Google wi-fi data capture unethical, but not illegal
Google is under global scrutiny for its "accidental" gathering of wi-fi data while driving about photographing the world with its Street View camera cars.
By Tony Bradley
I would argue that even those actions were not technically illegal. If I am out in public with my laptop or iPad, and it detects an available, unencrypted network to connect to, there is no way for me to know whether the owner meant for that network to be private, or if it is intended as a public hotspot. A wireless network is a wireless network, and some devices are configured to connect to any available wireless signal.
Google, however, did not "access" the open networks. It simply intercepted the unencrypted data that businesses and individuals beamed through the air willy-nilly. The data was left in the middle of the street so to speak, and Google gathered it as it drove through collecting photograps.
In Google's case, the legal issues may just be beginning, though. Some countries, like Germany, have a much different opinion of privacy and different laws in place. Even in the United States, there may still be legal avenues for pursuing Google. But, if Google simply collected data that was publicly available, and never even accessed or used the data in any way as they claim, I fail to see where it did anything wrong.
If you want to stay out of the legal gray area, and protect your data you must turn on encryption for your wireless network. WEP encryption is pathetically simple to crack--trivial for anyone interested, but even WEP at least implies that you intended the data to be private. For better protection, you should employ WPA, or better yet WPA-2 encryption.
If you have a business--like a coffee shop or book store--where you want to share a public wireless network, but only with patrons and only under certain conditions, then you should implement some sort of initial notice or login screen that explains the policy for acceptable use of the wi-fi connection.
I am not a lawyer, and I don't play one on TV--or even on the Internet, but the bottom line is that if someone walking or driving by can intercept your unencrypted data as it trespasses into their airspace, it's not your data any more.
You can follow Tony on his Facebook page , or contact him by email at tony_bradley@pcworld.com . He also tweets as @Tony_BradleyPCW .
ESSENTIAL READING
In-depth information on securing mobile devices and wireless networks. Smartphones, tablets, BYOD - policies, technologies and strategies for protecting corporate data and intellectual property.
20 security and privacy apps for Androids and iPhones
What's the most secure smartphone? | BlackBerry vs iOS vs Android
5 policy questions for mobile device security
Bad policy = bad security
5 questions on tablet security
What are the risks, the support requirements, the best security technologies?
Mobile security threats are heating up
Slow firmware updates, poorly vetted apps, and mobile-specific malware mean trouble
Wireless intrusion detection systems
- Modernizing Wireless Infrastructure for Today's Mobile and Data Driven Enterprise
- Forrester Research and EMC on Continuous Availability
- Big Ideas; Big Tech-Continuous Availability for VMware
- Reduce Costs, Maximize Performance and Ensure High Availability of your Business Critical Applications
- Software Asset Management - Program Considerations to Help Reduce Risk and Lower Costs
- Content Analytics Explained
- #FFSec: Infosec pros who bring value to Twitter
Follow these names on Twitter. Together, they make cyberspace a more secure place. (copy and paste) - B-Sides Boston is Saturday
- Leaving CSO, Heading to Akamai
More Salted Hash with Bill Brenner
