Google’s WiFi scandal is a good test of Internet activism.
Are activists intellectuals with a special insight into the consequences of
technology? Or are they more like dogs that chase every passing car?
The implication is that Google was able to capture your
personal information as they drove by in their StreetView cars. In fact, the
data they collected is too fragmentary to be useful. Most WiFi is encrypted
(and hence, not eavesdroppable), and even if unencrypted, chances are that StreetView
collected nothing in the few seconds it took to drive by.
In other words, Google had as much chance of capturing your
password/email as they did of taking a picture at the precise moment you
stepped out of your shower with the curtains open. Sure, such events happened a
few thousand times, but this was tiny compared to the billions of homes
StreetView drove past worldwide.
This is the test for Internet privacy activists. They aren’t
intellectuals. They don’t understand the technology of WiFi sniffing. They
don’t understand that what Google collected is worthless. They assume the
worst, about what Google was able to collect, and about Google’s intentions.
It’s funny to watch. Google hasn’t been forthcoming with
details about the WiFi overcollection because they recognize that there is a
witch-hunt going on. Since any rational person should be able to recognize the
overcollected data is worthless, any attack must therefore come from the
lunatic fringe. But this convinces the fringe that there is an important
cover-up. It’s like how the US keeps Area 51 secret (it’s a military base where
they test stealth technology), which convinces the fringe that there is a UFO
cover-up.
You can verify this yourself. Download “BackTrack 5 r2”, the
well-known Linux destro with a bunch of hacking tools. Boot your laptop with
BackTrack and run “Kismet”, then drive around neighborhoods for a few hours.
Then, back home, run the collected data through hacking tools like ‘dsniff’ or
‘ferret’ to see if you got anything useful.
I consider myself an "activist", but I hate being lumped in with the fringe. The road to tyranny is paved with good intentions of
ignorant activists. We should not have laws preventing StreetView from taking
pictures of naked people in their bedrooms, we should instead expect people to
close their curtains. We should not have laws preventing StreetView from
collecting unencrypted data, we should expect people to encrypt. Freedom means
personal responsibility, getting rid of personal responsibility gets rid of
freedom.
Update: Some people have suggested other analogies. One is "lynch mob" instead of "witch hunt". Another is "cry wolf": Google deserves a lot of criticism, but when you attack them for invalid concerns, you destroy your credibility.
Update: You can easily counter the argument of this post by demonstrating how Google can use that overcollected data for evil.
Whether Google was intentionally or unintentionally collecting data is secondary: their data collection was in contravention of privacy and data protection laws around the world. While penalties will vary depending on the jurisdiction, Google broke the law. Plain and simple.
ReplyDeleteAs for the issue of whether Google caught anything sensitive or not: In their analysis of the logs, the privacy commissioner of Canada found that "Although our tests were designed to minimize further privacy intrusions, we were troubled to have found instances of particularly sensitive information, including computer login credentials (i.e., usernames and passwords), the details of legal infractions, and certain medical listings. While the raw data collected by Google would not always allow for perfect identification, the information collected was sufficiently capable of being linked to individuals through data matching or aggregation." (Source: http://www.priv.gc.ca/cf-dc/2011/2011_001_0520_e.asp#summary)
Did Google plan to use this data that they'd collected? I very, very, very much doubt it. I don't buy the conspiracy theories. I think that what happened was unintentional and incredibly unfortunate for all involved. Nevertheless, sensitive information was collected without the consent of Canadians. We cannot simply elide the violation of law by saying 'no intentional harm, no foul' - there are responsibilities for developing and implementing systems in the real world and we cannot give companies a free pass on the basis that they weren't intending on being evil.
I like how you wrote "Linux destroy"
ReplyDeleteMr. Parsons, you miss the point.
ReplyDeleteYes, the Canadian commissioner found instances of "sensitive information", but the point of my post is that they were few and far between, as often as the accidental nude photograph that appears in StreetView pictures. If you don't believe me, drive around your own neighborhood and check for yourself how much sensitive data you get.
It doesn't matter if Google planned to do evil with this data: they didn't collect enough to do anything significant with it.
As for "illegal", the law is unclear, which is why the FCC didn't prosecute. In much the same way you can eavesdrop on CB radio, it's likely that you can eavesdrop on unencrypted communication in the unlicensed bands like 2.4 GHz. Moreover, if it's not legal, it should be, in much the same way it should be legal to look inside somebody's window from the street if they don't close their curtain.
Holy Cow! Someone is rational about the "Google Privacy Debacle"!
ReplyDeleteThe raging anti-corporate idiots that picked up this banner should pause and consider the ramifications on our society if the opposite were true and this (listening to broadcast information) was illegal.
What can I say? All true. Thanks for your comments.
ReplyDelete