May 14, 2011, marked the one-year anniversary of Google’s acknowledgment that it breached the trust of the public: Google admitted it had been using its Street View mapping mechanisms to surreptitiously intercept and download 600 gigabytes of personal data from people in 30 countries, including the United States, for the preceding three years.
Google Street View, launched in May 2007, is the technology featured in Google Maps and Google Earth that provides panoramic images from various angles of streets across the world. Using equipment specially equipped on cars, bicycles, and snowmobiles, Street View was only supposed to map streets and neighborhoods to provide location services such as GPS directions. In actuality, Street View gathered much more. Specifically, the service obtained network traffic, unique device IDs, Mac addresses, and service set identifiers (SSIDs) by scanning wireless access (Wi-Fi) communications from Google users and non-users alike.
What Google Took
For at least the past 3 years, Google captured this information and transmitted it back to servers in its corporate offices, where it has been stored. In all this time, Google did not notify consumers of its actions and, to date, consumers have no idea exactly what information the company took. But analysts agree that it was an unprecedented amount of data.
What was stolen? Payload data. Basically, any and everything transmitted over public and private Wi-Fi networks, including email messages, passwords, browsing history, financial information, instant messages, internet searches…everything. So, for almost 4 years, Google routinely and secretly downloaded and mapped all network communications data and private communications hotspots.
How did they do it? Firstly, there are three categories of information that StreetView was engineered to collect from Wi-Fi routers:
1) photographic images that StreetView was designed to capture;
2) payload data and wireless communications information; and
3) location data and identification data about Wi-Fi routers, both public and private.
According to a May 18, 2010, letter by the Electronic Privacy Information Center (EPIC) Executive President Marc Rotenberg, it wasn’t until April 23rd of last year that German Commissioner for Data Protection and Freedom Peter Schaar discovered that Street View vehicles were scanning networks to compile a database of networks and their physical locations for use in “location aware” advertising services, finally alerting the world to what Google was doing.
After first denying that it was stockpiling the public’s payload data, Google ultimately admitted to the public that their information was acquired by its Street View vehicles and is being stored in company databases. Google blamed a “rogue engineer” for designing the Street View mechanisms to go beyond mere Wi-Fi location gathering.
On May 3, 2011, Korean officials conducted a raid of Google’s Seoul offices and seized over 200 computer hard drives. Upon searching the computers, officials discovered the personal information of hundreds of thousands of South Korean citizens obtained by the Street View vehicles.
Google’s acts breached privacy laws across the globe, but to date no country has challenged Google’s assertions that it was the overreaching but accidental act of a “rogue engineer,” and not an intentional business decision. But companies like Sky Hook, Inc., which map the world’s Wi-Fi, aver that there was no need for Google to use such an invasive program to obtain data needed for its GPS location services.
Passive Aggressive Methods
At a Wi-Fi security briefing that I attended hosted by EPIC, a Sky Hook representative explained that there were two approaches to mapping Wi-Fi: active and passive scanning. When a company chooses to use active scanning to map geographic data, the information obtained is specific, tailored, and mostly consists of data needed to locate a specific router. If passive scanning is used, however, then payload data is picked up. Since payload data encompasses everything transmitted over the signal, in essence, one can get access to the full contents of what is happening on the network.
Google used the passive scanning method for almost four years while mapping the world.
The subsequent uproar has since prompted Google to at least temporarily garage its Street View vehicles. However, Google is still able to obtain similar information using its Android smartphone. In fact, a user does not even have to be using the phone for the user’s location, Wi-Fi-transmitted information, and data stored on the phone to be a keystroke away from Google’s peering eyes. Another sad consequence of this design is that a user’s phone will also have a much shorter battery life because of constant data transfer to Google databases when the phone is turned on.
This hasn’t been the company’s only trouble. Google also got into hot water when it tried to enter the social networking field with its Google Buzz application. In an attempt to get Google Buzz off of the ground, Google exposed it customers’ Gmail.com contact information to the public, in violation of Section 5 of the Federal Trade Act.
Internet privacy, especially in the realm of Wi-Fi and smartphone use, needs more protections for consumers. Even if all of Google’s assertions are true and its acts were unintended, we live in a world where large companies like Sony and Amazon have suffered major breaches in security. Adding another major breach – the fact that the mere act of having a router or using Wi-Fi can increase exposure to identity theft if Google is hacked – is a scary proposition.
Fortunately, the Federal Trade Commission (FTC) and the Federal Communications Commission are investigating the Google Buzz and Street View controversies, so hopefully a consumer protection plan will result from these agencies involvement. At present, Google Buzz’s proposed settlement agreement with the FTC, which would apply to all Google products, would:
1) Ban Google for making misrepresentations about privacy;
2) Require Google to notify the public of changes to services that would affect privacy and give them an opt-in choice for privacy changes; and
When asked about the Wi-Spy scandal, CEO Eric Schmidt replied, “no harm, no foul.” But in my humble opinion, there is a very real harm. There is the harm in the fact that many people who have yet to adopt broadband will find it disadvantageous to do so for fear of being unwillingly digitally exposed. There is the fear that a “rogue engineer” can create a program that can obtain our personal information without us being told or having the benefit of any consumer protections.
But I have one question: How are Google’s actions any different from “traditional” identity thieves? Google is stealing the personal information of the public over their Wi-Fi transmissions for its own economic benefit. There must be some intrinsic value in downloading and storing all of our information on their company databases for almost 4 years; if not, then why do it?
In the end, I hope that exposing Google’s act and putting pressure on the company will lead to responsible change and more consumer-friendly means of running its business.
Latoya Livingston is a Washington, D.C.-based attorney with years of experience working in the public and private sector. Attorney Livingston joins MMTC after performing pro bono work for the organization last year.