Accidental spies

Google’s feeling the heat in Germany and Australia. Co-founder, Sergey Brin, admitted that Google has “screwed up”. I guess that’s what you call it when you hack into 600GB of private wireless data, in over 30 countries, whilst cruising the streets snapping images for the Street View mapping service. Oh, how silly of me: Google “accidentally” managed to capture that 600GB of data, they didn’t intentionally set out to hack into private networks. But Google: I think you’ll find the finger of wire-tapping pointed at you. To appreciate the seriousness of Google’s accidental spying, they were collecting data that potentially includes emails, passwords, Facebook or Twitter updates and Web sites visited. And when you think about it, Google probably knows more about you and me than any Government does and yet Google is not regulated.

This “inadvertent” collection of data has led to Google facing a class action lawsuit, which could see the search engine giant coughing up US$10,000 every time it screws up and collects data from unprotected networks. Two lawsuits have been filed, one in the Oregon federal court and the other in Washington and claim privacy violation pursuant to 18 USC §2511, under which plaintiffs and class members are entitled to $100 a day for each day their data was breached or $10,000 per violation per plaintiff. The two plaintiffs are Vicki Van Valin of Oregon and Neil Mertz of Washington, who claim that their homes’ wireless networks were not password protected and that the Street View vans cruised by their residences at least once. The lawsuit states in part:

“When Google created its data collection systems on its GSV [Google Street View] vehicles, it included wireless packet sniffers that, in addition to collecting the user’s unique or chosen Wi-Fi network name (SSID information), the unique number given to the user’s hardware used to broadcast a user’s WiFi signal (MAC address, the GSV data collection systems also collected data consisting of all or part of any documents, emails, video, audio, and VoIP information being sent over the network by the user [payload data]”.

The plaintiffs successfully applied for a temporary restraining order against Google and this prevents the search giant from deleting the collected data. Valin works for a technology company and works from home a fair bit. This would mean that a significant amount of data Valin sends over her wireless network is subject to her employer’s non-disclosure agreement. This could make things very interesting for Google and, in comparison, Facebook’s ongoing privacy bungles look kinda rosy.

Seems that New Zealand’s Privacy Commissioner is also interested in asking Google a few questions because oh nooooooo, shock, horror, Google accidentally collected data in NZ too. And the only time I’m likely to agree with Australia’s Communications Minister, Stephen “Internet Filter” Conroy, is when he said: “The code that the computer program collects is designed to collect this information..Yes, I’m saying they wrote a piece of code designed to do it….(and that this has been) the largest privacy breach in history across western democracies“.

BTW: don’t you think that Page and Brin are a couple of toothy dudes?

Photo credit: SMH.