Google Street View vans

InReality

Anyone seen this or have any comments on it ?

http://www.independent.ie/business/technology/google-cars-picked-up-private-data-from-homes-2183504.html


I don't understand why the vans were "equipped to collect publicly broadcast SSID information" ????

JohnK

Its a pretty big ****up alright especially given the privacy hastle they've been having in Europe.

As for collecting the SSID's, they were probably collecting those to assist with positioning so you could determine where you are based on the signal strengths of the various wifi networks. This would allow for localised information (search results, ads, weather etc) on devices that dont have GPS and in places where GPS doesnt work all well like heavily built up cities.

Doroteo

Probably just to triangle their position a bit more accurate

BaconZombie

The issue was not the SSID's, it was that they were collecting "payload data", the actual data going over the air.

An in German were they have VERY strict {and illogical} "Hacking" laws they could be in very big trouble....

Dude111

InReality wrote:

I don't understand why the vans were "equipped to collect publicly broadcast SSID information" ????

They probably figured no one would ever find out...

Tim M-U

But at least they were honest and told the data thing, but being a large company 'Google' should have known about this, maybe they did? and taking pictures of strees and people? and broadcasting it to the net, is that not a privacy problem looking at people and broadcasting.. (open to correction).

Saying "We have deleted the information collected has now been deleted" is proberly not good enough, and den once you view der privacy policy on google.ie... don't get me started!

BaconZombie

Ehhh,, No they were not...

They first said it was just SSID and MAC then it come out that it was payload data only.
And all this only came out after "Freedom of Information" request....

And the German Government is not happy with their "We, deleted the data, so all is fine...", since they broke both EU and German laws.

The German Gov have request a copy of ALL the data collected.

Tim M-U wrote: »

But at least they were honest and told the data thing, but being a large company 'Google' should have known about this, maybe they did? and taking pictures of strees and people? and broadcasting it to the net, is that not a privacy problem looking at people and broadcasting.. (open to correction).

Saying "We have deleted the information collected has now been deleted" is proberly not good enough, and den once you view der privacy policy on google.ie... don't get me started!

BaconZombie

The Reg have a good write up on this:

On the instructions of the Irish data protection commissioner, Google destroyed all Wi-Fi data relating to collection in Ireland," read an open letter from Privacy International to the European privacy commissioners earlier this week. "This action has the effect of removing any chance of further legal action of investigation. The action could be seen as collusion to destroy evidence."

http://www.theregister.co.uk/2010/05/21/google_halts_wifi_payload_data_deletion/

JohnK

I cant imagine how they could be taken to task for deleting the Irish data though as it was done at the direction of the Irish data protection commissioner. On the other hand I wonder if there could be a case against the Irish DPC?

ironclaw

How much useful data could you get driving by? Those seconds that your within a viable distance to get some data? Also, most AP's are WEP enabled at the very least, not enough IV's to crack.

I'd say it was merely an SSID and MAC address. SkyHook do the same thing and no one has asked them about it. If they use an agressive scan e.g. Netstumbler as opposed to passive e.g. Kismet they would technically be gleaning data aswell.

Nanny State.

BaconZombie

It's full unencrypted traffic, and with a large aerial {which the Google Vans/Cars had} you can capture the data from a few hundred meters to KM's

ironclaw wrote: »

How much useful data could you get driving by? Those seconds that your within a viable distance to get some data? Also, most AP's are WEP enabled at the very least, not enough IV's to crack.

I'd say it was merely an SSID and MAC address. SkyHook do the same thing and no one has asked them about it. If they use an agressive scan e.g. Netstumbler as opposed to passive e.g. Kismet they would technically be gleaning data aswell.

Nanny State.

ironclaw

BaconZombie wrote: »

It's full unencrypted traffic, and with a large aerial {which the Google Vans/Cars had} you can capture the data from a few hundred meters to KM's

In possibly heavily congested RF bands in cities? A few hundred meters maybe. KM's? I'd have my doubts. We'd also have to consider capturing on 13 channels, at the same time, from multiple sources.

Still, snippets of packets of info, how useful could any of it be? I'd be more worried about usage of public hotspots, MITM Attacks etc that a car collecting wifi data which lets be honest, is more than likely purely to aid A-GPS systems.

[-0-]

This is an outrage. Plain and simple. The Irish Government should really have the same PoV and motives as the German. We told them to delete it before checking what they actually had stored. Ridiculous behaviour! A win for Google with regards to social engineering the Irish Government into doing what they wanted (asking for them to delete the data).

BaconZombie

Knowing Google, the Vans may have had equipment with 20+ radio chips :]

ironclaw wrote: »

In possibly heavily congested RF bands in cities? A few hundred meters maybe. KM's? I'd have my doubts. We'd also have to consider capturing on 13 channels, at the same time, from multiple sources.

Still, snippets of packets of info, how useful could any of it be? I'd be more worried about usage of public hotspots, MITM Attacks etc that a car collecting wifi data which lets be honest, is more than likely purely to aid A-GPS systems.

BaconZombie

Irish Gov:

Please delete the data NOW!!....

Google:

Ok Were leaving Ireland......

Irish Gov:

NNNOOOOO!!!!!!!!

Here's loads of extra grants and we'll even let you re-write the laws if you just stay.......

[-0-] wrote: »

This is an outrage. Plain and simple. The Irish Government should really have the same PoV and motives as the German. We told them to delete it before checking what they actually had stored. Ridiculous behaviour! A win for Google with regards to social engineering the Irish Government into doing what they wanted (asking for them to delete the data).

[-0-]

BaconZombie wrote: »

Irish Gov:

Please delete the data NOW!!....

Google:

Ok Were leaving Ireland......

Irish Gov:

NNNOOOOO!!!!!!!!

Here's loads of extra grants and we'll even let you re-write the laws if you just stay.......

conor.hogan.2

http://www.privacyinternational.org/article.shtml?cmd%5B347%5D=x-347-553964

But as Matt Cutts points out with ample evidence (independent evidence as he did work at Google) they obv have some vendetta against Google for a long time.

http://www.mattcutts.com/blog/privacy-international-loses-all-credibility/

Google did not mean to do this - it is a small privacy breach really.

The amount of data and the range it covers means very little was collected from any one user.