Yesterday’s revelation that Google’s StreetView cars collected more than just anonymized pictures of buildings and cars (and some comical situations) came as a surprise to many, including regulatory bodies in a number of countries that are now considering miscellaneous lawsuits and penalties, according to the BBC.

Claudiu Popa

 

To wit, the issue was that these ‘photographic cars’ included the ability to sniff wireless data from open networks as they drove around neighbourhoods, so they likely collected the various device and network identifiers along with some snippet of content that happened to be transferred at that particular moment.

People feel violated. Privacy advocates smell blood and lawyers are rubbing their hands in anticipation.

The company has apologized profusely in writing and on television, but the damage has already been done.

Or has it?

 

Let’s see:

  1. Google surreptitiously picked up network data, but that data was as free as AM and FM radio waves, completely unprotected. Ostensibly no encrypted data was ever compromised and Google certainly made no attempts to penetrate anyone’s adequately protected network with or without authorization.
  2. According to Google, and so far there’s no actual evidence to the contrary, there was no malicious intent. Sure, at some early point during the StreetView project Google wanted to offer additional functionality to its users based on the individual router locations but that didn’t happen and they apparently never even realized the additional traffic was being intercepted.
  3. What was so bad about what was done? The network traffic was in the clear so users had no expectation of privacy for those few bytes that were inadvertently intercepted. Nor for any others for that matter.
  4. Google is now securely deleting  – based on regulatory body guidance – the data that it didn’t know it possessed and they’re probably happy about clearing all that hard drive space that had been taken up for the past 3 years.
  5. Where’s the damage? What can be done with the data? Sure, I can blue-sky endlessly about mining the mountains of snippets collected and find a password here and there, but collected information was not (hopefully) left unprotected during these three years, so does anyone really need to over-react here?

 

Apparently so, as Germany’s minister of consumer protection, Ilse Aigner, called this incident “alarming”, which I do not dispute. However, she went on stating that “Google has for years penetrated private networks, apparently illegally” and I think that’s going a bit too far.

What do you think?

About the author:
Claudiu Popa, CISSP, PMP, CISA, CIPP, CRMP is an information security consultant and CEO of Informatica Corporation (www.InformationSecurityCanada.com). Claudiu helps enterprises to understand and mitigate security risks, anticipate and respond to threats, and implement proper security governance. He is the author of the Canadian Privacy and Data Security Toolkit for SME, published by the CICA. Write to him@ClaudiuPopa.com simply contribute your comments to this blog. Follow him on http://Twitter.ClaudiuPopa.com or connect with him on http://LinkedIN.ClaudiuPopa.com.
Share on LinkedIn Share with Google+
  • Hi Claudiu, very thought provoking and entertaining post.

    Would Google have admitted mistakenly collecting unencrypted and private data for 3 years, apologize for it and then delete the data if the company hadn’t been caught?

    People do have to make sure their data is safe. But if companies can be let off easily if they collect your data as long as they didn’t use it — isn’t that like letting intruders enter your home as long as they don’t take anything?

  • Hello,

    “Make your links appear Natural”

    Link Building is one of the most significant aspect of the off page optimization process and is a major determinant of the popularity of your site. For search engines, back links or links pointing to your website indicate that you are ‘hot’ in the online marketplace.

    Link Building is done for:

    1. Improving Page Rank.
    2. Improving the Rankings in search engines.
    3. To increase targeted Traffic to the Site.

    Why choose us?

    The answer is simple! We provide very UNIQUE link building service. It’s not the same as what most SEO companies do:

    Top 18 Benefits of Our Service:

    1. Securing “unidirectional” or only-Incoming (non-reciprocal) links
    2. Links with relevant “Keywords” in the Anchor Text
    3. Links from industry-relevant pages
    4. Links from industry specific article pages
    5. Link to your site should not be through a “redirect” script
    6. No JavaScript links
    7. No links from “framed” pages
    8. No “flash” embedded links
    9. No paid or time-bound links
    10. No email spam used to solicit links.
    11. No links from Link Farms
    12. No links from FFA (Free-For-All) link networks
    13. No links from pornographic and other sites containing offensive content
    14. Full data sheet of links created at the end of each month
    15. Only relevant established links are counted in the final report
    16. No links text nude
    17. No “no follow” links
    18. No more than 80 outgoing links

    However All these benefits leads to one goal: “Increase in Sales”.

    Reports

    *Once your project is completed, will send you a Link Building Report containing
    the URLs of every page where you can see a live working backlinks to your
    website.
    * Any removed links will be replaced for free.
    * During your Link Building Campaign performance, you’ll always be able easily
    Track the progress of your campaign and rankings improve on Google

    Package:
    Our packages are very simple and affordable. We do provide attractive offers on bulk orders.

    Contact us today to know more about our natural link building services with more detail

    Look forward to hearing from you soon,

    Have a nice day ahead

    Thanks and Regards
    Rose Dsuza Online Marketing Manager

    Note : – Though this is not an automated email, we keep on sending out these emails to all those people whom we find eligible of using our services. To unsubscribe from future mails (i.e., to ensure that we do not contact you again for this matter), please send a blank mailto: rsdsuza1@gmail.com email with NO as Subject.

  • Love this article as I am of the opinion that all users of wireless devices should go out of their way to protect their data. Sometimes it is as simple as reading the manual and a yes and no here and there to do this. So Google collects unencrypted data but its a far stretch to call doing so illegal or the lawyers would be onto this like wifi on a blackberry….