these circumstances would be much more dangerous.

Re:Google is great and all... (1)

khchung (462899) | more than 3 years ago | (#32216516)

Wish I had mod points to mod you up.

I read TFA, but it is very light on details. Did Google said they are going to DELETE those data now? I couldn't quite find that in TFA, it only quoted Google will "learn all the lessons we can from our mistake".

Did they consider their "mistake" being collecting the data in the first place, or does "mistake" mean the PR nightmare after they were found out doing that? Learning their lesson could either mean stop collecting so much data, or it could mean not letting other people find out how much they are collecting the next time.

The company said it would dispose of the data .. (1)

AHuxley (892839) | more than 3 years ago | (#32214802)

Not before giving the US gov a copy directly or via a 3rd private party?
The fun of "in any Google products" part is once data is collected it can be 'packaged' for 'testing' 'internally' and end up as some external snapshot prototype bundle.
The maps with WiFi data could have been floating around different 'partners' from the point of creation until the "dispose" date.
Just because Google pulls the plug only after been exposed does not really give any comfort.
How does real world physical Wi Fi mapping become a simple mistake?
Someone installed the software and hardware, tested it and kept it running ...

Re:The company said it would dispose of the data . (1)

denmarkw00t (892627) | more than 3 years ago | (#32216484)

Well, if they packaged it and whatnot, as in removed personally identifiable information and formed bare demographics, go ahead and sell it. I'm as upset as anyone else when it comes to companies selling personal info, but there needs to be some leeway - if a company says (and can prove) that the information they're gathering is to sell but only when personal information is wiped, I don't care. Form a base demographic, it is how business is run, but you can do it while discarding personally identifiable information.

Everyone Apologizes... (2, Insightful)

retech (1228598) | more than 3 years ago | (#32214814)

McDonald's tells everyone: "... we're sorry we made you obese..."
Steve Jobs said: "We didn't mean to only give the artist $.01 and keep $.70 for us on iTunes."
Haliburton mentioned: "Oil spills? We had no idea this could happen."

To trust a company with anything is just stupid. Lock up your doors (or WAPs) people and expect the worst from anyone, you won't be disappointed.

Re:Everyone Apologizes... (0)

Anonymous Coward | more than 3 years ago | (#32215060)

Steve Jobs said: "We didn't mean to only give the artist $.01 and keep $.70 for us on iTunes."

You (or the 'tard who told you this) need to get a better record label and/or a tiny particle of cluefulness. Apple hasn't exactly made it a secret that they take $0.30 off the top for tracks, which leaves an awful lot more than $0.01. You're welcome to keep hatin', but it still won't make your dick any bigger.

Re:Everyone Apologizes... (1)

Naturalis Philosopho (1160697) | more than 3 years ago | (#32215232)

Look up "hyperbole".

Re:Everyone Apologizes... (0)

Anonymous Coward | more than 3 years ago | (#32216106)

Look up "hyperbole".

Hyperbole generally entails a scale of exaggeration where the statements cannot plausibly be interpreted literally.

"I could eat a horse" is hyperbole.

"I could eat twice as much as usual" is not hyperbole.

Except that McDonalds didn't make you obese (0)

Anonymous Coward | more than 3 years ago | (#32215110)

YOU DID.

And never mind that Halliburton makes money both on spilling the oil and cleaning it up - no matter which party they had to bribe to get that cushy no-bid contract....

What are the legal ramifications for the people? (3, Interesting)

Tanman (90298) | more than 3 years ago | (#32214840)

If the government subpoenas Google to see the nature of the data they 'accidentally' collected, can they hunt through the data for evidence of illegal activities by the individual users and then go after them? This seems like it would be a great way for The Man to have access to private data by circumventing unreasonable search protections. After all, they just happened to notice this data while checking to see what data Google had been stea, er, storing.

Re:What are the legal ramifications for the people (1)

AHuxley (892839) | more than 3 years ago | (#32215730)

The same as for the NSA linked telcos - 0.
Google is a top US telco like entity connected around the world with wide pipes back to US gov friendly tap points.
Google can only be harmed by internal leaks eg a Room 641A story.
Google is just too networked to fail and still has that welcomed feel in most pasts of the digital world.

Happens to everyone... (0)

Anonymous Coward | more than 3 years ago | (#32214904)

It's an honest mistake. I'm probably collecting personal data from other people at this very moment and I have no idea.

It's like an addiction with a twist... (1, Insightful)

MindPrison (864299) | more than 3 years ago | (#32214950)

...on one hand we all love to use Google, let's face it - it's the no#1 search engine, finds more data for you than you could ever dream of coming up with on your own or any other engine, shows you the way on your navigator - heck...even shows you where to get hot coffee on a rainy day, free mail service, supports open-source initiatives all over, man - that's like free drugs, you WILL get addicted, and there's really no way out.

Google and the government have ONE thing in common though, power. And knowledge is TRUE power. Imagine if you knew everyones dreams, thoughts, loves, hates, inventions. Google knows pretty much everything there is to know about me, and yes - I have volunteered to this, I'm addicted to Google, I love what Google provides me with, and I've seen nothing truly sinister from them the last 10 years, something about the truth shall set you free? Maybe there's something to that old saying.

But the government knows pretty much what they want to know too, why destroy a good thing? I don't think the recording of WiFi spots was a "Mistake", no one in their right mind can make that big of an engineering mistake, it uses extra data, no optimisation in that, but you got to tell them something, so it was an accident.

Do I believe that Google is Evil? no - I don't, but with any great power - especially knowledge - you have to use it with care, and be careful to whom you hand it to. Admit it - you want knowledge, why should they be any different, the difference is - you hand it to them - voluntarily, and thats not necessarily a bad thing.

Remember that movie "What Women Want"?, great flick btw. Mel Gibson all of a sudden by accident, gets the gift of being able to read every womans mind, he can hear them speak. This momentarily drives the man crazy, but at the psychologists bench, he discovers that this knowledge is truly a gift - if you knew what a woman want all the time - you could RULE the world.

There's some truth in that, if you know your audience, you can please your audience like no one else, and you can have it all, future inventions will be based on millions of minds - worldwide - tell me - who would NOT want that?

Re:It's like an addiction with a twist... (1)

BlakJak-ZL1VMF (256320) | more than 3 years ago | (#32215088)

Aparrently 'do no evil' doesn't translate to 'be open and honest about exactly what it is we're doing when we drive around your neighbourhood in our camera-van'.

They could've headed this all off by disclosing it openly in the first place, instead of claiming 'accidental' data collection.

Re:It's like an addiction with a twist... (1)

MindPrison (864299) | more than 3 years ago | (#32215154)

They could've headed this all off by disclosing it openly in the first place, instead of claiming 'accidental' data collection.

Yes they COULD, but imagine if you were the government, and you were told to finally disclose to the world that we've been discussing and negotiating with Aliens for over 50 years now, and we're about to tell YOU that - the world would go MAD in an INSTANT, so - what you do, is to reveal as little as possible, in small bite-sized chunks, and of course - everything available to anyone who wants to know...no secrets here...but they just would not plaster BIG BANNERS all over the place saying - hey look, we've got Aliens!

Google is already struggling with half the planet who's mostly technically illiterate, try telling the people who doesn't even have a computer what they're doing, and you'll have worst-case scenarios raining all over the place.

Re:It's like an addiction with a twist... (0)

Anonymous Coward | more than 3 years ago | (#32215888)

You missed the rare opportunity to deliver Spider-Man's classic line and stay on-topic!

"With great power comes great responsibility."

the only possible answer (0)

Anonymous Coward | more than 3 years ago | (#32214980)

This is the only possible answer Google could give that would not increase the risk of prosecution under criminal law.

I have never witnessed a company "accidentally" collecting data. While I can believe that Google hadn't yet figured out how they were going to use the data, but the notion that the collection itself was accidental seems ridiculous.

Impossible Accident (1)

alfarovive (1651101) | more than 3 years ago | (#32214994)

The way I see it.... if you designed a car that can scan local wifi spots and linked it with a method to store that information and you then built that machine and set it loose.... kinda like saying "I followed the recipe, put the dough in the oven, but I never thought I'd make a cake."

Kismet Does This Automatically (5, Informative)

docstrange (161931) | more than 3 years ago | (#32215016)

I wonder if they were using "off the shelf" open source tools to collect this information.

By default Kismet will log the pcap file, gps log, alerts, and network log in XML and plaintext.
http://www.kismetwireless.net/documentation.shtml

It is entirely possible that they were using off the shelf open source tools and this log type was simply not turned off in the configuration file.

Re:Kismet Does This Automatically (1)

AHuxley (892839) | more than 3 years ago | (#32215794)

Thats fine for a war driver and a laptop.
Google was mapping cities and the data flow would have been non trivial.
Someone signed for this.

Re:Kismet Does This Automatically (0, Troll)

bonch (38532) | more than 3 years ago | (#32215830)

Shouldn't the biggest internet company in the world know how to configure its network analyzer?

How could half of everyone be so dumb? (1)

Anonymous Coward | more than 3 years ago | (#32215078)

Half the comments on this thread are violently stating: "There is NO WAY that anyone could accidentally collect that kind of data, it must have been on purpose.

The other half of the comments are arguing that there's no way this could have been malicious, because the technology really does make it easy to log the wrong stuff.

Sounds like half the commenters here need to shut their pie-holes. Slashdot is more full of people who are wrong and sure they are right, than a flat-earther convention.

Re:How could half of everyone be so dumb? (1)

AHuxley (892839) | more than 3 years ago | (#32215976)

Half of the commenters know of COINTELPRO, the NSA, the Chruch report, Room 641A ect.
The other half enjoy animated Powell Point press presentations.

Dishonest practice (1)

Bigmilt8 (843256) | more than 3 years ago | (#32215118)

An honest mistake. Wait until they post some companies inter-company information on the public web. Oh wait, they did do that.

The difference with Google's response (1)

KrugalSausage (822589) | more than 3 years ago | (#32215624)

The difference with Google's response is that they find these problems after internal investigations. Most companies require govt. intervention these days. Glad they caught the mistake!

Re:The difference with Google's response (1)

AHuxley (892839) | more than 3 years ago | (#32215926)

After a German newspaper Der Spiegel caught the data collection.
The only internal investigations Google is doing is to find out how they where exposed.
http://www.smh.com.au/technology/technology-news/please-explain-why-google-wants-your-wifi-data-20100513-uyyh.html [smh.com.au]
As for "require govt. intervention" they did not seem to know in Germany, UK, Australia ect.
"Given it was unrelated to Street View, that is accessible to any WiFi-enabled device and that other companies already collect it, we did not think it was necessary. However it's clear with hindsight greater transparency would have been better."

What to do with the current collected data. (0)

Anonymous Coward | more than 3 years ago | (#32216044)

It is easy to say they get the data in the wrong way, but will be the data destroyed?

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...