This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Google Street View ruling denotes 'landmark' privacy case on WiFi enabled data collection

Share this article:

A ruling this week in a heated court battle between Google and those accusing the technology giant of illegally collecting WiFi data, could mean stringent legal recourse for users intercepting unsecure WiFi communications, experts say.

 

A federal appeals court ruled on Tuesday that Google's data-collecting practices while using its Street View mapping service, between 2008 and 2010, was not exempt from federal wiretap law.

 

For the past few years, Google has battled a lawsuit accusing it of violating the WireTap Act for its use of Street View. The service offered users' panoramic, street-level views of geographical locations, but, in order to provide the images, Google dispatched cars around the world that were capable of collecting unencrypted WiFi data transmitted in surrounding areas, including in homes and businesses, court documents said.

 

After Google admitted in June 2010 that it “mistakenly” siphoned users' WiFi communications in its quest for Street View photographs, the company was hit with several lawsuits, which were eventually consolidated in November of that year.  

 

According to the court documents filed on Tuesday, Google's Street View cars collected about 600 gigabytes of data transmitted over WiFi networks in more than 30 countries. The payload data collected included “everything transmitted by a device connected to a WiFi network, such as personal emails, usernames, passwords, videos and documents”, the filing said.

 

On Tuesday, a panel of judges ruled to uphold a lower court's decision in California that Google couldn't dismiss the case. The technology giant argued that the case should be dismissed on the grounds that the unencrypted WiFi data it collected was categorised as a 'radio communication', a type of transmission exempt from Wiretap Act protections.  

 

The case against Google can now move forward in court, but privacy advocates are also speaking out about how the recent decision impacts anyone that captures unsecured WiFi data – whether deliberately or otherwise.

 

In an interview with SCMagazine.com on Friday, Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation (EFF), a digital rights advocacy group, called the ruling a “landmark” decision.

“It's landmark in the sense that it's the first appellate court to look at the issue and decide on the issue [that an unencrypted WiFi signal is not a radio communication],” Fakhoury said.

 

He later added that the move may require a higher degree of discretion by security analysts who are more likely to intercept these kinds of communications while researching.   

 

“What it ultimately means is, if you are a security researcher who may intercept unencrypted WiFi data, [you] may be violating the Wiretap Act,” Fakhoury said.

 

While some privacy groups, such as the Electronic Privacy Information Center (EPIC), support the court's decision on Google – EPIC has taken several steps over the years to call Google to task on its Street View data collection practices – others stand divided on the issue.

 

Lance Cottrell, a security and privacy expert, blogged about the ruling on Wednesday and wrote that, while the decision was “good news” from a privacy perspective, it could also spell trouble for anyone who inadvertently taps into open WiFi networks – which isn't hard to do.

 

“The hacker/ tinkerer/ libertarian in me has a real problem with this ruling,” Cottrell wrote. “It is really trivial to intercept open WiFi. Anyone can join any open WiFi network. Once joined, all the the data on that network is available to every connected device.”

 

He later added that the ruling was likely to “create accidental outlaws of researchers, and the generally technical and curious”.

 

The lawsuit, Joffe v. Google, isn't the only legal dispute to arise from the company's use of Street View.

 

In March, Google reached a $7 million settlement with attorneys general for 38 states and the District of Columbia. Connecticut, which led the probe into Google's practices, received a half a million dollar share of the settlement as the lead state in the case.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Chinese hackers steal confidential documents on Israeli missile defence system

Chinese hackers steal confidential documents on Israeli missile ...

Chinese hackers comprised the computer systems of three Israeli defence contractors between 10 October 2011 and 13 August 2012 in order to steal hundreds on confidential documents on Israel's Iron ...

Security researcher finds exploitable flaws in 14 antivirus engines

Security researcher finds exploitable flaws in 14 antivirus ...

Joxean Koret, a security researcher at Singapore-based consultancy COSEINC, has found exploitable local and remote flaws in 14 of the 17 major antivirus (AV) engines used by most major AV ...

Russian government promises £60k bounty to Tor hackers

Russian government promises £60k bounty to Tor hackers

The Russian Ministry of Internal Affairs (MVD) is offering a 3.9 million ruble (approximately £64,600) reward to anyone who can find a way of identifying and tracking users of the ...