Only idiots have open Wi-Fi networks
The privacy furore over Google Street View misses the point
By Mark Gibbs | Network World US | Published: 17:34, 26 October 2010
OMG, as folk in more youthful circles text on their phones. I'm finding it hard to believe the ridiculous furore over the Google Wi-Fi-sniffing Street View cars!
On the off chance that your last name is Van Winkle and you've just woken up, let me explain the issue: Google sent cars all over the world to photograph the highways and byways so that all of us virtual tourists can see, for example, what the Drax Arms in Shitterton, Dorset, England looks like from street level.
The Googlemobiles sported not only cameras but also GPS receivers and (this is the biggie) Wi-Fi sniffing gear.
Related Articles on Techworld
Having Wi-Fi equipment on board to map wireless hot spots would seem a logical thing to do, after all, Shitterton doesn't appear to have a Starbucks (making it unique in all of the known universe), so knowing whether the Drax Arms has Wi-Fi could be jolly useful should you be passing through Shitterton on your way to Winterbourne Abbas.
This would have been all well and good but the Google Street View cars unintentionally captured a lot of extra information on all of the Wi-Fi spots they passed and, because most people's understanding of computer security is on par with their grasp of Fermat's Last Theorem, some enormous number of these Wi-Fi systems were "open", which is to say, they were (and probably still are) unencrypted. This meant that along with the location of these systems and their SSIDs (that is, the "visible" name of the access point), the Googlemobiles snagged a lot of private data such as email addresses, passwords, email messages and so on.
This came to light after Google performed an audit at the behest of the data protection authority in Hamburg. Europeans are very hot on the topic of privacy and the idea of an outfit like Google taking photographs in public places and putting them online is just the tip of their "OMG! That's just not right and something must be done about it" iceberg.
I have to digress for a moment and ask why is it that so many people are so bent out of shape over having their homes and businesses imaged by Google for Street View? Are they out there continuously monitoring who might be pointing a camera in their direction? No. Do they demand that passersby avert their gaze? No again. Do they scour YouTube and Flickr and demand that images of their stuff be deleted? No, they do not. And how is it that Google Street View is significantly different from the maps with satellite photos that both Google and Microsoft offer other than being horizontal rather than vertical views?
Look people, it's simple: If you don't want other people to see your house or your building or whatever, put up a fence. Close the curtains or choose a place that isn't visible to the public in the first place. Or how about just get used to it? Once again, the digital genie is out of the digital bottle and no amount of whining about that fact can change it even if it was a big deal in the first place... which it wasn't.
Anyway, where was I? Oh yeah, so Google did their audit and posted a mea culpa on their blog saying they hadn't done anything with the data, that they were very sorry, that they'd erase what they'd found, and that they wouldn't do it again.
Google then went into serious damage control mode and their blog continued, "The engineering team at Google works hard to earn your trust, and we are acutely aware that we failed badly here. We are profoundly sorry for this error and are determined to learn all the lessons we can from our mistake." And they added, "to make up for it, we'll come and wash your car." OK, they didn't say that, but they were that close to making the offer.
According to the Washington Post, Alan Eustace, a senior Google vice president of engineering and research went even further and said, "We want to delete this data as soon as possible, and I would like to apologise again for the fact that we collected it in the first place... We are mortified by what happened, but confident that these changes to our processes and structure will significantly improve our internal privacy and security practices for the benefit of all our users."
I've got to resort to textspeak again: OMG! Come on! Mortified? The Googlemobiles didn't run anyone over. They didn't steal anyone's dog. They didn't break into people's houses and raid the liquor cabinet.
Now, kudos to Google for "manning up" on this issue, though I'm not sure that the ridiculously submissive mea culpa combined with almost falling on their swords posture is sensible. By being so sorry, they have validated the underlying stupidity that everyone, or rather everyone but me, seems to be overlooking: The data came from open systems! Systems that people had failed to protect. The data Google mistakenly captured was visible in the public domain. It was unencrypted data!
Having an open, unencrypted Wi-Fi service is like standing on Main Street (or if you're in Shitterton, standing on West Street) and reading your mail out loud. It's not like leaving your doors and windows unlocked, it's like leaving them open with a big neon sign next to your house reading "Come on in and check out my stuff."
So now everyone, not just the European and Canadian politicians, but also outfits like the Consumer Watchdog advocacy group here are jumping on the bandwagon. John Simpson, Consumer Watchdog's director, is quoted in the Washington Post saying, "Maybe some Google executives are beginning to get it: privacy matters. The reality, though, is that the company's entire culture needs to change."
This is the worst kind of coat-tailing on an issue. Statements like "the company's entire culture needs to change" are so dramatic and overblown given the realities of the issue that Chicken Little would have to stand back and say, "Whoa! Hold on there, big fella!"
Even so, Simpson is right about one thing: Privacy matters. So people, if you want privacy, it's time to get real. Don't read your correspondence out loud in public, make sure you lock your doors, perhaps close your blinds, think about growing a hedge or building a fence, and don't leave your Wi-Fi service open and unencrypted. Unless your privacy doesn't matter to you, leaving any of these unsecured just makes you look like an idiot.