Google Releases Wi-Fi Sniffing Audit 198
adeelarshad82 writes "In the wake of the controversy surrounding its Street View data collection processes, Google has published an independent audit of its practices, prompting a London-based privacy group to accuse Google of a 'criminal act.' The report provided some more in-depth, technical details (PDF) about what Google has already admitted to doing: storing wireless data packet information that was collected over unencrypted networks. According to the report, Street View cars collect data sent over wireless networks, and associate this information with data from a GPS unit in the vehicles. The technology used, known as gslite, then parses and stores certain identifying information about these wireless networks to a hard drive. That information includes the MAC address and the SSID amongst other things like e-mails addresses and browser history."
Google also sent a letter to House Energy and Commerce Committee leaders acknowledging their mistake and claiming they have not "conducted an analysis of the payload data in a way that allows us to know exactly what was collected."
Re:Range, Scope. (Score:3, Informative)
Err, not really. The FCC limits the power of transmission, yes, but the Bluetooth Rifle (range 1.1 miles) and even the Pringles Reflector show that you can massively boost range without boosting power. If you want to be fancier, I'm pretty sure the Voyager deep-space probes were using less power than is permitted for WiFi. Ok, the data rates suffered a bit, but then what else is XZ for?
Re:don't broadcast that stuff (Score:3, Informative)
You have a private conversation about your MP3 collection with your friend in the park. A 3rd party picks it up with a mic. Don't broadcast that stuff?
Yes. If you want to have a private conversation, a public park is not the best place for it.
You route your data through your ISP. Your ISP records whatever it wants. Don't broadcast that stuff?
Use SSH/SSL.
You post a comment on Facebook. It's forever in Facebook's database. Don't broadcast that stuff?
The entire purpose of Facebook is to broadcast stuff. I would be very upset if I posted a comment to Facebook and it wasn't immediately available for everyone to see.
Your phone calls are recorded by your phone provider, who gives you a "convenient web-based interface to replay conversations whenever, wherever you want." (Gosh, all email is like this, and people are fine with it.). Don't broadcast that stuff?
The Stored Communications Act places certain statutory legal restrictions on these activities. Phone conversations (when not conducted on a bluetooth headset so loudly that everyone on the bus can hear you) are protected from third-party recording (and, in some states, first-party).
No, the data is really private to you and whoever you intended it for
Here we agree. It's just that you seem to think "intended" means "what recipients you had in mind" not "what recipients you know will be able to read/listen".
If I send Facebook a status update, I must intend for Facebook LLC to receive it.
If I have a conversation in a public place, I must intend for anyone walking by to hear it.
If I paint the outside of my house pink, I must intend for anyone walking by to see it.