I don’t intend to dwell on the story that Google ‘accidentally’ collected 600GB of data from unsecured Wi-Fi networks in 30 countries while out taking photographs for its Street View mapping service. Nor the fact that technical details revealed in a Google audit could see the company face criminal prosecution around the world for collecting private Wi-Fi data, according British privacy organization, Privacy International. But some of this story just doesn’t add up and could have repercussions on the telecommunications industry at large.
Security consulting firm Stroz Friedberg had conducted an independent audit of Google’s data collection practices and the results has already been sent to the interested data protection authorities. “In short, it confirms that Google did indeed collect and store payload data from unencrypted Wi-Fi networks, but not from networks that were encrypted,” the company wrote on its blog.
That’s all well and good and Google is apparently doing its best to remain transparent, but its claim that the data collection was a ‘mistake’ coded by a programmer really does smack of devolvement of blame. How could so much data, specific to private Wi-Fi networks in 30 countries be unintentionally collected and not noted is really quite a mystery to anyone following this bizarre story.
The real issue is not whether Google intentionally collected the information or not, after all, it collects all sorts of information on our web browsing habits. This particular situation has become a grave security concern for many people. This is the same company that fosters the intensive take up of its ‘free’ online services including Gmail, Google Docs and Calendar and probably knows every one of your personal searching habits, intimately.
What happens if another programmer, working in these very sensitive and personal areas, makes another ‘mistake’ and that private data becomes public? A mistake of that magnitude would surely dent Google’s plans. It seems highly unlikely that a company with such a good track record of ‘corporate housekeeping’ would allow that to happen but by admitting publicly that they did make a mistake in the case of Wi-Fi data collection should send alarm bells ringing.
For communications service providers, particularly those offering broadband access, the fact that their customers are setting up unsecured wireless routers could also become a concern for them in due course. It is illegal to intercept wireless data traffic in most countries, and it is illegal in many to ‘piggy-back’ or make use of somebody else’s wireless connection. Where I live, I can see at least four unsecured networks at any point in time.
The people installing these routers simply don’t know how to secure them or have not been instructed to do so by their service provider. How long before one of these customers, that suffers from data piracy, lays the blame on their service provider for failing to adequately warn them of the dangers. It will happen – it’s only a matter of when.