Saturday, March 16, 2013

Google Collects Things People Shouted From Rooftops - Ordered to Pay Someone Else As Punishment

from DailyTech:

Google Ordered to Pay $7 Million to U.S. States for Wi-Fi Snooping Incident

Google is finally settling a three-year investigation this week into a Wi-Fi incident that occurred when compiling data for its mapping service.

Google's Street View mapping cars had accidentally collected personal data, such as home wireless network passwords, between 2008 and 2010. The cars were out collecting images and data for the Street View mapping system in Google Maps, and were using an experimental computer code in the cars' software while doing so. This led to the accidental collection of personal data.

The settlement orders that Google split $7 million among 38 states in the U.S. and the District of Columbia, which were involved in the incident.
Read the rest here.

First off, some background. A few years ago when Google's cars were driving around the country taking the pictures that are now part of the popular "street view" part of Google Maps, the cars were (accidentally, Google says) also taking snapshots of something else. As they were driving around photographing streets, businesses, neighborhoods, apartment buildings, and everything else, the cars also had software running that was recording Wi-Fi signals.

Why did this cause a problem? Because whatever you do with your wireless laptop, smartphone, tablet computer, or anything else that communicates over Wi-Fi could be intercepted and recorded. This is a basic principle of radio communication. This can include instant messages, emails, Web browser requests (like what URL you are visiting)... anything that you do on your Wi-Fi.

Does this creep you out? Well, it shouldn't. Because you should have the sense to do something very basic on your home Wi-Fi: put a password on it. Don't leave your Wi-Fi in the open. When you put a password on your Wi-Fi, it is encrypted, and although traffic can be recorded, it doesn't make any difference... because it's in a code which nobody likely cares enough to try to break. It's secure enough that recording it doesn't make any difference.

On top of that, if you are logging into a site... say, your bank, or your credit card provider... the URL on your Web browser should start with "https://" (and not just "http://" - the "s" is the important part). If it does not, it's time to choose another bank. The "s" means that the bank is encrypting (encoding) all of the communication between you and it, so even if you are on an unprotected Wi-Fi network, your password and other communication is still in a code that is too strong to be worth trying to break.

So despite the fact that most everyone has gotten the clue and set up passwords on their Wi-Fi, and despite the fact that even email services lik Gmail encrypt your password with https://. and despite the fact that Google admits that it recorded the Wi-Fi signals and says it was an accident, and despite the fact that they have promised to erase the recorded information... Google is being told to pay some sort of punitive damages.

But not to the people who had Wi-Fi signals recorded. Not to the individuals. Directly to the states.

How were state governments harmed by this? They weren't. Really, the consumers weren't harmed either. This is a tempest in a teacup. And how does a $7 million settlement teach anything to a $100+ billion company? It doesn't. Google probably contributes that much to the United Way every year. Heck, Google probably spends that much in fuel for the Street View cars every year!

This whole thing is silly. I hope at least part of that settlement with the states goes to pay the salaries for the judge and other people the courts employs to hear cases like this, so none of my taxpayer dollars paid for it.

No comments:

Post a Comment