Those Street View cameras aren’t just collecting pictures of streets and buildings to make Google Maps better, they’re also scooping up email addresses and passwords, Google admitted Friday.
Back in May the company announced that its Street View cars were mistakenly collecting data from unencrypted wireless networks; now they’ve acknowledged that this data included emails, url addresses, and passwords from people who were sending that data over open (non-password protected) networks when a Google car passed by.
In making the new announcement, Google declared itself deeply chagrined, and outlined the steps it has taken to improve its privacy policy.
We are mortified by what happened, but confident that these changes to our processes and structure will significantly improve our internal privacy and security practices for the benefit of all our users. [Official Google Blog]
The data-collecting code was a part of the software running on Google’s Street View cars, which have so far mapped over 30 countries, and have established a presence on every continent–including Antarctica. The software was meant to just collect basic data about the presence of WiFi networks as the car-mounted cameras snapped pictures.
But the software did more than that. The extent of the breach has been established by several investigations, including one by the Canadian privacy commissioner:
It was established that the incident “was the result of a careless error” of one Google engineer who developed the unintentionally nefarious code in 2006. The engineer identified “superficial privacy implications” with the code, the commissioner found, but the implications were never assessed by other Google officials and the company was unaware of the presence of the code when its Street View cars were rolled into action. [The Guardian]
Not only is this kind of violation a public relations nightmare, but several countries are debating filing charges or changing the way they do business with Google, including the United Kingdom, which just reopened an investigation of the breach. Both Canada and Australia have already declared that Google’s Street View data collection broke their privacy laws. Over the past few months, it’s become clear that the incident will have worldwide repercussions.
Italy demanded that Google give residents several days notice before its cars roam their neighborhoods, Reuters reported. Regulators in France, Germany and Spain have begun investigations of their own. More than 30 state attorneys general in the United States also have launched a joint probe. [Washington Post]
Obvious idea of the day: Only send sensitive information over password-protected networks! As for controlling information transmitted over unprotected networks, like public WiFi hotspots, in May Google started encrypting searches from https://www.Google.com.
Related content:
80beats: Location-Software Maker Sues Google, Saying It’s Being Evil (& Microsoft-like)
80beats: Take a Virtual Tour of Pompeii on Google Street View
80beats: Google’s Self-Driving Cars Are Cruising the California Highways
Discoblog: Google Street View Goes to Antarctica, Brings Maps to the Penguins
Discoblog: Pedestrian-Removing Software Makes for a Creepy Google Streetview
DISCOVER: Your Digital Privacy? It May Already Be an Illusion
Image: Flickr/theedinburghblogco
October 25th, 2010 at 4:00 pm
Actually, the privacy hazard is far less than the almost all of the reports would have one believe. An independent review of the code and procedures has reported that the Street View code passively monitoring Wi-Fi signals switched channels every 0.20 seconds. Thus, the fact that some e-mails and other data was seen in the product of the sheer volume of data gathered. As they say, enough monkeys, typewriters, and time, and sooner or later you might just get a something resembling Shakespeare.
However, the key phrase is “unencrypted Wi-Fi”. This material was broadcast unencrypted where anyone in range who cares to listen could acquire it. I worry far more about a local neighbor with long-term access by reason of location than I would worry about Google Street View cars visiting every so often. The hazards are not of the same scale.
A far larger discussion of the issue (with references) can be found in my most recent blog posting, “Google Street View and Unencrypted Wi-Fi” at http://www.rlgsc.com/blog/ruminations/google-street-view-and-unencrypted-wifi.html.
October 25th, 2010 at 4:52 pm
@Bob, Thanks for the breath of fresh air. I agree that it seems people are making a big deal about Google accessing something they should know isn’t secure (unencrypted wireless networks).
Thanks for the additional details about the software. From what I’ve seen it seems like most of the data they gathered was fragmented (only part of the transmission fell within the 0.20 second window), but a small part of it was complete.
Thanks for reading and commenting!
Jen
October 26th, 2010 at 11:14 am
The people that are not securing their wi-fi are to blame, they’re the ones broadcasting their information all over the place.
October 26th, 2010 at 5:39 pm
it happened years ago. what was “said” then is of no consequence / importance to anyone after all this time, not even the tender “i love you’s”. one assumes google or big brother was randomly collecting major messages from a single pair of communicants as they drove the streets of oslo and bariloche. stupid is as government does. rear another study and investigation. damn, hell there are 250 nations; each one should start their own, and those that concluded should reinvestigate. google doesn’t care what maria said to uri.
November 1st, 2010 at 12:50 pm
Well, that all sounds very liberal of you all.
What, I WANT to know, was the need to collect Wi-Fi network location/security/address in the first place ? The cars had a v. good GPS (I assume)and surely that is enough ? If the car speeding through streets fails GPS reads, because it cannot update fast enough, then what does a network address give in place ? How does a stolen IP marry to an exact street code/LatLong location ?
According to other press reports, an “engineer” had left some code in, that was designed to monitor what documen (types) were flying over insecure networks. I assume the innocent interpretation was that Google had a thought to tell the World…”so many PDFs, JPGs etc were present in X district” But, WTF is THAT about anyway? You don’t need to be a C++ expert to understand the AIM of a line of code — So, with Google, I’m still waiting for a plausible explanation of the engineer’s code.
At the end of the day, I don’t think it was CIA-financed research… it was likely another collection push so that Google could, yet again, enhance some sort of Advertising/Sales advantage. Still smells though
November 1st, 2010 at 1:14 pm
(replying to self)
“As Google’s own blog posts have noted, it is very useful for smartphones such as the iPhone, or a Google Android handset, to store a list of Wi-Fi hotspots and use this data to quickly deliver geographical information to the user about their surrounds.
By treating Wi-Fi access points or cell towers as ‘beacons’, smartphones are able to fix their general location quickly in a power-efficient way, even while they may be working on a more precise GPS-based location,” Google’s original blog on the subject states, noting that this is precisely how the first-generation iPhone worked, before Apple added satellite GPS functionality to the device” ( quote Google official from APCmag site)
hmm … OK. a bit of swift triangulation at the old street corner … some time-stamp differences might give locations. Then again, so would a 2 second stop at the street corner – and let your hi-quality GPS tell you.
Still, capturing MAC / Net addresses is not so big an issue – especially if the door’s open. A reputable company with technical resourese shouldn’t do it, of course, but then Google don’t seem to have the resources to check some sensitive code, apparently ( says a lot for their software versioning)
So, I have some code that scrapes the net address as i pass by. Why does my code stay open to catch the rest of any stream ? Once I have easily recogniseable net addresses captured – why would I hold the rest of the junk I caught in the stac ? Why didn’t someone “notice” Gigs and Gigs of data that wasn’t just a long list of timestamps + address + mac name ?
November 3rd, 2010 at 4:50 pm
Frank Ads: there are more important things for you to obsess over. Get over it. In the amount of code they produce yearly (millions of lines of code made my thousands of programmers), do you really think it’s that hard for something like this to slip by? Perhaps you have a better solution?
That’s what I thought. Bitch and moan, it’s easier.
February 18th, 2011 at 8:48 am
Such a wonderful, typical press/blog release piece of technical misinformation from GOOGLE(tm) in its reply for calming the sheep down. Just mess with incompatible/misplaced/conceptually wrong, and things will be misunderstood (for good).
What, in a world, does “0.2 seconds” mean in terms of data amount? Of course it was chosen because it sounds so little.
So what 0.2 seconds do we talk about? Morse transmission? Zx Spectrum loading from a tape (than it would be about 200 bits)? Or WiFi running at full speed 54Mbit? Oh, well, that’s just 11Megabits of data (=1.35Mbytes), if chaneel is loaded. It’s not a “part of email”, but about 100 typical emails with reply tails or over a thousand “clean” new emails in their entirety.
Don’t let typical marketing droid generated weaselwords fool you.
Of course, nobody from google could ever notice harvesting of any other data than what they needed. Because they probably just thought that it would be worth checking the harvested data only after these vans have covered an entire globe? And vans had no technical personnel, just a retarded driver that could only operate a car radio. Sure, we do sincerely belive in that.
Fixating MAC address physical locations on the globe is already a privacy violation. Just even that. IP addresses are mostly dynamic and it’s entire pool ios one big mess, no wonder they wanted to fix the real situation on the map for obtaining a greater power over information flow and sources. Capturing any other data flow, unencrypted or not, is a serious violation, especially for purposes of further use in commerce and control.
During the day, your window is closed by just curtains – it means I can peek in to my liking and take notes of things you have and do there?
You don’t apply any encryption to your phone calls, do you? How about wiretapping those?
In terms of data amount, for a landline every of those “0.2 seconds of data” contain about three minutes of telephone conversation data. For GSM it’s about 20 minutes.
March 20th, 2011 at 8:19 am
But they stood right up and apologized, right?
Right here:
“We are mortified by what happened, but confident that these changes to our processes and structure will significantly improve our internal privacy and security practices for the benefit of all our users.”
Of course, this had nothing to do with internal privacy, and the users affected were not necessarily using any Google product, but hey, let’s “get over it” and just play along. Let them do whatever they want and lie about it afterwards; they’re an American corporation.
And they stood right up and apologized…right?
June 6th, 2011 at 5:34 pm
I am not super excited about my nose picking being recorded for future generations to make fun of.
Nose gold is important business.