EDIT: Added "name" after "WiFi" to try and clarify they're not using your actual WiFi network/bandwidth, just its name to link it with its location for GPS-free location tracking.
Presumably the only reason they picked this strategy is that they know it is such an absolutely ridiculous step that nobody does it.
If you enable that, you can save locations, so that, for example, you can "favorite" your home and your office for easy access.
If you disable activity tracking, you can't save anything.
Those two are totally unrelated, and you're still using Google Maps through your Google account, so there are 0 technical reasons they couldn't just persist your saved locations in the Google Cloud.
They just don't do it to force you to let them track your location.
The final straw for me was when I disabled location services for Google Play Services and the Gmail app, of all things, started nagging me about Google Play Services not having location data. Every time I opened it. Why the fuck does a mail client need location data so badly it has to nag you on every startup?
Oh wait, it doesn't. It's just their most popular app and so the premier spot for a nag screen.
My life's been de-Googled (apart from the odd video on YouTube) since the start of 2018 and my skin feels so much less crawly.
 You know, after they pushed all app developers to stop using the GPS APIs and instead get location through Google Play Services, so that you had to 'consent' to Google Play Services getting your location data if you wanted ANYTHING to be able to use location data?
I have no skin in this game - I have however been a very satisfied https://wego.here.com/ user since they were Nokia Maps back in 2012.
If you just want to look at the map you can say no.
It shows some respect that you don't want focus on your actual geography but I also do stuff like look at real life places to see how well it matched with my initial imagination.
The ones you mention are put in lists and you have to navigate to them, about 3 screens.
There's no technical reason why the highest UI real-estate values "Home" and "Work" couldn't be saved independently of the ad settings.
I just opened up Google Maps on my Android 10 device with activity tracking off. They've changed the UI, now it's sneakier. I can set them and there's a faint gray text underneath that says, and I quote:
"Personal places will be used across Google products, for personalized recommendations, and for more useful ads."
Dark Pattern to the ten thousandth power.
They're literally turning my input of my home and work address as an implicit consent to enable activity tracking (!!!)
Again, there are absolutely 0 technical reasons why the two have to be related. Software of all kinds from the beginning of time has had "saved"/"favorite"/"starred" functionality, without ad tracking related to it.
But to play devil's advocate, your wifi device is basically an always broadcasting radio antenna that rarely moves or changes. And SSIDs are broadcast by design.
It's a digital landmark.
I bet there are a lot of other companies other than google using it too. And even if you used google's opt out, they're not going to care. So opting out is pretty pointless anyway. So while it feels invasive because we lack a sensory organ for radio, your router is constantly broadcasting (advertising?) itself as a part of normal operations. SSIDs aren't private information. It's more akin to an amateur radio callsign, except you can change it at will.
And since they're no consistent convention for naming your wifi there are probably 10,000 "FBI surveillance van"s. The only useful data to an outsider is location.
This was going to be utilized by someone, and probably already is by the NSA. So google doing it is no big surprise.
Again, devil's advocate here, but SSIDs are broadcast on purpose. Sacrificing security for convenience as always when people are involved.
Perhaps people are comfortable with google using their publically available SSIDs so their android phones get better location info?
The wiki definition seems to me to fit.
> Surveillance is the monitoring of behavior, activities, or information for the purpose of information gathering, influencing, managing or directing.
Otherwise people could abusively de-register SSIDs by doing the same sort of scanning Google is doing to improve location services, or have to force a user to authenticate and "claim" an SSID, which is much more intrusive.
(disclosure: googler, but not in any way associated with any of this)
Turning WiFi SSIDs in to location data doesn't track people directly, but it does enable the mass surveillance of people's devices, and that's something that's quite reasonable to opt out of.
But it's not just that is it? If you log in to a google site from that publicly broadcast BSSID, you will get tracked by association, even if you have your location tracking turned off.
I wouldn't bet against Google being capable of exfiltrating BSSIDs via their broad swathe of 'Google Services' most Android devices are running (and probably most iOS devices too).
Both have location privacy controls that govern that, and there's no particular reason to believe they ignore them.
(And Apple might be too, but they've got different motivations and incentives around iOS user privacy that Google for Android users...)
Apple is also collecting & phoning home all SSIDs with a GPS location that they come across, for example. So is Mozilla for that matter, and Mozilla also uses the same _nomap suffix as Google does ( https://location.services.mozilla.com/optout ). It's how browsers on laptops are able to get a location, which is also true on again both Apple & Microsoft devices as well.
So no, Google can't just opt to not do this at all. Not if they want to be competitive. The entire ecosystem could collectively decide to not build an SSID location database at all, but since SSIDs are not identifying this is going to be a struggle to justify.
Not to do it.
Hide your IP address behind Tor. Transmit identical information as a significant group of people. Don’t store information from websites.
The issue is that degrades the web in ways unrelated to tracking.
And so many sites, and CDNs treat those as hostile by default, and some outright refuse service. It's infuriating as a mere VPN user.
I know that's the reason we classed all traffic from those sources as suspicious unless they were willing to log in.
And yes, Google could incentivize people to register in some way. One thing you'll notice is that the most valuable companies in the world seem incredibly reliant on free labor: They take for free what other companies used to pay for or pay staff to create or gather themselves.
For comparison, take a look at 802.11y, which operates in the 3.6Ghz band, a "lightly" licensed part of the radio spectrum. Before you can set up 802.11y stations you must first register with the FCC (or whatever the equivalent in your country is called) and receive a license, and all your stations must be identifiable (you are not free to choose your SSID). That is already far too much for consumer devices (802.11y is meant for WISPs; it has better propagation characteristics than the unlicensed bands and you are allowed to transmit at higher power), and that is a "lightly" regulated radio band. Typical regulations e.g. the bands used by cell phones require far more coordination with governments -- more paperwork, more money, and many more rules about permissible operations.
Finally, for what it's worth, nobody has ever had to pay anyone for ISM band operations, including just recording transmissions on the band. In fact, if you are using wifi, you have been monitoring and analyzing nearby wifi transmissions this whole time without ever paying anyone -- that is part of the wifi standard. Just connecting to a wifi network means your device is monitoring transmissions from other people. So here is a final bit of snark for you: HOW DARE YOU USE WIFI WITHOUT PAYING YOUR NEIGHBORS?!?!?!?!?!
2. I have APs that do collect and store data about nearby wifi stations and transmission patterns as part of a system that improved wireless throughput.
3. What difference does it make if it is being stored?
If it's just nearby ones then that's much less of a problem.
> 3. What difference does it make if it is being stored?
Imagine saying that about someone else's telephone call...
Listening out for interference is not at all the same as siphoning up information.
You seem to be saying that if an AP stores information about other "nearby" APs there is no problem. What if I am operating thousands of APs across a broad geographic region using a centrally managed AP controller? That is a common practice for large organizations and that is exactly the setting where you see APs collecting and storing information about other wifi stations. Is that not a large enough scale to be a concern? I have to wonder at what point you are drawing the line here. What is an unacceptable scale?
> It is no different from a database of street addresses and corresponding GPS coordinates.
The locations of streets are public records.
> There is no reasonable expectation of privacy for SSIDs or wifi beacons -- everyone knows they can see their neighbor's SSIDs.
Being able to see your neighbor is very different from being able to see everyone's neighbor.
I do not see how SSIDs are in different in any meaningful way. We are literally talking about building a map -- a map that includes the locations of SSIDs, to be used as a kind of landmark, no different from a map that includes other landmarks (e.g. "the house with the red siding") that could conceivably be used to help a person identify their position on the map. There is zero expectation of privacy for SSIDs, just like there is zero expectation of privacy for the exterior of your home.
Is there any specific objection beyond, "This is happening at a large scale?"
Would you feel comfortable with your name, address and MAC + SSID of your wireless AP(s) being registered in a public database and the onus on you to keep that registration information up to date every time you changed the SSID or swapped in something with a different MAC address?
I'm not sure I would be.
The ethics around Google's behavior aside - this is a tricky problem to solve.
Edit: Why the downvotes? I'd really like for people that disagree to engage and tell me where I am either wrong or not arguing in good faith. If you believe this is a Google specific problem or somehow an easy problem to solve under the current FCC regulatory regime I'd be happy to hear about it.
Just add the suffix "_optin" to your SSDI and you're opted in.
This is what they're currently requiring for the opt-out, I can't see why the same solution can't be used for opt-in...
Taking it to a bit of a silly extreme - what happens when 100 different companies want to use public SSID data? 100 different opt-in codes? 1 code for all? What if I want to allow 5 companies out of that 100 to use that data and exclude the other 95?
If two companies use different suffixes, that makes it impossible to opt out of both.
Edit: The only reason this isn't already an issue is because Microsoft made their opt-out work anywhere in the SSID
If you don't want to be tracked by Google, don't use their software.
Now, if you're having a hard time avoiding their software because it's become a de-facto standard that's a separate problem. The bottom line is that we shouldn't be in a position where we don't have a choice not to use software from Google (or Apple, or Microsoft, etc). As long as these companies are in a position to offer software that can't reasonably be avoided, you should expect them to optimize these offerings at the expense of their users.
I don't have to use their free browser, their free smartphone OS or even their search engine, but they will still freeload on my Wi-Fi for location tracking and will record my router location without consent, and the only way to opt-out is appending a stupid _nomap to the end of my ID.
You don't want anyone to monitor your wifi network? Either don't use wifi, or switch to a band that will not propagate beyond your home (60 ghz).
Listening and putting it in a massive database along with other sensitive data, such as location, are two completely different things, though.
You’re right that it’s technically public, just like the license plate on a vehicle. However, there is still a privacy expectation that all of that localized data won’t be pulled into a massive database for correlation.
It’s beyond the SSID, using your logic, it would also be fine if Google observed all of the client frames to track the locations of users that don’t use Google services. Randomized MACs aren’t usually used for home WiFi so this is completely feasible and well within your “privacy” framework.
Repeating what I said in other comment: What Google is doing is a cool hack and might be fully legit, but it's foolish to claim there's no potential privacy issues in it.
Wifi is convenient because it is unlicensed and loosely regulated. The price of that convenience is that you have no particular claim to privacy with your wifi transmissions, and everyone knows it -- that is why we encrypt the contents of those transmissions. Building a database of AP locations is not a privacy issue at all -- it is no different from building a database of landmarks (or publishing a travel guide with a list of landmarks in various towns), or for that matter, creating a map by gathering information about roads/buildings/etc.
It's not just Google doing it - see https://wigle.net/ with over 10B observations. So your privacy would be at risk even if Google didn't collect SSID/location information.
Fundamentally, asking people not to do something has never been a security measure that's worked. You need to implement some tangible, real protections. We already have those in the case of SSIDs, namely, the SSID and AP information aren't accessible to an app without location permissions in modern operating systems.
This argument “don’t use google” or “don’t use Facebook” is very frustrating because others make this decision for me. If only it was possible to not use these services.
It seems like it should fall under a regulation similar to photographs. You can take photos of me in a public place and do whatever you want with them until you're using my likeness in a commercial capacity... then you need to ask me first. Opt-out isn't enough, it needs to be opt-in. If that doesn't work for your business then too bad.
In the end, asking people to please not snoop on you never has and never will be a security measure that works. You need something tangible to protect your privacy, so as to make it virtually impossible.
We already have this. Every modern mobile OS gates the SSID API behind location permissions.
Given such protections, practically speaking, there isn't any problem with SSID being bound to location information.
Education, journalism, research and the like fall into a different category... this also applies in the "photographs of people in public spaces" example. WiGLE would still exist in that niche.
Google knows practically every SSID location in the developed world. Now your Android phone browsing and mapping every SSID it sees as you move about is a reliable "Location mapping" of the user even though they may have no GPS or have it disabled.
You can map a person's movement through cities/towns just based on the SSIDs their device(s) saw as they moved about.
The issue here is having control over when your phone looks up your location, not the existence of a database that makes it work.
If you want everyone to have that data publicly then have your government do it...
I just don't see why this is a problem when apps can't even access your SSID without a location permission.
I'd think it similar to a journalist reporting on a story. Its public, butthe value they add is private
Wigle also has opt-out.
No, actually, i'm just kidding. Mozilla, for example, literally blames it all on everyone else in their page.
You see, they are forced to do this because everyone else did it!
While it still possible for google to probably scan for these I doubt they do.
Wow, that's pretty nasty. That sentence sure makes it sound like you're opting in, but in fact you have to rename the SSID with a "_nomap" suffix to opt out.
Apparently it's not, and `_optout` for Windows is real. FML.
Good thing that you don't have to have two specific suffixes at the same time!
And that if my WiFi shouldn’t be part of Google’s (and Microsoft as well) data collection I need to suffix my SSID with _optout_nomap??
This has to be a joke. Any docs/refs/links?
Moreover, there are companies that operate large numbers of APs across a broad geographic region, and they may have a centralized system for managing those APs -- which means that they are collecting information about all nearby wifi stations (including client devices) across a broad region in a single place. Do you have a problem with that practice or view that as a violation of privacy?
Radio is not private (except, possibly, cellular services, which may be treated as phone services with legal restrictions on wiretapping), especially when you are talking about unlicensed operation.
What Google is doing is a cool hack and might be fully legit, but it's foolish to claim there's no potential privacy issues in it.
Broadcasting your SSID from a fixed station means forfeiting privacy rights over the SSID. You have plenty of alternatives to the 2.4Ghz and 5Ghz bands if you are concerned -- 60Ghz equipment is easy to buy and has many advantages, and wired connections are another option. I have zero sympathy for people who are worried about the privacy of their radio transmissions, especially transmissions on the unlicensed bands. Radio by its nature is not private.
As for the monetization issue, is that really the argument here? You have no problem with open-source location databases like OpenWLANMap, which is literally the same thing as Google's database but without any profit motive? That seems pretty weak. Heaven forbid someone should make money doing something that is otherwise unobjectionable...
If people want to partake, fine. But don't make it a burden for me to opt out. AND MORE IMPORTANTLY, most people are not tech people and will not even know of this and many are not technically savvy to know how to change their SSID if they even know where to find out how to opt out. Many WAPs around me still have their default ssid from the box from their ISP provided device and probably only WAP because thats that the cable guy had them do when he plugged the box in.
Google should be given credit for offerring an opt-out -- they had zero obligation to do so and there is zero expectation of privacy in this case (it is no different from collecting a database of street addresses -- anyone can drive down a street and write down all the house addresses, and nobody has a right to object to that).
People should have a reasonable expectation of privacy when their SSID isn’t deductible past their private land. It’s spying cellphones not street vehicles that’s collecting most of this data. And for what benefit?
If you don't want them to have data for something which is only detectible on your own land, just turn off Google's location services. Of course, the odds are very high that it's not only detectible on your own land.
That’s the problem it isn’t something most people are aware of let alone have much of a choice about. This is Google deciding it’s probably not illegal to spy on people in their own homes.
Sure, their probably not actually listening to conversation, but consider if they where would you consider they where spying if this was the level of consent given?
> If Location Services is on, your iPhone will periodically send the geo-tagged locations of nearby Wi-Fi hotspots and cell towers (where supported by a device) in an anonymous and encrypted form to Apple, to be used for augmenting this crowd-sourced database of Wi-Fi hotspot and cell tower locations.
On the plus side, world-wide roaming would be much closer after that.
Changing the SSID to prevent them collecting the info is sort of like hanging a big sign that says "no pictures" to prevent services from taking pictures of your house. It's a little ridiculous to have to do that, but it's also a little ridiculous to expect that people are going to ignore what is publicly visible. Honestly, I'm a little impressed that Google lets you opt out (and Microsoft apparently as someone noted, although with a different suffix).
I don't see how using public router SSIDs as a landmark is "tracking you." If you use Google location services to determine your location based on your SSID or others, particularly while logged in to a Google account, then in some sense they're tracking you.
Not all wifi networks are stationary. I doubt most people know to add a _nomap to their hotspot name to avoid being tracked.
Just like how you're allowed to use peoples images in public but if you only photograph one person and follow them around that's considered stalking and/or harassment.
It's weird to me that with tech we always bring up "well it is public" as if it is the same as our public laws but they aren't. Not only is the degree to which information can be gained substantially higher on the internet, but we have laws that would prevent similar actions in public and it generally considered creepy but the public. The only difference I see is that in public you have a better chance of seeing the person following you than you do online. I'm sure there's some psychology to this: people acting different when being watched through cameras vs in person.
No we don't.
> collecting data from people's networks using their Google Maps wifi-sniffing vehicles
That was an error due to misconfiguration, failing to discard the data beyond that which identified the network for location mapping.
Even that story portrays the payload collection as basically one "rogue" engineer's intention, not a part of a business or project plan. While other engineers accessed the collected payload data later, they may have reasonably assumed that if they had it, someone had ok'd it.
So rather than a coding error, it was an organizational failure to oversee the engineers' work, the FCC's report says as much.
1. we didn't do it
2. we did it by accident in small cases
3. we did it by accident in worse cases
4. we did it intentionally but one guy was responsible
5. we did it but it was just one rouge dev. team
Add to that the unredacted report noting that Google kept delaying and hindering the investigation and it is rather clear that "6. we did it and management was neck deep into it" is more likely than not.
Seems like basic data security to me. If my credit card number (valuable data) is posted to the dark web I have to assume someone will use it and it's insecure. Google has the data, so they can now use it whenever they decide it's valuable. Until I have evidence that it can't be used, I have to assume it's insecure.
I don’t think any of these are relevant to the subject of whether Google tracks the movement of hotspots.
I find it absurd that we have to put this guff into our own networks just to opt out of the surveillance panopticon.
Should there be a way to tell the Google cameras to turn off when they drive by, and similarly, to tell the Google wifi setups to ignore our publicly broadcast network?
I imagine they have the right to take pictures from the street and record publicly broadcast names.
It seems like the entire specification of wifi should evolve to natively build these flags into how we manage our wifi, but even then, could we ever prevent a car driving by from reading the name of our SSID and logging the location and name for their personal use?
Perhaps the solution is that we should not publicly broadcast our SSID at all. Like bluetooth, we should "pair" and then stop the broadcast.
It's worse than that:
A Google engineer went a step further, however, the F.C.C. report said, and included code to collect unencrypted data sent from homes by computers — e-mails and Internet searches — as specially equipped cars drove by. That data collection occurred from 2007 to 2010.
Google long maintained that the engineer was solely responsible for this aspect of the project, which resulted in official investigations, some still unresolved, in more than a dozen countries. But a complete version of the F.C.C.’s report, released by Google on Saturday, has cast doubt on that explanation, saying that the engineer informed at least one superior and that seven engineers who worked on the code were all in a position to know what was going on.
Phones already have random hardware addresses, so it's not like your movements are being tracked because of your mobile hotspot.
As for my opinion, I have no issue with the collection of the physical location of access points, I take issue with making me litter my chosen SSID with garbage so that I can opt out.
Regarding hotspot, I'm not sure what you mean, none of this discussion is about mobile hotspot.
Hotspots are relevant because they are often personal and they follow you around, so if they didn't randomize their hardware address, then anyone could track your movements.
Do you want to live in a world where wifi requires permission? Trying tracking down all the people in your area who are using wifi -- I have literally hundreds of wifi stations around me, operated by dozens of different people, and I have no idea who they are or how to contact them. The next time you turn on your laptop, before connecting to a wifi network (by which point you have already recorded transmissions from other wifi networks in the area), try making sure you have everyone's permission -- after all, you would not want to benefit (by being able to use wifi and not having to carry an ethernet cable around) from your device monitoring another person's network if they did not say it was OK!
Most wifi is operated in the unlicensed band, which is meant to be permissionless. That makes it convenient and suitable for consumer applications, and it also means that you have NO right to complain that Google and Microsoft dared to record your wifi beacons without asking your permission.
If you are worried about this, do you realize Google Photos also stores the location of photos of objects, and owners of those objects cannot opt out of this "tracking"?
If Google wants to build a database of access points that we all pay for (both the device and its energy consumption), I, at a minimum, want access to a copy of such a database so I can use it too.
"Privacy" advocates constantly demand that all of us bear the costs of worse technology just so they can have a little fake relief from their imaginary harms. We're long past the point of diminishing returns in preserving real privacy: now privacy advocacy is all about holiness spiraling.
That said, I don't blame Amazon here: why wouldn't they take advantage of an opportunity to hurt a competitor at no cost to themselves?
Mozilla Location Services (and Combain which I think they collaborate with), WiGLE and others use "_nomap", though, so MS seems to walk their own path on this one.
(It's not relevant to the discussion but Android home screens show the name of the connected WiFi network?)
Where can someone look up a lat,lng by entering an SSID? It sure doesn't work on the site you cited. It looks like the information that is there was explicitly shared by the router operator.
SSIDs only need to differ from neighbors' SSIDs for convenience, to help tell them apart. If you already have neighbors using a default, like "xfinity", you might not want to choose that to avoid extra hassle when setting up new devices. But if you're concerned about someone learning your SSID and finding a database to map it to a location, can pick a generic manufacturer's SSID of which there will be thousands, if not millions, of devices using the same SSID.
Yes, nearly always in the top drawer , but I've also seen widgets on the home screen or in the status bar.
> Where can someone look up a lat,lng by entering an SSID?
Others already linked it, but https://wigle.net/ allows you to - sorry for linking the wrong map!
> . But if you're concerned about someone learning your SSID and finding a database to map it to a location, can pick a generic manufacturer's SSID of which there will be thousands, if not millions, of devices using the same SSID.
I don't know about the US, but in Germany most manufacturers have an unique appendage to the name, i.e. "Vodafone HomeBox DEHGTN". And the name doesn't have to be totally unique; if you can narrow the location down to a country or even a city (which is usually not that hard if you read someones post history or talk with them) it should suffice.
Also, it's not big when someone is aware of this tracking possibility. The real problem is that most people aren't.
EDIT: Just to prove my point, it took me 2 minutes to find out you're in Massachusetts . If you're SSID is a bit unique, this is probably already sufficient.
 First panel in https://www.lifewire.com/thmb/xl-AHFNqlM-WwZ9z0JyAGx3B6Ww=/2...
They're relying on EVERYONE to keep them up in order to provide their service.
Essentially, people for a router and to keep it up and running, but it's google that can sell its service, but won't share the database of routers with the people maintaining them.
Open databases with 10B+ observations exist: https://wigle.net/
Furthermore, it doesn't matter that these databases exist, because your SSID is hidden behind the location permission API for basically every OS.
So practically speaking, your SSID being public is meaningless.
I moved home a few years ago, just 200M away, my location in GMaps, when on WiFi remained at my old address 200M away for a good year (I moved my AP with me and kept the SSID).
Google's (and others) stance is likely that cellular and wifi information is publicly broadcast.
But all the big companies are abusive in terms of privacy so it seems like it’s par for the course.
I know its not technically a product but it always feels like these sorts of schemes should be illegal tying. Can’t make an iOS app without supporting safari? Should be illegal tying. Can’t use google maps without feeding google information about the wifi networks around you? Should be illegal tying.
Personally, I just decline that option and stay with regular GPS. I remember a time before GPS (or Glonass, or Galileo, etc) and I have to say, I think it's just amazing. (I also remember a time with "selected availability", and while I appreciate that that particular veil has been lifted, I am a little bit concerned with the amount of power this gives to the US military. While I am sure Google would be basically an organ of the US military during war, it still feels better that alternatives outside of military power exist).
edit: on my pixel this setting for 'google location' was hidden beneath a 'more settings' dropdown in the location setting page. I had no idea it was there. Definitely dark patterns of hiding settings they don't want you to know about. Thanks.
The fact is that your ability to simply plug in a wifi router and use it with any devices you want, without having to coordinate with anyone or buy a SIM card or whatever else, comes with the understanding that anyone else can monitor your wifi network for any purpose (and in fact this is a requirement of the wifi standard). If monitoring someone's wifi transmissions required their explicitly approval, nobody would be able to use wifi -- every time you moved your phone from one place to another, you would first need permission from every wifi station operator to monitor their transmissions before your phone could use wifi (you would not even be able to join a network you had previously used, because doing so requires your phone to listen to beacons being transmitted by nearby APs).
But the intention of accessing your network for the purposes of choosing a network you're authorized to use is different from connecting to networks you know you do not have authorization to use, and then for a purpose that a reasonable person wouldn't expect would be assumed.
I.e. I think it's reasonable to expect that I grant permission to my neighbours and passers-by to access my network for the purpose of choosing their own network. I don't expect that they will be adding my address to a data-set.
And maybe individuals do speculatively connect to random networks, but that's different to doing it at an industrial scale.
You seem to be hung up on what is being done with the recorded beacons, but we are talking about the unlicensed band, so you have no reasonable expectations about what is being done by anyone. That is the point of the unlicensed band. It is meant to be a free-for-all, which is the only thing that is suitable for consumer applications (imagine if every phone, laptop, router, drone, microwave oven, baby monitor, etc. you purchased required you to get permission from everyone around you before it could be used).
I think it would be reasonable to have various restrictions on all kinds of large scale datasets, especially when they include data that is easy to connect to individuals, and especially when it was not compiled with their explicit (informed, opt-in) consent. This includes public information such as what I’m wearing, where I am at what times, when and where my wifi is on.
At least, IF you assume that e.g. "database copyright" serves a valid purpose, then you could make a similar case here that the collection of all these data points is qualitatively different from collecting any single data point.
Note: I used a capital "IF" up there because I do have issues with database copyright. But that's the world we live in...
They publicly advertise their face though, right?
Just the fact that information is available, it does not imply there is a consent for 3rd party to do anything with it.
> ALPRs on police cars
Government is usually exempt from those things or have license.