• United States



Sniffing open WiFi may be wiretapping judge tells Google

Jul 01, 20114 mins
Data and Information SecurityMicrosoftSecurity

A federal judge ruled that Google can be sued for wiretapping after sniffing open Wi-Fi in Wi-Spy privacy lawsuit about wardriving Street View vehicles.

Looks like Google Street View cars may have been “officially” riding dirty and Google may get slapped hard for its Wi-Spy fiasco. A federal judge did not dismiss the case against Google; instead in the first such decision of its kind, the judge ruled that sniffing open Wi-Fi packets might violate the Federal Wiretap Act.

Remember when intelligence gathering ability was allegedly “going dark” due to the masses moving to VoIP like Skype and the feds had wanted CALEA to require a backdoor so law enforcement can intercept online encrypted communication? Microsoft’s “Legal Intercept” patent to monitor VoIP may be the easy-access eavesdropping the feds were hoping for, but it also wasn’t too long ago when the FBI was seeking Google’s help in wiretapping. It’s doubtful the kind of wiretapping help the FBI wanted would have included when the Internet search giant intercepted packets on non-password-protected Wi-Fi networks. But now Google may be legally liable for wiretapping in regards to the 600GB “payload” of MAC addresses, usernames, emails, passwords and other “private” data gobbled up by Street View mapping vehicles.

U.S. District Judge James Ware ruled, [PDF] “The court finds that plaintiffs plead facts sufficient to state a claim for violation of the Wiretap Act. In particular, plaintiffs plead that defendant intentionally created, approved of, and installed specially-designed software and technology into its Google Street View vehicles and used this technology to intercept plaintiffs’ data packets, arguably electronic communications, from plaintiffs’ personal Wi-Fi networks. Further, plaintiffs plead that the data packets were transmitted over Wi-Fi networks that were configured such that the packets were not readable by the general public without the use of sophisticated packet-sniffer technology.”

Although Google argued the data was “readily accessible to the general public,” because the networks “were ‘open’ and ‘unencrypted'” and should not then qualify as a wiretapping violation, Judge Ware called that claim “misplaced.” This case is important on many levels as it may determine if sniffing open Wi-Fi packets constitutes wiretapping. Sniffing open, unencrypted Wi-Fi is hardly rocket science these days; even the truly clueless can master automated tools like Firesheep and FaceNiff. Whether you leave your wireless network open and unencrypted, or sometimes use such a wireless network at a coffee shop, we should all be paying attention to this to find out if we could be sued for wiretapping.

Google had first claimed it didn’t realize it was wardriving, sniffing and snarfing up data on unsecured Wi-Fi networks in about a dozen countries. Then it claimed the Street View car debacle was a mistake and apologized. Now Google claims the lawsuit is “without merit” as it argued that open Wi-Fi networks were like “radio communications.” Since the judge is not letting Google wiggle off the wiretapping hook that easily, now the company is considering appealing and is “still evaluating our options at this preliminary stage.” I wonder if we’ll see Street View cars rollin’ or if there are too many people hatin’ now?

Like this? Here’s more posts:

  • What happens if you catch a hacker and must deal with the FBI?
  • Microsoft patent may ruin Skype, may make VoIP spy and pry easy for gov’t
  • FBI Dumpster Diving Brigade Coming Soon to Snoop in a Trashcan Near You
  • ‘Secret Law’ of Patriot Act: Geolocation Tracking & Domestic Spying on Steroids?
  • Having private parts is not probable cause for TSA to grope or body scan you
  • FaceNiff Android App Allows the Clueless to Hack Facebook in Seconds Over Wi-Fi
  • Project PM Leaks Dirt on Romas/COIN Classified Intelligence Mass Surveillance
  • Former FBI Agent Turned ACLU Attorney: Feds Routinely Spy on Citizens
  • Microsoft’s automated Future Home, what can go wrong?
  • EFF: Microsoft abusing DMCA to eradicate competing Xbox 360 accessories

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.