Hacker News new | past | comments | ask | show | jobs | submit login

Are you aware that if you don't want Google to use your WiFi name for location based tracking, you have to opt-out by changing your SSID[0]?


EDIT: Added "name" after "WiFi" to try and clarify they're not using your actual WiFi network/bandwidth, just its name to link it with its location for GPS-free location tracking.

A reader emailed to point out that this massive subthread is actually more on topic for https://news.ycombinator.com/item?id=27517547 than it is for https://news.ycombinator.com/item?id=27515230, so we've moved it thence hither.

Isn't the whole point of this comment to alert people who were concerned enough to check the other thread? Seems to defeat the point of it to move it to this thread, even if the comments are more on topic here.

I'm going by memory here, but I think it was the other way around - the comment preceded the other thread.

It did. The other thread creator pointed out they were inspired by my comment to post it.

It's still so incredible to me that someone thought "oh, yeah, let's make people change their SSID explicitly to opt-out of being used by our services, such that it forces them to re-add all of their Wi-Fi devices", and that passed any sort of muster at Google.

Presumably the only reason they picked this strategy is that they know it is such an absolutely ridiculous step that nobody does it.

It's perfectly in line with all of the other Google policies which are thinly disguised versions of "we want your data and if you don't give it to us, we'll punish you."

Simple example, at least in Google Maps on Android. They have some sort of activity tracking.

If you enable that, you can save locations, so that, for example, you can "favorite" your home and your office for easy access.

If you disable activity tracking, you can't save anything.

Those two are totally unrelated, and you're still using Google Maps through your Google account, so there are 0 technical reasons they couldn't just persist your saved locations in the Google Cloud.

They just don't do it to force you to let them track your location.

> They just don't do it to force you to let them track your location.

The final straw for me was when I disabled location services for Google Play Services[1] and the Gmail app, of all things, started nagging me about Google Play Services not having location data. Every time I opened it. Why the fuck does a mail client need location data so badly it has to nag you on every startup?

Oh wait, it doesn't. It's just their most popular app and so the premier spot for a nag screen.

My life's been de-Googled (apart from the odd video on YouTube) since the start of 2018 and my skin feels so much less crawly.

[1] You know, after they pushed all app developers to stop using the GPS APIs and instead get location through Google Play Services, so that you had to 'consent' to Google Play Services getting your location data if you wanted ANYTHING to be able to use location data?

Even opting out in Play Services would not be enough. Because Google tracks SSIDs, your smartphone location can get scooped up if you enable the hotspot feature. You'd have to rename your smartphone in order to opt out.

They do this for every google app on the phone: phone app, messages app, contacts app, chrome etc. They just want your data.

https://wego.here.com/ is a million times better. Because it's not Google, it's free, it's very good, and it doesn't report your location to Google.

I have no skin in this game - I have however been a very satisfied https://wego.here.com/ user since they were Nokia Maps back in 2012.

Massive fan of WeGo but it just told me to take the U2 from Kurfürstenstr. U. Bahn Kurfürstenstr. is U1 and U3...

For car navigation it is quite good. For public transport i suggest you use local apps ( from the local public transport) company.

I clicked the link and was immediately prompted to grant location sharing permissions on my android phone.

It can't exactly do its job without location.

If you just want to look at the map you can say no.

To me the most infuriating practice is that if you don't enable your location when you open google maps they will passive aggressively position your view at the most inconvenient place possibly, some times in the middle of the atlantic, as if they can't tell which city you are in.

Except for IP, which IME is usually ludicrously inaccurate for mobile networks (AT&T’s Sacramento network used to show up, IIRC, as being somewhere in the South Bay in IP-based lookups), doesn't disabling location services disable exactly the facilities they would use to determine what city you are in?

Personally I consider that an odd form of "politeness". It is 'creepy' when you buy a large ticket item and ad networks try to seranade you with a demand you already fuffilled. They can geolocate by IP but instead choose to "look away". I guess they do that because those who aren't familiar with it would be freaked out at how close it got. Geo-IP is mostly just hilarious to me from how they get it off like when loging in to gmail in Pennsylvania saying there was a login attempt from Washington DC.

It shows some respect that you don't want focus on your actual geography but I also do stuff like look at real life places to see how well it matched with my initial imagination.

Ah, yeah. My US ISP had apparently bought a block of IPv4s from a Canadian ISP. aI kept getting redirected to Canadian checkout paths, French language pages, etc, for quite some time.

The large Canadian Telcos (until maybe in the near future) are actually regulated quite heavily to provide sub-services at competitive rates to competitors along their vertical integration. So you can spin up an ISP in Canada, buy capacity off Telus, and provide a decently priced competing product assuming you can undercut their overhead & admin costs.

This change was actually what got me to switch back to iOS from Android. Google can fuck right off with that bullshit

I have all google maps tracking "turned off" in my google settings console and it still allows you to save locations manually.

Yeah, in lists. But there are 2 easy access locations, named "Home", "Work". Try setting those.

The ones you mention are put in lists and you have to navigate to them, about 3 screens.

There's no technical reason why the highest UI real-estate values "Home" and "Work" couldn't be saved independently of the ad settings.

Strange I have activity tracking disabled and can’t still search Home and work to find those respectively.

Are you saying that you can search for those and that was a typo ("can't" instead of "can")?

I just opened up Google Maps on my Android 10 device with activity tracking off. They've changed the UI, now it's sneakier. I can set them and there's a faint gray text underneath that says, and I quote:

"Personal places will be used across Google products, for personalized recommendations, and for more useful ads."

Dark Pattern to the ten thousandth power.

They're literally turning my input of my home and work address as an implicit consent to enable activity tracking (!!!)

Again, there are absolutely 0 technical reasons why the two have to be related. Software of all kinds from the beginning of time has had "saved"/"favorite"/"starred" functionality, without ad tracking related to it.

>Presumably the only reason they picked this strategy is that they know it is such an absolutely ridiculous step that nobody does it.

Oh absolutely.

But to play devil's advocate, your wifi device is basically an always broadcasting radio antenna that rarely moves or changes. And SSIDs are broadcast by design.

It's a digital landmark.

I bet there are a lot of other companies other than google using it too. And even if you used google's opt out, they're not going to care. So opting out is pretty pointless anyway. So while it feels invasive because we lack a sensory organ for radio, your router is constantly broadcasting (advertising?) itself as a part of normal operations. SSIDs aren't private information. It's more akin to an amateur radio callsign, except you can change it at will.

And since they're no consistent convention for naming your wifi there are probably 10,000 "FBI surveillance van"s. The only useful data to an outsider is location.

This was going to be utilized by someone, and probably already is by the NSA. So google doing it is no big surprise.

Again, devil's advocate here, but SSIDs are broadcast on purpose. Sacrificing security for convenience as always when people are involved.

By your logic, your house is a "landmark," so it'd be totally okay to surveil it. I don't think that flies.

Depends what you mean by 'surveiling' really. People seem generally comfortable with the tradeoff of streetview cars taking pictures of their house (the tradeoff being that we then get streetview in g maps).

Perhaps people are comfortable with google using their publically available SSIDs so their android phones get better location info?

Are people really comfortable with it? Or just not given in any choice in the matter and lacking any practical means of stopping them?

Houses can indeed be landmarks. Why are you equating landmarks to surveillance. That makes zero sense. No one is surveilling you through your WiFi SSID.

Except they are: Google undoubtedly uses the set of WiFi networks near you for location-based tracking on Android, even if your GPS is off.

Knowing the location of an SSID is not surveillance

You're right - knowing where something is, is more or less just creating a form of map. But knowing who is where on that map, and when, is surveillance - it's classic PI stuff.

The wiki definition seems to me to fit.

> Surveillance is the monitoring of behavior, activities, or information for the purpose of information gathering, influencing, managing or directing.

I'm trying to think of how one could do this in a way that wasn't even more intrusive? This way Google doesn't have to tie any identifying information about you to your SSID/AP, it can just silently discard the location data about those SSIDs.

Otherwise people could abusively de-register SSIDs by doing the same sort of scanning Google is doing to improve location services, or have to force a user to authenticate and "claim" an SSID, which is much more intrusive.

(disclosure: googler, but not in any way associated with any of this)

Instead of thinking "We can't think of a less intrusive way, so deal with it", how about "We can't think of a less intrusive way, so let's not do it until we do".

I frequently get something like "why would you want to do that" running my unconventional browser settings. It's like people can't even comprehend people don't want to get tracked by FAANG

I'm not sure how "associating a publicly broadcast BSSID with coordinates" is tracking a person.

This is probably related to them getting in trouble for scanning networks while mapping. If I remember correctly they were doing a bit of port scanning and looking for share drives in an attempt to id which SSID was attached to which address. This is probably part of the wrist slap they got from FCC. "Oh well you can totally opt out now so it's ok"

If I have a unique SSID (let's say, my social security number because why not at this point) and I move to a different apartment and keep the same SSID... then Google's effectively tracking a person. If you have basic address/name info you can even pinpoint who owns the SSID.

When you frame it like that it isn't, but that's because you're ignoring the second part of the equation which is "then Google can tell where an Android device is when it sees that BSSID even if its location services are turned off."

Turning WiFi SSIDs in to location data doesn't track people directly, but it does enable the mass surveillance of people's devices, and that's something that's quite reasonable to opt out of.

> even if its location services are turned off


I do not have the source code for my phone and this switch is a SW switch. There is no guarantee that it does what it claims. It's like the mute label in conferencing SW: you cough and the SW tells you that "you are *sic" muted"

>I'm not sure how "associating a publicly broadcast BSSID with coordinates" is tracking a person.

But it's not just that is it? If you log in to a google site from that publicly broadcast BSSID, you will get tracked by association, even if you have your location tracking turned off.

No you won't. What BSSID you're connected to isn't sent by any browser. Browsers (as in all of them, including Firefox, see https://location.services.mozilla.com/ ) will use the visible BSSIDs if the website asks for your location & you approve it, but it's not just silently done automatically. It's part of all the existing location permission & request flows (indeed it's how those work on laptops at all in the first place).

Am I being tinfoil hat grade cynical if my first thought there was "Sure, browsers might not send BSSIDs, but who knows what Android is doing underneath?"

I wouldn't bet against Google being capable of exfiltrating BSSIDs via their broad swathe of 'Google Services' most Android devices are running (and probably most iOS devices too).

Android is reporting your GPS location along with visible BSSIDs, that's how this database is built and updated (so does Apple on iOS).

Both have location privacy controls that govern that, and there's no particular reason to believe they ignore them.

Like I said, I may be overly cynical, but I do have a particular reason to believe the largest surveillance capitalism and advertising company in the world might be ignoring my privacy preferences...

(And Apple might be too, but they've got different motivations and incentives around iOS user privacy that Google for Android users...)

Wifi SSID triangulation is incredibly common & is one of the primary ways phones are able to so reliably & quickly get a fine location, especially indoors.

Apple is also collecting & phoning home all SSIDs with a GPS location that they come across, for example. So is Mozilla for that matter, and Mozilla also uses the same _nomap suffix as Google does ( https://location.services.mozilla.com/optout ). It's how browsers on laptops are able to get a location, which is also true on again both Apple & Microsoft devices as well.

So no, Google can't just opt to not do this at all. Not if they want to be competitive. The entire ecosystem could collectively decide to not build an SSID location database at all, but since SSIDs are not identifying this is going to be a struggle to justify.

No one does triangulation. They do trilateration, which is the version of finding things that uses circles (signal strength is proportional to distance).

That means never doing anything by induction.

> I'm trying to think of how one could do this in a way that wasn't even more intrusive?

Not to do it.

We haven't figured out how to make websites not be able to fingerprint you. Better not use the internet until we do.

We have figured out how to avoid being tracked.

Hide your IP address behind Tor. Transmit identical information as a significant group of people. Don’t store information from websites.

The issue is that degrades the web in ways unrelated to tracking.

>The issue is that degrades the web in ways unrelated to tracking.

And so many sites, and CDNs treat those as hostile by default, and some outright refuse service. It's infuriating as a mere VPN user.

I suspect that this is because a huge amount of traffic coming from those services is abusive.

I know that's the reason we classed all traffic from those sources as suspicious unless they were willing to log in.

The guide says to open Google maps after making the change so that it can propagate. That makes me think it isn't that they ignore _nomaps, it's that they submit their locations to a database and clear the previous data for there. At that point it could just be a webpage that asks you for your location and SSID.

Actually, having read the opt-out method article and knowing the personal data protection law of my country due to professional needs, I can say that what Google is doing is illegal in certain cases here. If Google ends up personal data as defined by law here, which does include present location coupled with name, then that ends up being illegal without a detailed data protection declaration and withdrawable explicit consent granted before ANY data can be collected at all. Intrusivity is not important, convenience must not be allowed to trump legality though.


Well, then nobody would do it. Maybe Google would have to pay them, or give them free stuff.

If Google wants to use other people's stuff for their purposes, they should pay them. Not force them to jump through hoops to avoid Google abusing them.

How would that work? Keep in mind that we are talking about parts of the radio spectrum that were deliberately set aside for unlicensed use, without any sort of registration, centralized control, or reporting on the part of users. So how would Google or any other company know who to pay? Do you want to force users to register their APs, or to include some kind of payment information in wifi beacons? Or are you proposing that new restrictions be added to the ISM rules e.g. forbidding people from monitoring the band without first asking for permission from each station operator (note: this would completely break wifi)?

I think a user registration system would make sense: People who wanted to register their APs are probably using Google Location Services, and the incentive is hence, self-serving. Businesses may want to register their APs to help customers' devices locate themselves at their buildings.

And yes, Google could incentivize people to register in some way. One thing you'll notice is that the most valuable companies in the world seem incredibly reliant on free labor: They take for free what other companies used to pay for or pay staff to create or gather themselves.

I think you misunderstood what "registration" meant in this context. Right now consumer wifi operates in the unlicensed ISM bands, which are parts of the radio spectrum that are set aside for use by the general public without requiring any coordination -- stations can freely interfere with each other's operation as long as they transmit below the legal power limit (which is antenna-dependent). In other words, you are allowed to buy a wifi router, plug it in, set up whatever SSID you want (or no SSID at all for a BSSID-only network) and use it with as many client devices as you want, without having to ask anyone's permission or register your new AP with anyone.

For comparison, take a look at 802.11y, which operates in the 3.6Ghz band, a "lightly" licensed part of the radio spectrum. Before you can set up 802.11y stations you must first register with the FCC (or whatever the equivalent in your country is called) and receive a license, and all your stations must be identifiable (you are not free to choose your SSID). That is already far too much for consumer devices (802.11y is meant for WISPs; it has better propagation characteristics than the unlicensed bands and you are allowed to transmit at higher power), and that is a "lightly" regulated radio band. Typical regulations e.g. the bands used by cell phones require far more coordination with governments -- more paperwork, more money, and many more rules about permissible operations.

Finally, for what it's worth, nobody has ever had to pay anyone for ISM band operations, including just recording transmissions on the band. In fact, if you are using wifi, you have been monitoring and analyzing nearby wifi transmissions this whole time without ever paying anyone -- that is part of the wifi standard. Just connecting to a wifi network means your device is monitoring transmissions from other people. So here is a final bit of snark for you: HOW DARE YOU USE WIFI WITHOUT PAYING YOUR NEIGHBORS?!?!?!?!?!

None of that is stored. Knock it off with your all caps strawman.

1. I clearly said I was being snarky and there was a lot more in what I wrote than a single snarky sentence.

2. I have APs that do collect and store data about nearby wifi stations and transmission patterns as part of a system that improved wireless throughput.

3. What difference does it make if it is being stored?

> 2. I have APs that do collect and store data about nearby wifi stations and transmission patterns as part of a system that improved wireless throughput.

If it's just nearby ones then that's much less of a problem.

> 3. What difference does it make if it is being stored?

Imagine saying that about someone else's telephone call...

Listening out for interference is not at all the same as siphoning up information.

Speaking of strawmen..."siphoning up?" We are talking about a database of wifi beacons (SSID/BSSID) and GPS coordinates for where the beacons were received. It is no different from a database of street addresses and corresponding GPS coordinates. There is no reasonable expectation of privacy for SSIDs or wifi beacons -- everyone knows they can see their neighbor's SSIDs.

You seem to be saying that if an AP stores information about other "nearby" APs there is no problem. What if I am operating thousands of APs across a broad geographic region using a centrally managed AP controller? That is a common practice for large organizations and that is exactly the setting where you see APs collecting and storing information about other wifi stations. Is that not a large enough scale to be a concern? I have to wonder at what point you are drawing the line here. What is an unacceptable scale?

The bigger it gets the less acceptable it is. Even if I can't draw a hard line it doesn't mean everything is the same.

> It is no different from a database of street addresses and corresponding GPS coordinates.

The locations of streets are public records.

> There is no reasonable expectation of privacy for SSIDs or wifi beacons -- everyone knows they can see their neighbor's SSIDs.

Being able to see your neighbor is very different from being able to see everyone's neighbor.

"Street address" refers to the address of an individual home or building here in the US. How is being a matter of public record relevant here? Are you suggesting that there is nothing wrong with a company that queries public records across thousands of municipalities to build a unified database? In any case, that something is a matter of public record is irrelevant because there is no reasonable expectation of privacy to begin with. Even if there were no public records to query, anyone could go out and start creating a map of any town, recording specific details of the locations of any structures they believe to be relevant to their map. It is relatively common to do so because of the inaccuracies and missing information in most public records (e.g. people often make unauthorized modifications to properties, fail to file the proper paperwork after otherwise legal work is completed, report incorrect information, etc.) and it is done at national or even global scale.

I do not see how SSIDs are in different in any meaningful way. We are literally talking about building a map -- a map that includes the locations of SSIDs, to be used as a kind of landmark, no different from a map that includes other landmarks (e.g. "the house with the red siding") that could conceivably be used to help a person identify their position on the map. There is zero expectation of privacy for SSIDs, just like there is zero expectation of privacy for the exterior of your home.

Is there any specific objection beyond, "This is happening at a large scale?"

Those FCC registration records would then be public information.

Would you feel comfortable with your name, address and MAC + SSID of your wireless AP(s) being registered in a public database and the onus on you to keep that registration information up to date every time you changed the SSID or swapped in something with a different MAC address?

I'm not sure I would be.

The ethics around Google's behavior aside - this is a tricky problem to solve.

Edit: Why the downvotes? I'd really like for people that disagree to engage and tell me where I am either wrong or not arguing in good faith. If you believe this is a Google specific problem or somehow an easy problem to solve under the current FCC regulatory regime I'd be happy to hear about it.

There's no need for a database.

Just add the suffix "_optin" to your SSDI and you're opted in.

This is what they're currently requiring for the opt-out, I can't see why the same solution can't be used for opt-in...

I just don't see either approach (opt-in vs opt-out) being workable in practice though.

Taking it to a bit of a silly extreme - what happens when 100 different companies want to use public SSID data? 100 different opt-in codes? 1 code for all? What if I want to allow 5 companies out of that 100 to use that data and exclude the other 95?

Doesn't the exact same argument apply to using an opt-out approach, but much worse?

If two companies use different suffixes, that makes it impossible to opt out of both.

Edit: The only reason this isn't already an issue is because Microsoft made their opt-out work anywhere in the SSID

Free stuff, like a free web browser? Or a free smartphone OS?

If you don't want to be tracked by Google, don't use their software.

Now, if you're having a hard time avoiding their software because it's become a de-facto standard that's a separate problem. The bottom line is that we shouldn't be in a position where we don't have a choice not to use software from Google (or Apple, or Microsoft, etc). As long as these companies are in a position to offer software that can't reasonably be avoided, you should expect them to optimize these offerings at the expense of their users.

But this whole discussion is not about software.

I don't have to use their free browser, their free smartphone OS or even their search engine, but they will still freeload on my Wi-Fi for location tracking and will record my router location without consent, and the only way to opt-out is appending a stupid _nomap to the end of my ID.

That is kind of like saying, "How dare you listen to me when I am shouting my name in public?!" You are broadcasting your SSID on an unlicensed band, all wifi stations in your area have been listening to and analyzing those transmissions, and your wifi stations (APs and client devices) have done the same with all your neighbors' wifi networks. In fact the wifi standard requires more than just monitoring nearby beacons -- wifi stations monitor all wifi frames being transmitted from nearby stations, even those connected to a different AP, to avoid interference.

You don't want anyone to monitor your wifi network? Either don't use wifi, or switch to a band that will not propagate beyond your home (60 ghz).

> "How dare you listen to me when I am shouting my name in public?!"

Listening and putting it in a massive database along with other sensitive data, such as location, are two completely different things, though.

How dare you write down my name, which I was shouting in public, in your diary?! How dare you write down where I was standing when I was shouting my name?! Respect my privacy!

No, it’s more like “how dare you go around and record the license plate of every vehicle observable on the street and put it in a location/time database”.

You’re right that it’s technically public, just like the license plate on a vehicle. However, there is still a privacy expectation that all of that localized data won’t be pulled into a massive database for correlation.

It’s beyond the SSID, using your logic, it would also be fine if Google observed all of the client frames to track the locations of users that don’t use Google services. Randomized MACs aren’t usually used for home WiFi so this is completely feasible and well within your “privacy” framework.

It's also not a fair comparison to equate a database containing the whole world's SSIDs and location data with a personal diary...

Repeating what I said in other comment: What Google is doing is a cool hack and might be fully legit, but it's foolish to claim there's no potential privacy issues in it.

I do not see how there are any privacy concerns here. We are talking about radio broadcasts in a band set aside to be a free-for-all (no licensing, no permissions, no coordination required -- the only limit is on transmitter power). Moreover, people have many options available to them; among other things, you can not use an SSID (BSSID-only wifi networks are common), you can reduce your transmission power and use directional antennas to prevent the signal from propagating beyond your home, you can use the 60Ghz band which will not propagate through walls, and if all else fails, you can just use wired connections. People who want privacy can have it without having to do anything extraordinary.

Wifi is convenient because it is unlicensed and loosely regulated. The price of that convenience is that you have no particular claim to privacy with your wifi transmissions, and everyone knows it -- that is why we encrypt the contents of those transmissions. Building a database of AP locations is not a privacy issue at all -- it is no different from building a database of landmarks (or publishing a travel guide with a list of landmarks in various towns), or for that matter, creating a map by gathering information about roads/buildings/etc.

If there weren't privacy concerns, then the SSID API wouldn't be behind a Location permission toggle for iOS and Android.

It's not just Google doing it - see https://wigle.net/ with over 10B observations. So your privacy would be at risk even if Google didn't collect SSID/location information.

Fundamentally, asking people not to do something has never been a security measure that's worked. You need to implement some tangible, real protections. We already have those in the case of SSIDs, namely, the SSID and AP information aren't accessible to an app without location permissions in modern operating systems.

You are talking about the privacy of a device user, who may want to prevent apps from learning the location of their own device (and that is the point of the location permission). The claimed privacy issue I was responding to has to do with the privacy of the owner of an AP whose SSID is included in the database.

How is this at all a privacy issue for the SSID owner? Are you putting PII in your SSID?

I don’t use their software yet my ssid was tracked and associated with me and others.

This argument “don’t use google” or “don’t use Facebook” is very frustrating because others make this decision for me. If only it was possible to not use these services.

You can transfer lots of information elements in a beacon, you don't need to shit on the SSID.

Okay, now how do users set their devices to transfer this non-standard information in the beacon?

The same way you configure everything? You check a box where you configured your SSID in the first place.

If you run OpenWRT you might have hope for this (assuming the firmware supports it). This would not land in your average consumer router for a few years, if at all.

I mean, if Google was as zealous about standardizing privacy as they are about standardizing ways to track people, Google could get that configuration option introduced to the firmware of most common consumer routers.

It doesn't seem hard to understand. They figured that SSIDs aren't private information, so having any method of opting-out at all is just a courtesy.

SSIDs aren't private information, but it does seem like the natural privacy of scale should apply. I'm ok with people who are nearby being aware of my SSID... does that mean it should be ok for Google to collect millions of SSIDs to use in a profit-generating positioning database?

It seems like it should fall under a regulation similar to photographs. You can take photos of me in a public place and do whatever you want with them until you're using my likeness in a commercial capacity... then you need to ask me first. Opt-out isn't enough, it needs to be opt-in. If that doesn't work for your business then too bad.

Your "SSID privacy" is at risk regardless of whether Google collects information or not: https://wigle.net/

In the end, asking people to please not snoop on you never has and never will be a security measure that works. You need something tangible to protect your privacy, so as to make it virtually impossible.

We already have this. Every modern mobile OS gates the SSID API behind location permissions.

Given such protections, practically speaking, there isn't any problem with SSID being bound to location information.

I'm not asking people to stop snooping. I'm asking for corporations to be barred from profiting off of publicly accessible information that can personally identify me without asking for permission first.

Education, journalism, research and the like fall into a different category... this also applies in the "photographs of people in public spaces" example. WiGLE would still exist in that niche.

How can a SSID:GPS database personally identify you? Give an example, please?

By that definition, IP addresses are also public information. It’s not about the SSID or IP itself, it’s about it being connected to an individual.

Its one of those cases where data becomes dangerous when there's enough of it.

Google knows practically every SSID location in the developed world. Now your Android phone browsing and mapping every SSID it sees as you move about is a reliable "Location mapping" of the user even though they may have no GPS or have it disabled.

You can map a person's movement through cities/towns just based on the SSIDs their device(s) saw as they moved about.

You say that like it’s always a bad thing, but sometimes we actually do want to use our phones to find out our location, and GPS is often slow or doesn’t always work.

The issue here is having control over when your phone looks up your location, not the existence of a database that makes it work.

The existence of that database under the control of a surveillance company is the problem. If Google published the dataset so that many others could use it freely, then they would have an argument that they're just promulgating public data. However, by keeping it to themselves and forcing queries to go through Google (with a bunch of fine print attached), they're agglomerating personal data for their own private purpose.

Isn't that just what companies are all about? Anyone can do it if they want, (it's not like Google has a State defined monopoly), it's just that it isn't worth it to others.

If you want everyone to have that data publicly then have your government do it...

The point is to weigh whether the mass collection of personal data is justified. The reason why it is being done matters - if the data is easy to collect and is merely being format shifted by a curious person, then there clearly isn't much of a barrier to anyone doing the same. Meanwhile a company investing a significant amount to create a proprietary database for their own purposes has much different incentives - cf Google's sorry excuse for an opt out. Furthermore, a published dataset is transparent in that it allows individuals to see exactly what data has been collected about them, act to remove themselves, complain politically, etc, whereas most people will never become aware of the proprietary database.

There are open, crowd-driven databases like Wigle with over 10 billion SSID observations.

I just don't see why this is a problem when apps can't even access your SSID without a location permission.

They're adding value to the public data by organizing into that location search.

I'd think it similar to a journalist reporting on a story. Its public, butthe value they add is private

But in this case (wifi based positioning) it is not at all about tying the SSID to an individual. It's the equivalence of some of us walking around noting SSIDs, and their locations, and some of us saying "can you tell me where I am? I'm currently seeing wifi1, wifi3 and wifi11". Basically mapping part of the global frequency spectrum.

It really isn't a privacy risk when the SSID isn't accessible to apps and services without a location permission. (Unless you are putting PII in your SSID itself, of course, in which case, yeah, no one can help.)

"If you haven't done anything wrong you have nothing to worry about."

SSID are PII, for sure. Its easy to geolocate the AP to a few meters. The fact the information is publicly available (when within physical vicinity) does not make it less so.

Wigle also has opt-out.

At one point they went way farther than that, cracking WEP, etc.:


Yeah, i mean who else would ever do such a thing

https://location.services.mozilla.com/optout https://support.apple.com/en-us/HT207056

Presumably the only reason they picked this strategy is that they know it is such an absolutely ridiculous step that nobody does it.

No, actually, i'm just kidding. Mozilla, for example, literally blames it all on everyone else in their page.

You see, they are forced to do this because everyone else did it!

It sounds a lot like robots.txt

Pretty sure in a few years people will have to name their kids John Notrack Doe as the only way to have FB stop ghosting them.

Being able to prevent that at all would be a massive improvement

Well Judging by the blog a person working in ads recently published it's perfectly fine to throw up these dark patterns and misleading terms in the name of "free internet". And to top it off half of their half million salary is donated so any residing moral debt is taken care off like so.

Just don't broadcast your SSID.

While it still possible for google to probably scan for these I doubt they do.

How would you prove ownership of an SSID otherwise?

> To help apps like Google Maps work better, you can let Google's Location services use your Wi-Fi access point.

Wow, that's pretty nasty. That sentence sure makes it sound like you're opting in, but in fact you have to rename the SSID with a "_nomap" suffix to opt out.

Don't forget to add `_optout` to prevent Windows hoovering it up as well. E.g, `mywifiname_optout_nomap`

I had to look this up to check if it was sarcasm or not.

Apparently it's not, and `_optout` for Windows is real. FML.

Source: https://superuser.com/questions/1005235/wi-fi-opt-out-micros...

At least somebody at Microsoft thought and _optout can be anywhere in the SSID.

Good thing that you don't have to have two specific suffixes at the same time!

I can’t make sense of this. Are you telling me that any Android user with “default” pixel setup will use my SSID for location tracking?

And that if my WiFi shouldn’t be part of Google’s (and Microsoft as well) data collection I need to suffix my SSID with _optout_nomap??

This has to be a joke. Any docs/refs/links?

Your neighbors are currently monitoring your wifi network. That is how wifi works -- we all monitor each other's transmissions to avoid interfering with each other's networks. Most wifi APs will also monitor the ISM bands to find the least-congested channel to use, and will typically do so continuously and change to a different channel as needed. You may also have noticed that when you connect to a new network you start with a list of nearby SSIDs that you can choose from -- do you think looking at that list is a violation of privacy?

Moreover, there are companies that operate large numbers of APs across a broad geographic region, and they may have a centralized system for managing those APs -- which means that they are collecting information about all nearby wifi stations (including client devices) across a broad region in a single place. Do you have a problem with that practice or view that as a violation of privacy?

Radio is not private (except, possibly, cellular services, which may be treated as phone services with legal restrictions on wiretapping), especially when you are talking about unlicensed operation.

Monitoring something in good faith to avoid interfering with it is completely different from performing a mass-gathering of potentially personal identifiable information in the form of MAC, SSID and geographical position and putting it in a database for making money.

What Google is doing is a cool hack and might be fully legit, but it's foolish to claim there's no potential privacy issues in it.

Would you make the same argument about a WISP that monitors wifi beacons across a large geographic region to coordinate its frequency selection for some proprietary wireless protocol used in its backhaul links (which it then makes money on by selling ISP services)?

Broadcasting your SSID from a fixed station means forfeiting privacy rights over the SSID. You have plenty of alternatives to the 2.4Ghz and 5Ghz bands if you are concerned -- 60Ghz equipment is easy to buy and has many advantages, and wired connections are another option. I have zero sympathy for people who are worried about the privacy of their radio transmissions, especially transmissions on the unlicensed bands. Radio by its nature is not private.

As for the monetization issue, is that really the argument here? You have no problem with open-source location databases like OpenWLANMap, which is literally the same thing as Google's database but without any profit motive? That seems pretty weak. Heaven forbid someone should make money doing something that is otherwise unobjectionable...

Its fine, except for the opt-out. I avoid google services in every way possible and as mentioned in another's posters comments, if I am using a google service it is due to the choice of some other service I use. What is ridiculous is the opt out strategy because if n number of companies start doing something like this and I have to keep appending stuff to my ssid name and reconnecting my devices, it now creates an unnecessary burden.

If people want to partake, fine. But don't make it a burden for me to opt out. AND MORE IMPORTANTLY, most people are not tech people and will not even know of this and many are not technically savvy to know how to change their SSID if they even know where to find out how to opt out. Many WAPs around me still have their default ssid from the box from their ISP provided device and probably only WAP because thats that the cable guy had them do when he plugged the box in.

Honestly, this is the equivalent of Google's web crawler. You may not have signed up to have your website indexed by Google's search engine, but it would be impractical and completely unreasonable for Google to have an opt-in web index. Any reasonable person understands that wifi network names are publicly viewable, because it is extremely common to view a list of nearby SSIDs; one need not be a technical expert of any kind to understand that. If you are concerned about the privacy of your wifi beacons you have many options to avoid others receiving the beacons, the most obvious being to not use wifi.

Google should be given credit for offerring an opt-out -- they had zero obligation to do so and there is zero expectation of privacy in this case (it is no different from collecting a database of street addresses -- anyone can drive down a street and write down all the house addresses, and nobody has a right to object to that).

If they limited themselves to their own vehicles you might have a point, but that’s not what their doing.

People should have a reasonable expectation of privacy when their SSID isn’t deductible past their private land. It’s spying cellphones not street vehicles that’s collecting most of this data. And for what benefit?

They get the data from people who have opted in to providing the data to them. https://support.google.com/accounts/answer/3467281?hl=en#loc...

If you don't want them to have data for something which is only detectible on your own land, just turn off Google's location services. Of course, the odds are very high that it's not only detectible on your own land.

Turn off location services isn’t enough. You would also need to never invite anyone over or call a freaking plumber etc.

That’s the problem it isn’t something most people are aware of let alone have much of a choice about. This is Google deciding it’s probably not illegal to spy on people in their own homes.

Sure, their probably not actually listening to conversation, but consider if they where would you consider they where spying if this was the level of consent given?

There is no spying involved. There is no expectation of privacy in data that you broadcast publicly, using public airwaves, which are mandated as public by the laws of literally whatever country you live in.

All Apple devices do this by default as well, and they don't seem to publish an opt-out for it. Possibly they also follow the _nomap suffix as a few others do, but seems more likely they just don't let you opt-out at all.

> If Location Services is on, your iPhone will periodically send the geo-tagged locations of nearby Wi-Fi hotspots and cell towers (where supported by a device) in an anonymous and encrypted form to Apple, to be used for augmenting this crowd-sourced database of Wi-Fi hotspot and cell tower locations.


Mozilla will also respect the Google opt-out suffix for their own WiFi data collection; Apple collects this data too but offers no published way to opt out.

When a user's phone attempts to get a location fix, it will use the beacons which are publicly transmitted by Wifi networks around it (I assume it's the BSSID/MAC address, specifically) to reference against (or update) a Google database mapping those BSSID's to coordinates.

Yes. That is precisely what you're being told. The Google evidence is linked upthread. Although, I've just done a search and it looks like the Microsoft feature that required the "_optout" substring was removed at some point. I'm going to leave it in my SSID for posterity.

Wouldn't it have instead been smarter to just also use _nomap?

In that case, how do I opt in with Microsoft service? Using _optin_nomap?

opting out by adding random strings to your ssid is pretty shady. that's why my wifi scanning startup will require explicit opt-in by adding either "_optout" or "_nomap" to your SSID

And if both are present, you agree to enter the Premium plan

Sheesh. SSIDs can only be 32 characters total. This new 19 character limit after reserving 13 of them doesn't leave a lot of room to play with for the rest of the name. Someone should start looking for an "_internationalization" flag now.

Still have room to opt out from Apple and Amazon, right?

On the plus side, world-wide roaming would be much closer after that.

I'm not sure this one matters to me much. It's something you spew into the public space, and they're just recording the name and where it is. To me it seems no different than your address, or if your door is a certain color, or the color of your house. Zillow likely has a picture of the front of your house if you're in one, and a bunch of other info about it as well.

Changing the SSID to prevent them collecting the info is sort of like hanging a big sign that says "no pictures" to prevent services from taking pictures of your house. It's a little ridiculous to have to do that, but it's also a little ridiculous to expect that people are going to ignore what is publicly visible. Honestly, I'm a little impressed that Google lets you opt out (and Microsoft apparently as someone noted, although with a different suffix).

So I have to change my custom Wi-Fi SSD (something that I like) and add a brain-dead suffix called "_nomap" to prevent Google from tracking me? Who the hell greenlights such changes?

Your router is publicly broadcasting its SSID ("Pretty fly for a WiFi" or whatever). Google Street View cars, Android devices, etc. have noticed the SSID in their vicinity and submitted the SSID with an approximate location to database. Now, when another device using Google's location service is trying determine it's location, it can submit the list of SSIDs (including yours) it can detect to get back a fairly accurate location. If you add "_nomap" to your SSID, Google won't use it; it's crude because broadcasting metadata along with SSIDs isn't a part of the WiFi specs.

I don't see how using public router SSIDs as a landmark is "tracking you." If you use Google location services to determine your location based on your SSID or others, particularly while logged in to a Google account, then in some sense they're tracking you.

My presence on a public street isn't "private" per se, but following me around recording everywhere I go on public streets is definitely tracking me.

Not all wifi networks are stationary. I doubt most people know to add a _nomap to their hotspot name to avoid being tracked.

I always ask why it would not be okay if someone followed you around all day writing down everything you do (like a PI or stalker) but it is okay if some dude named Mark does it to a billion people.

Just like how you're allowed to use peoples images in public but if you only photograph one person and follow them around that's considered stalking and/or harassment.

It's weird to me that with tech we always bring up "well it is public" as if it is the same as our public laws but they aren't. Not only is the degree to which information can be gained substantially higher on the internet, but we have laws that would prevent similar actions in public and it generally considered creepy but the public. The only difference I see is that in public you have a better chance of seeing the person following you than you do online. I'm sure there's some psychology to this: people acting different when being watched through cameras vs in person.

I expect that if an SSID is not associated with a stable location, it's not even stored in the db because it doesn't serve the purpose of being a landmark (or stores it but with "hotspot," based on some heuristic, and therefore unreliable for location mapping).

Doesn't really matter what you expect, they're collecting the data and there's no evidence that they aren't using it to track... so we have to assume they do. Remember they were going as far as collecting data from people's networks using their Google Maps wifi-sniffing vehicles before they were caught.

> we have to assume they do

No we don't.

> collecting data from people's networks using their Google Maps wifi-sniffing vehicles

That was an error due to misconfiguration, failing to discard the data beyond that which identified the network for location mapping.

First link[1] I found says otherwise, unless you consider having a plan to collect and analyze email, phone numbers and other information from the payload data and having internal reviews of the code intended to do just that to be a "configuration error"? People really should stop trusting everything known habitual liars / big corporations say.

[1] https://www.wired.com/2012/05/google-wifi-fcc-investigation/

Thanks, I hadn't seen (or don't recall) those details.

Even that story portrays the payload collection as basically one "rogue" engineer's intention, not a part of a business or project plan. While other engineers accessed the collected payload data later, they may have reasonably assumed that if they had it, someone had ok'd it.

So rather than a coding error, it was an organizational failure to oversee the engineers' work, the FCC's report says as much.

The problem is that they followed the classic of denying everything they could until evidence against it turned up:

1. we didn't do it

2. we did it by accident in small cases

3. we did it by accident in worse cases

4. we did it intentionally but one guy was responsible

5. we did it but it was just one rouge dev. team

Add to that the unredacted report noting that Google kept delaying and hindering the investigation and it is rather clear that "6. we did it and management was neck deep into it" is more likely than not.

> No we don't.

Seems like basic data security to me. If my credit card number (valuable data) is posted to the dark web I have to assume someone will use it and it's insecure. Google has the data, so they can now use it whenever they decide it's valuable. Until I have evidence that it can't be used, I have to assume it's insecure.

How would they know a SSID is not associated with a stable location without tracking where that SSID has been seen?

Good point. It could be a short-term cache only only adds networks to longer-term storage if their relative location doesn't change over a period. Or, what I already wrote, they store it but with "hotspot," based on some heuristic, and therefore unreliable for location mapping.

Android and Windows at least do support some kind of standard of marking WiFi as a hotspot or rate-limited, but I don't know how that works.

In iOS, you can set a WiFi network to Low Data Mode, macOS doesn’t seem to have an option like that.

I don’t think any of these are relevant to the subject of whether Google tracks the movement of hotspots.

So my network just became "Google Listening Post _nomap"...

> Google/Microsoft Listening Post _optout_nomap


To be clear, it was already "Google Listening Post" before I learned of this opt-out thing. The 5GHz network is/was "Facebook Listening Post _nomap"

I find it absurd that we have to put this guff into our own networks just to opt out of the surveillance panopticon.

I think people have been condemned for insults over SSID, so trademarks definitely apply ;)

It's kind of an interesting problem because Google drives cars around and reads the all the networks and saves the location for use later. Even if you don't use Android, just like they took a picture of your front door with their car, they wrote down the name of publicly broadcast networks as they drove by.

Should there be a way to tell the Google cameras to turn off when they drive by, and similarly, to tell the Google wifi setups to ignore our publicly broadcast network?

I imagine they have the right to take pictures from the street and record publicly broadcast names.

It seems like the entire specification of wifi should evolve to natively build these flags into how we manage our wifi, but even then, could we ever prevent a car driving by from reading the name of our SSID and logging the location and name for their personal use?

Perhaps the solution is that we should not publicly broadcast our SSID at all. Like bluetooth, we should "pair" and then stop the broadcast.

>It's kind of an interesting problem because Google drives cars around and reads the all the networks and saves the location for use later.

It's worse than that:


A Google engineer went a step further, however, the F.C.C. report said, and included code to collect unencrypted data sent from homes by computers — e-mails and Internet searches — as specially equipped cars drove by. That data collection occurred from 2007 to 2010.

Google long maintained that the engineer was solely responsible for this aspect of the project, which resulted in official investigations, some still unresolved, in more than a dozen countries. But a complete version of the F.C.C.’s report, released by Google on Saturday, has cast doubt on that explanation, saying that the engineer informed at least one superior and that seven engineers who worked on the code were all in a position to know what was going on.

WiFi beacons are extremely important for good geolocation in buildings and in cities. Are you saying we should get rid of this functionality just to ensure nobody has a database of the physical location of hardware addresses?

Phones already have random hardware addresses, so it's not like your movements are being tracked because of your mobile hotspot.

I didn't make any comment for nor against, I simply stated a fact.

As for my opinion, I have no issue with the collection of the physical location of access points, I take issue with making me litter my chosen SSID with garbage so that I can opt out.

Regarding hotspot, I'm not sure what you mean, none of this discussion is about mobile hotspot.

I wasn't responding to you, but what other way would you choose to opt out? SSID is one of the few things you can adjust on almost any access point.

Hotspots are relevant because they are often personal and they follow you around, so if they didn't randomize their hardware address, then anyone could track your movements.

This is Google's problem to figure out (how we should opt-out, or if it should be a opt-in service), the fact that you are putting the responsibility on the user is crazy in itself. We are talking of a billion dollar company tracking the location of your own router against your will and without permission.

Well, my laptop is currently monitoring the wifi frames my neighbors' devices are transmitting, and I never asked their permission. Their devices are doing the same to mine and they never asked my permission. Your phone is monitoring all wifi frames being transmitted around you, regardless of what network those other wifi stations are connected to. That is part of the wifi standard -- stations try to avoid interfering with each other, and necessissarily monitor each other's transmission without anyone asking for any permission.

Do you want to live in a world where wifi requires permission? Trying tracking down all the people in your area who are using wifi -- I have literally hundreds of wifi stations around me, operated by dozens of different people, and I have no idea who they are or how to contact them. The next time you turn on your laptop, before connecting to a wifi network (by which point you have already recorded transmissions from other wifi networks in the area), try making sure you have everyone's permission -- after all, you would not want to benefit (by being able to use wifi and not having to carry an ethernet cable around) from your device monitoring another person's network if they did not say it was OK!

Most wifi is operated in the unlicensed band, which is meant to be permissionless. That makes it convenient and suitable for consumer applications, and it also means that you have NO right to complain that Google and Microsoft dared to record your wifi beacons without asking your permission.

Why are you singling out Google, though? Mozilla uses the same opt out mechanism, as do the various open databases such as OpenWLANMap.

If you are worried about this, do you realize Google Photos also stores the location of photos of objects, and owners of those objects cannot opt out of this "tracking"?

What pisses me is that a company keeps a list of where OUR beacons are, and uses that for their own products, while not giving back anything in return.

If Google wants to build a database of access points that we all pay for (both the device and its energy consumption), I, at a minimum, want access to a copy of such a database so I can use it too.

> Are you saying we should get rid of this functionality just to ensure nobody has a database of the physical location of hardware addresses?

"Privacy" advocates constantly demand that all of us bear the costs of worse technology just so they can have a little fake relief from their imaginary harms. We're long past the point of diminishing returns in preserving real privacy: now privacy advocacy is all about holiness spiraling.

That said, I don't blame Amazon here: why wouldn't they take advantage of an opportunity to hurt a competitor at no cost to themselves?

Is this any kind of standard? Like if Microsoft comes along and says you need to change your SSID to end in "_noloc" rather than "_nomap" what are you supposed to do?

Close, but no cigar! Microsoft has "_optout", but it can appear anywhere in the SSID. See https://superuser.com/questions/1005235/wi-fi-opt-out-micros...

Mozilla Location Services (and Combain which I think they collaborate with), WiGLE and others use "_nomap", though, so MS seems to walk their own path on this one.

To be fair, they aren't using your WiFi. The SSID is like your house number. Claiming Google using your Wifi when it reads your SSID is like claiming someone is using your toilet because they read your house number off the front of your house.

It's far more unique than your house number. Nobody expects that I can show up directly at their house, if they just say their SSID or simply send me a screenshot of their Android home screen. Just search your SSID [0] and see for yourself.

[0] https://openwifimap.net

> Nobody expects that I can show up directly at their house, if they just say their SSID or simply send me a screenshot of their Android home screen.

(It's not relevant to the discussion but Android home screens show the name of the connected WiFi network?)

Where can someone look up a lat,lng by entering an SSID? It sure doesn't work on the site you cited. It looks like the information that is there was explicitly shared by the router operator.

SSIDs only need to differ from neighbors' SSIDs for convenience, to help tell them apart. If you already have neighbors using a default, like "xfinity", you might not want to choose that to avoid extra hassle when setting up new devices. But if you're concerned about someone learning your SSID and finding a database to map it to a location, can pick a generic manufacturer's SSID of which there will be thousands, if not millions, of devices using the same SSID.

> (It's not relevant to the discussion but Android home screens show the name of the connected WiFi network?)

Yes, nearly always in the top drawer [0], but I've also seen widgets on the home screen or in the status bar.

> Where can someone look up a lat,lng by entering an SSID?

Others already linked it, but https://wigle.net/ allows you to - sorry for linking the wrong map!

> . But if you're concerned about someone learning your SSID and finding a database to map it to a location, can pick a generic manufacturer's SSID of which there will be thousands, if not millions, of devices using the same SSID.

I don't know about the US, but in Germany most manufacturers have an unique appendage to the name, i.e. "Vodafone HomeBox DEHGTN". And the name doesn't have to be totally unique; if you can narrow the location down to a country or even a city (which is usually not that hard if you read someones post history or talk with them) it should suffice.

Also, it's not big when someone is aware of this tracking possibility. The real problem is that most people aren't.

EDIT: Just to prove my point, it took me 2 minutes to find out you're in Massachusetts [1]. If you're SSID is a bit unique, this is probably already sufficient.

[0] First panel in https://www.lifewire.com/thmb/xl-AHFNqlM-WwZ9z0JyAGx3B6Ww=/2...

[1] https://news.ycombinator.com/item?id=27423016

I'm not making any judgement on the practice itself, however, for the purposes of tracking, I suspect they use the BSSID The SSID is just the mutable part so you can opt-out, the actual identifier used is much more likely to be the BSSID which should be universally unique, and is (generally, or at least practically) immutable for any one piece of hardware.

Right, BSSID (i.e. the MAC address of the router's WiFi interface) of an access point, unlike a client, needs to be remain consistent. But that's irrelevant to the threat model I was replying to.

wigle.net returns lat/long for SSID and BSSID (MAC) searches

Now that one more or less works (not really in the map view but I assume there's an API or some other way to use the raw data). If you're trying to maintain your online anonymity, best to not be casual about revealing your SSID. Or don't choose a super-unique one. "Pretty fly for a WiFi" far from generic but there are still hundreds with that name in a single greater metropolitan area.

They're relying on me to keep my wifi up in order to provide their service.

They're relying on EVERYONE to keep them up in order to provide their service.

Essentially, people for a router and to keep it up and running, but it's google that can sell its service, but won't share the database of routers with the people maintaining them.

Was not aware, thank you. Creepy.

Why is it creepy?

It's not. I'm super surprised at the lack of understanding by HNers here. It's like folks here haven't heard of wardriving!?

Open databases with 10B+ observations exist: https://wigle.net/

Furthermore, it doesn't matter that these databases exist, because your SSID is hidden behind the location permission API for basically every OS.

So practically speaking, your SSID being public is meaningless.

Can one make a GPS spoofer with software-defined radio such that Google/Microsoft/Mozilla store the wrong GPS location for your SSID, while not being powerful enough to influence GPS users outside your premises?

Probably, but it would still be illegal (sidenote: IANAL) and they usually don't enter your premise to find your WiFi. So the "easy" no-jail way to do this would be to reduce your transmit power.

Is there a link somewhere that says how they collect that information? If they're geolocating through chrome and building a database out of that I'd consider it a ubusive but if they're just driving around reading brooadcasted wifi ssids and correlating with the vehicles how position I'm not sure that's any worse than using any other landmark.

It's collected by every Android device on the planet which has background scanning enabled. Have neighbours? Have WiFi? Neighbour has GPS on? They can GPS pinpoint your WiFi by signal strength between the devices that "see" it, then correlate that with the GPS from the devices that are allowing it.

I moved home a few years ago, just 200M away, my location in GMaps, when on WiFi remained at my old address 200M away for a good year (I moved my AP with me and kept the SSID).

It was originally all collected by the same vans that did the Google maps street view pictures. Im not sure how it's kept up to date, though.

A few billion Android devices in the wild is how it's kept up to date.

But your telephone can tell them who's connected to that access point and what it's IP address is. Then they suddenly know more.

Any device that has GPS and wifi can contribute data positioning that wifi BSSID. Google has Android which will do that for any device that has opted in (presumably, anyone using the feature for better positioning will participate in the collection). Others use other sources.

Google's (and others) stance is likely that cellular and wifi information is publicly broadcast.

I agree that wifi beacons are publicly broadcast. The issue is no way to use google services that require location without contributing to that data and not being up front about its use.

But all the big companies are abusive in terms of privacy so it seems like it’s par for the course.

I know its not technically a product but it always feels like these sorts of schemes should be illegal tying. Can’t make an iOS app without supporting safari? Should be illegal tying. Can’t use google maps without feeding google information about the wifi networks around you? Should be illegal tying.

I'm not sure that's the case, though? The way I have understood it is that if you opt in to Google's enhanced location (utilizing wifi and cellular APs), you also opt in to the collection of the same.

Personally, I just decline that option and stay with regular GPS. I remember a time before GPS (or Glonass, or Galileo, etc) and I have to say, I think it's just amazing. (I also remember a time with "selected availability", and while I appreciate that that particular veil has been lifted, I am a little bit concerned with the amount of power this gives to the US military. While I am sure Google would be basically an organ of the US military during war, it still feels better that alternatives outside of military power exist).

It’s not clear to me what settings change this, or where I’ve agreed to them. I’ll investigate.

edit: on my pixel this setting for 'google location' was hidden beneath a 'more settings' dropdown in the location setting page. I had no idea it was there. Definitely dark patterns of hiding settings they don't want you to know about. Thanks.

This must be illegal, right?

Why would it be illegal to listen to or record broadcasts in the unlicensed ISM band? In fact monitoring the band is part of the wifi standard itself, as wifi devices are supposed to avoid interfering with each other even if they are not associated to the same AP. Most devices monitor the entire 2.4ghz and 5ghz bands for beacons from APs to give the user a listen of available networks and to support roaming.

The Computer Misuse Act [0] makes it an offence to commit "unauthorised access to computer material". Obviously Google thinks they can get away with it, but it's an entirely reasonable question. I'm not saying what they are doing is illegal, but their approach to tax hardly demonstrates good-faith approach to the law.

[0] https://en.wikipedia.org/wiki/Computer_Misuse_Act_1990

IANAL but the fact that you are using wifi means that you are authorizing others to monitor everything you transmit -- that is literally in the wifi standard. It is also worth pointing out that no computers are being "accessed" here, we are talking about recording the wifi beacons that APs broadcast (also part of the standard), so the only relevant laws should be those governing radio equipment. Even if we wanted a world of tightly controlled access to radio receivers (again, we are talking about recording and not about transmitting), the ISM bands that wifi uses were specifically set aside for unlicensed use by the general public.

The fact is that your ability to simply plug in a wifi router and use it with any devices you want, without having to coordinate with anyone or buy a SIM card or whatever else, comes with the understanding that anyone else can monitor your wifi network for any purpose (and in fact this is a requirement of the wifi standard). If monitoring someone's wifi transmissions required their explicitly approval, nobody would be able to use wifi -- every time you moved your phone from one place to another, you would first need permission from every wifi station operator to monitor their transmissions before your phone could use wifi (you would not even be able to join a network you had previously used, because doing so requires your phone to listen to beacons being transmitted by nearby APs).

I'm not going to guess the foibles of law, especially the British courts.

But the intention of accessing your network for the purposes of choosing a network you're authorized to use is different from connecting to networks you know you do not have authorization to use, and then for a purpose that a reasonable person wouldn't expect would be assumed.

I.e. I think it's reasonable to expect that I grant permission to my neighbours and passers-by to access my network for the purpose of choosing their own network. I don't expect that they will be adding my address to a data-set.

And maybe individuals do speculatively connect to random networks, but that's different to doing it at an industrial scale.

Except that nobody is connecting to a network without permission. Again, we are talking about monitoring radio transmissions (wifi beacons) in an unlicensed band. You do not need to connect to a wifi network to receive beacons from the AP, those are transmitted periodically as part of the normal operation of the AP.

You seem to be hung up on what is being done with the recorded beacons, but we are talking about the unlicensed band, so you have no reasonable expectations about what is being done by anyone. That is the point of the unlicensed band. It is meant to be a free-for-all, which is the only thing that is suitable for consumer applications (imagine if every phone, laptop, router, drone, microwave oven, baby monitor, etc. you purchased required you to get permission from everyone around you before it could be used).

Not hung up, just interested in exploring it. Thanks for the info, I'd assumed that the SSID broadcast was done on the same band as the actual network communications.

It is broadcast on the same band as the communications, which is almost always in an unlicensed band (if your wifi network used a licensed band you would know -- you would have had to fill out a bunch of paperwork and pay a fee for your license). The point here is that anyone can monitor your wifi transmissions, not just the AP beacons, for any purpose.

Why would collecting publicly advertised information be illegal?

Lots of publicly available information is illegal to collect, for copyright reasons, privacy reasons, security reasons, etc.

Do you really want to make passive wardriving illegal? Literally anybody who sets up a wifi system has probably seen the list of other people's networks within a some-meter radius. How could you possibly think there's a reasonable expectation of privacy with your SSIDs?

I did not say I want to make it illegal, just pointing out that it’s not some completely bizarre idea.

I think it would be reasonable to have various restrictions on all kinds of large scale datasets, especially when they include data that is easy to connect to individuals, and especially when it was not compiled with their explicit (informed, opt-in) consent. This includes public information such as what I’m wearing, where I am at what times, when and where my wifi is on.

I'd think there's a difference between use and abuse

I get your sentiment, but there is a big difference between that information being publicly available somewhere and someone building a centralized private database of it.

At least, IF you assume that e.g. "database copyright" serves a valid purpose, then you could make a similar case here that the collection of all these data points is qualitatively different from collecting any single data point.

Note: I used a capital "IF" up there because I do have issues with database copyright. But that's the world we live in...

If they did the same tracking but to other phones instead of access points would that cross a line?

Are you uncomfortable with the idea of someone monitoring the ISM band and collecting information about what is being transmitted and by which stations? If so, maybe you should stop using wifi, since that is actually part of the wifi standard (your phone is literally monitoring transmissions on your neighbors' wifi networks to avoid interference).

The same way you cannot photograph people on the street and collect their facial image for processing.

They publicly advertise their face though, right?

Just the fact that information is available, it does not imply there is a consent for 3rd party to do anything with it.

Except you can? The courts (in the US) have consistently ruled that you have no expectation of privacy in the public square. ALPRs on police cars are perfectly legal if there’s no laws prohibiting them.

Sure, take a picture of someone, so his or her face is the main content of the picture and start posting it everywhere (it's your picture so you can do whatever you want, right?).

> ALPRs on police cars

Government is usually exempt from those things or have license.

Why wouldn't I want my wifi beacon used for geolocation? Good geolocation helps everyone. What exactly is the harm that Google is perpetuating here? This SSID stuff is a great example of something that sounds sinister when presented in vague and ominous terms by "privacy" advocates but is actually benign if you think about it for five minutes.

Applications are open for YC Winter 2022

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact