Details Of Google Wi-Spy Investigation Show Disorganization And Bad Controls, Rather Than Malicious Spying

from the why-you-don't-use-open-wifi dept

It's been nearly two years since Google revealed that it had been collecting (but not using) some data from unencrypted WiFi networks as it drove around with Google's StreetView vehicles. While the data collection was associated with its efforts to use WiFi networks to help determine location info, it was stupid and looked bad. However, as we've explained repeatedly, the real issue there was simply people not protecting themselves by using encryption on WiFi. The simple fact here is that anyone on those networks could collect the same info easily. In recent weeks, the news came out that not only did the FCC clear Google of breaking the law with the activity, but so did the DOJ. Add that to the FTC investigation that found nothing wrong with the activity, and that's now three federal agencies that have said collecting such data didn't break any laws. The FCC did fine Google $25,000 for not being particularly cooperative -- which does reflect poorly on Google. But the simple fact of the matter is that what Google did in collecting this data isn't illegal. If you don't just kneejerk into "Google's evil" mode and want to understand why, Mike Elgan recently did a nice explainer.

That said, over the weekend, Google released the full FCC report redacting just names -- and even the name of the key engineer has since been revealed. The FCC had released a report that redacted a lot more info. The report reveals a lot more of the background here, and it's giving new ammo to critics, who are insisting that it shows a much more evil situation than had come out before. Specifically, it shows that Marius Milner -- working on Google's famed "20% time" -- came up with the code, and shared the details with some others, including one who debugged the code, and a supervisor. Milner, among other things, helped create NetStumbler, a tool that plenty of folks have used to monitor WiFi networks.

Some are trying to claim that this shows the effort was planned and not an "accident." Though, in actuality, the details still suggest nothing nefarious at all. It was still just this engineer coding it up, rather than some big plan. And yes, he shared the fact with a few others, but none of them seem to have paid much attention or done anything. In fact, while it was suggested to some that such data might be useful, that idea was dropped when people told the engineer that it wouldn't. There still doesn't appear to be a single shred of evidence that Google ever touched this data or did anything with it. Furthermore, the whole reason that three federal agencies all closed their investigation without charging Google with anything is because -- as many people pointed out from the beginning -- nothing illegal was done. Broadcasting your internet connection over an open WiFi network means that anyone can collect that data. That's not illegal. It may be silly for individuals to do that, but the responsibility is on them.

Also, pretty much every mainstream press report on this whole thing totally ignores that Google could not get access to any encrypted data -- meaning that most email, financial transactions, etc were always protected anyway. Instead, lots of reports talk about "emails and passwords," but that's only true if people used insecure sites in the first place -- and, again, they would be just as vulnerable to anyone who wanted to capture that content.

In the end, it's no surprise that Google haters will try to make more of this than is really there -- they have to grasp at whatever straws they can find. However, about the only thing this really seems to show is that Google had ridiculously poor process and controls concerning putting code into live projects. That allowed this code to get in there, without anyone really thinking through the consequences. Google has more or less admitted that these weak controls were a problem in the past and things are better these days. Of course, you can also understand why Google would have loose controls in the first place, seeking to encourage people to be creative (the reason for the 20% time concept in the first place). The problem, of course, is that if you have someone with nefarious intent -- or just tremendous naivete -- bad stuff can occur. In this case, it seems being naive was the key issue, rather than anything nefarious, and with three federal agencies all coming to the same conclusion that no laws were broken, it's pretty bizarre to see people still freaking out about this. It's fine not to trust Google. But that distrust shouldn't lead to simply making up crimes that don't exist.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: doj, encryption, fcc, ftc, streetview, wifi
Companies: google


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Josh in CharlotteNC (profile), 1 May 2012 @ 10:38am

    Loose controls

    However, about the only thing this really seems to show is that Google had ridiculously poor process and controls concerning putting code into live projects.

    If this is a crime, than probably nearly all of the major companies around the world are guilty at one level or another.

    link to this | view in chronology ]

  • identicon
    MrWilson, 1 May 2012 @ 11:31am

    [insert predictable troll comment here about how Mike is a Big Search apologist]

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 1 May 2012 @ 2:11pm

      Re:

      where's bob? he must not have seen this one, yet :-)

      link to this | view in chronology ]

      • identicon
        Enzite Bob, 1 May 2012 @ 6:00pm

        Re: Re:

        I'm right here - smiling ever so wildly. Yes, I'm still in PMITA prison. Big Search ... big search .... big smile.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 1 May 2012 @ 11:35am

    You just hate Freedom©™ , Mike !

    [Trolly enogh?]

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 1 May 2012 @ 11:36am

    I figured it was kind of obvious that Google was innocent when they came forward. No one would have found out otherwise. They could have deleted the data and told no one about it.

    link to this | view in chronology ]

  • icon
    :Lobo Santo (profile), 1 May 2012 @ 11:37am

    Everybody else was doing it, I just wanted to be popular...

    Big Search!

    Big Mike!!

    But, but piracy!

    /amidoingitright?

    link to this | view in chronology ]

  • identicon
    TheStupidOne, 1 May 2012 @ 12:18pm

    I for one was convinced that Google was trying to steal my personal info through wifi sniffing. Google should NEVER have that kind of info and they deserve to be punished.

    Found via Google search in Chrobe browser on my Android phone.
    Call me on my new Google Voice number 123-456-7890!
    email me at totally_fake@gmail.com

    link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 1 May 2012 @ 12:34pm

    Ummm, Mike do you find it difficult type while fellating Eric Schmidt?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 1 May 2012 @ 1:35pm

      Re:

      ...you think fellatio is done with the hands? wtf, eh?

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 1 May 2012 @ 1:46pm

      Re:

      Do you find it difficult to type with imagines of hot man on man action sweating and panting loudly in your head?

      link to this | view in chronology ]

    • icon
      Ninja (profile), 2 May 2012 @ 5:01am

      Re:

      And that was pretty good argumentation on why gathering info on open wi-fi is a crime. Oh wait...

      link to this | view in chronology ]

  • identicon
    DCX2, 1 May 2012 @ 12:44pm

    WiFi and infrared

    I once had a discussion with a colleague where I analogized unintended reception of open WiFi networks to the use of infrared. My colleague insinuated that since SCOTUS ruled that IR search for "grow" houses was a violation of the Fourth amendment, then so should sniffing WiFi.

    However, it was noted in the SCOTUS opinion (forget what it was called - it was pretty recent, last decade or two) that IR searches require tools that are not generally available to the public. This is in stark contrast to WiFi, which is quite prolific and easy for just about anyone to do (pretty much every laptop in the past 10 years and every smart phone can do this).

    Of course, it also ignores a case where the FBI hacked into some guy's computer through his open WiFi.

    link to this | view in chronology ]

    • icon
      John Fenderson (profile), 1 May 2012 @ 1:06pm

      Re: WiFi and infrared

      it also ignores a case where the FBI hacked into some guy's computer through his open WiFi.


      That's a beast of a whole different color. WiFi sniffing involves passively listening to the radio signals. Hacking involves interacting with the WiFi and is actually illegal if access controls were bypassed.

      link to this | view in chronology ]

  • icon
    Torg (profile), 1 May 2012 @ 12:57pm

    "with three federal agencies all coming to the same conclusion that no laws were broken, it's pretty bizarre to see people still freaking out about this."

    While I doubt Google did anything wrong in this case, I don't understand what the legality of their actions has to do with that. How long has the federal government been trustworthy?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 2 May 2012 @ 7:40am

      Re:

      "with three federal agencies all coming to the same conclusion that no laws were broken, it's pretty bizarre to see people still freaking out about this."

      Those angencies are wearing the very precident that these corporate spies are relying upon, and conversely if these spies are found guilty, what precident does that set for the governments spying on its own citizens?

      They are all in cahoots. Technology is driving, governments are riding shotgun, and all of us are systematically being shoved into the trunk by the corporations sitting in the back seat.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 1 May 2012 @ 1:48pm

    Astro-turfing and lobbying are still legal and that doesn't make me any more comfortable about their practice.

    link to this | view in chronology ]

  • identicon
    Unagoogler, 2 May 2012 @ 7:26am

    Malicious Spying?

    Spying in and of itself isn't malicious?

    link to this | view in chronology ]

  • icon
    Jim (profile), 3 May 2012 @ 1:32am

    Hypocrites

    Yep, if anyone else defends a company they are called "fanboys" yet here we are with Google the knight in shinning armor. Well I'm glad your happy for them. Just remember how you feel next you go to call some one a fanboy.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.