Google Wi-Fi data snooping: An FAQ
- 19 May, 2010 04:20
Google is cleaning up its mess after the company says it mistakenly collecting browsing data from unencrypted Wi-Fi networks as part of its Street View project. The search giant said on Monday that it had deleted all Wi-Fi data collected in Ireland at the request of the Irish Data Protection Authority. The destruction of incorrectly obtained data in Ireland was confirmed by iSec Patners Inc., an independent security consulting firm.
Google says it has also reached out to "regulators in the other relevant countries about how to quickly dispose" of the Wi-Fi data it mistakenly collected. Google has not named the "other relevant countries" it has reached out to, but the company's Wi-Fi data packet snooping could affect many locations included in Street View. In a blog post on Friday, Google said its Street View cars, which take 360-degree photographs for use in Google Maps, have been collecting data from unprotected Wi-Fi networks since 2007.
If your just hearing about Google's Wi-Fi data collection faux pas for the first time, here's a quick FAQ to get you up to speed:
Why was Google collecting Wi-Fi data in the first place?
Google says it was collecting basic Wi-Fi data from network routers including Service Set Identifier (SSID) information and Media Access Control (MAC) addresses. The search giant says collecting this information from data access points across the world helps the company improve accuracy for its location-based products like Google Maps for mobile, My Location and Buzz.
What else were the Street View Cars Collecting?
Google says the programming code meant to collect SSIDs and Mac addresses was also collecting data packet information (Web browsing and communication data) from non-password protected Wi-Fi networks.
If a Street View car was in my neighborhood, does Google have my browsing data now?
For Google to have collected any information from your computer you would have to have been browsing the Internet on a Wi-Fi network that wasn't password protected when the Street View car was in range of your wireless signal. It's also important to note that Google says it only collected data fragments and not entire pieces of browsing or communication data. Google says this is because its Street View cars were constantly moving when collecting data and changed channels (your Wi-Fi signal is broadcast on an over-the-air channel) about five times a second.
When did Google start collecting Wi-Fi data?
Google says the code that inadvertently collected Wi-Fi data was created in 2006 and used in the Street View project a year later. Google Street View first launched on Google Maps in late May 2007. It's not clear if Google's Wi-Fi snooping began when Google first sent its Google Street View cars into the streets or whether this code was added to the project soon after.
Why are we only finding out about this now if Google has been collecting this data since 2007?
Google says it did not realize what was going on with its data collection practices until German authorities told the search giant they wanted to audit Google's Street View Wi-Fi data collection practices. Google says the request from German authorities sparked an internal review which uncovered the problem. Google has grounded its Street View cars once it discovered the Wi-Fi data collection issue, and says it will no longer have its Street View fleet collect Wi-Fi data.
What is Google doing with the Wi-Fi data it does have?
Google says it has stored all the snooped data on separate hard drives that are not connected to the rest of Google's network, essentially locking the data down. The company says it has asked a third-party to investigate its Wi-Fi privacy lapse, how it happened, and confirm that Wi-Fi packet data has been permanently deleted.
What about Google's warning about protecting your Wi-Fi network?
Google should never have been collecting the data packets transmitted across open Wi-Fi networks, and it is a smart enough company that this mistake should have been caught much earlier. However, the search giant definitely has a point about protecting your Wi-Fi router. An open Wi-Fi signal is an invitation not only to have your neighbors snag some free Internet access, but also exposes your computer to any number of security intrusions including identity theft. So make sure you password protect your Wi-Fi router to keep unwanted guests, hackers and drive-by Googlers off your network.
Connect with Ian on Twitter (@ianpaul)