Normal users don't understand even basic things (like securing a wireless network, letting an app access their contacts etc.) and tech companies are taking advantage of it. Most normal users get people to set up their wireless networks. They really don't have a clue. Tech companies need to be aware of this when designing systems and drop the attitude that it's the users fault/they should know better.
(Sorry, couldn't resist.)
Whether or not normal users understand these things isn't relevant. The fact is that in countries with strong privacy protection (like most of Europe), collecting such data is illegal regardless.
It's the act of collecting the data that is considered invasive.
Compare this to the real world: we do a lot of things in public, but it would be really invasive if Google employees would start following us around, recording our public movements and conversations. We shouldn't have to live our lives in secret and "encrypt" everything we do in order to have some privacy.
The bottom line: it's not the part of the tech industry that provides "insecure" services that is at fault, it's the part of the tech industry that feels it has the right to abuse the information "because it is there".
We should stop accepting the widespread notion in the industry that crime is a valid business strategy until you get caught.
>>"The bottom line: it's not the part of the tech industry that provides "insecure" services that is at fault, it's the part of the tech industry that feels it has the right to abuse the information "because it is there"."
No, WiFi operates in the ISM band, which is by design a free-for-all where the only thing regulated is the emitted radio power. It is intentionally the radio equivalent of a public billboards where microwave ovens and iPads fight for supremacy.
In any event, the actual criminals are going to exploit it no matter what. Google should probably invoice the complainers for saving them from themselves.
We've got to fix the right problem.
How could this possibly be a error of judgment? Take pictures, fine. Snoop on people's WIFI? What possible purpose could that serve in context of Google Maps?
> Just come clean about what really happened, sincerely apologize, and then take serious steps to ensure that it doesn't happen again.
I do not understand this attitude. They were spying on people. It is that simple.
The payload is used to help and triangulate the accesspoints more precisely (according to the article).
Because they were in a pretty bad position once they found out what was happening? I can see an "Oh sh-, we broke the law" moment happening at the highest levels of the organization.
At least one person at Google thought it could be potentially useful:
> The report, quoting the engineer’s original proposal, gives a somewhat different impression. The data, the engineer wrote, would “be analyzed offline for use in other initiatives.” Google says this was never done.
I think Google is guilty of arrogance wrt privacy, rather than a fiendish plan to spy on people.
They certainly did not need to keep full packet contents though, just IP/Macs of nearby address to map to an approximate lat/long
You can't build personal profiles based on that data, but that is what Google does for a living. They have an incredibly dense set of personal information from gmail, adsense, doubleclick, search, etc. What's the additional information they could possibly gain from arbitrary street view payload fragments?
I'm usually very concerned about the impact of Google's information collection on my privacy, but in this case I just don't see how it fits in with any kind of goal they might have.
My diagnosis would be one of institutionalized compulsive hoarding. Maybe Googlers just don't have it in their genes to let go of any information they got, regardless of how useless it may be. Or maybe we need a new term: BBDR - Blind Big Data Rage :-)
I suppose that logically if one of the google founders had a similar approach to dealing with privacy and data collection, naturally they would hire and attract people with similar attitudes.
I've seen from google employees a general sense of emotional detachment and even contempt of their own customers that I haven't seen in other successful tech companies... it's as if they're not really dealing with fellow human beings.
It's no wonder that they haven't been successful with creating meaningful social services. On an institutional level, they just don't get or even respect how normal people think. Too bad for them...
Here's the thing: almost all of the privacy violations that people actually reference in the articles about this issue are data (e-mails, login passwords, URL's, etc.) that are already being transmitted to ISP's (where ironically, there has been a lot of discussion about them being required to archive this data). ISP's have a far less fragmented and transient view of the data than a Google Street Car, and they know precisely where their customers live. The only possible privacy violation here is with data exchanged between systems within the LAN of the home, which is a very different kind of information, is generally not that useful when viewed as a few isolated packets, and which requires a degree of technical sophistication such that you'd really think the same people doing it would also know to encrypt their wireless networks, even if only with something as lame as WEP.
When it comes to Google collecting information which would surprise the average person and would cause concern for the citizenry were there government do so, one shouldn't be. This is simply another example of what Google will do in the interest of "developing new services."
Yes, they should have thought it through more, and not fixing it was lazy and thoughtless, but at the same time.... If you haven't done something similar then you aren't doing enough.
Don't read too much into this comment...just saying I'm not surprised if the law comes down quick as lightning on an individual person who is doing such creepy stuff, whereas companies can...
You are right though, the fine for such behavior was pretty small.
"Who's being naive, Kay?"
-Michael Corleone, The Godfather
1) A company is more likely to stalk you than any person.
2) A company is more likely to cause your death than any person.
But inserting conditional probably doesn't change anything:
P(A) >= P(A|B)
You're still right about your claim, it's just that I don't really care if a corporation is more likely to kill me anyway. Then the world goes all bizarro and you want a corporation to spy on you! (Your conditional probability statement would imply that it is safer to be spied on by a corporation. Please, take all off my personal information! I don't wanna dieeeee!)
This is what makes me think of a company as less likely to attack me in this particular way than an outside individual, but I may be wrong.
In paragraph 49 they mention that they may start applying much larger fees to companies with that kind of revenue to discourage thinking of that kind of fee "as a cost of doing business".
> Google says the data collection was legal. But when regulators asked to see what had been collected, Google refused, the report says, saying it might break privacy and wiretapping laws if it shared the material.
put another way, Google refused to provide information it had collected about people without a warrant, which is probably the correct behavior. On the other hand, how can you have oversight without seeing what was actually collected? If google is operating in Germany (I assume so), they'd have to obey a court order, so did german authorities see the actual data?
Maybe the FCC didn't have that power, but it would be nice if the nytimes at least provided some depth there. Otherwise they're giving the equivalent of "'I didn't murder him' is exactly what a murderer would say!"
edit: to answer my own question, the report mentions that the FCC didn't pursue access to the data after the refusal because bodies in France, Canada, and the Netherlands did view it and issued reports.
How did it go from "rogue code" to "rogue engineer", anyway?
> “That never occurred,” the report says.
From what I remember, it's very plausible to me that the "to do" item was actually just part of the design doc template, and they just never edited that part of the template. Which is not to say they shouldn't have had a review, but they may not have actually affirmatively set themselves the goal of having one and then failed, as the article suggests.
-- Your Hero, Mark Zuckergberg
First programming book: C++ For Dummies
Tweak the HR algorithm. Indeed.
Money trumps ethics. And Google has lots of money.
[Cue Simon and Garfunkel]
"... feel-in' Goog-ley..."
Is it ethical for a company that already has massive amounts of information on your every move on the net to extend that reach by peeping into your house as well? And then their CEO has the chutzpa to blurb on his g+ about "privacy" concerns.
Meanwhile, everyone uses airmiles cards, facebook, and numerous other services that abuse privacy and bury the details in fine print. Nobody gets upset. Did you know that by using an airmiles card all your transactions are sent off for data mining? Did you know that Target used transaction data to predict that teenage girl was pregnant before she even told her parents and sent baby related print ads to her house?
Your privacy is being violated all the time, constantly, and nobody tells you about it. If you care so much about the ethics of recording traffic from open wifi networks, then I hope you also pick up your sword against the massive tide of less obvious and more directly nefarious privacy violations.
Surely you jest? This story goes back 4-5 years ago. People have such short memories. [p.s.: missed the "aside".]
> Meanwhile, everyone .. facebook .. Target ..
Facebook's very provenance is a matter of double dealing, lies, and thievery. I expect precisely zero degree of ethical and moral rectitude from that company. I have never used it and never will unless literally forced at gun point.
Target (and other merchants): Rest assured I was never convinced that giving merchant x a track-me green light was worth saving a few bucks here and there.
I expected so much more from Google and the people working for Google.
I deeply regret the necessity to post the links below (and single out this one individual), but clearly $omething happen$ to otherwise (and previously) aware, concerned, and '"sword" wielding' engineers and scientists when they get sucked into Google's vortex:
(What happened, Dr. Brewer? You seemed to have an informed clue in 1997 ...)
It really makes you wonder. I guess we are all human, after all.
> Your privacy is being violated all the time, constantly, and nobody tells you about it. If you care so much about the ethics of recording traffic from open wifi networks, then I hope you also pick up your sword against the massive tide of less obvious and more directly nefarious privacy violations.
Whenever I get a chance. You bet. And I am not giving up either, and neither should you. (Do you have children? Think about the future world you are preparing as inheritance for them. Specially if you are a geek.)
Not quite, Google isn't being as honest as you're suggesting. They tried to spin the blame off onto a rogue engineer. From the article: "Google has portrayed it as the mistakes of an unauthorized engineer operating on his own and stressed that the data was never used in any Google product."
Although you're right that privacy invasions occur across the entire industry, I think that's even more reason to send the message that privacy is a real concern.
If your neighbor leaves an opened piece of mail by a window, are you allowed to read it?
The trailer had to do with rocket movements.
It's disturbing to see some commenters making arguments that essentially amount to "but everyone else has always done it or is now doing it".
When you are Google you can pretty much do as you please. That includes taking the high road and ignoring foolish critics. Or taking the low road. And ignoring foolish(?) critics.
Ethics is a choice not an obligation.