by Bill Snyder

Google’s Street View Spying Was No Accident

Apr 30, 20124 mins
MobileSecuritySmall and Medium Business

An uncensored report by the FCC exposes the truth: Google employees knew that Street View cars were scooping up personal data from home Wi-Fi networks.

What is it about Google, Facebook and some of the other giants of social media that they can’t get it through their heads that many of us really care about our privacy? Like little kids caught doing something naughty, they ask for forgiveness, promise to be good, and then do the same outrageous thing again.

Facebook is famous for serial misconduct, but at least Mark “Boy Billionaire” Zuckerberg doesn’t usually lie about it. But Google earned a major Pinocchio when someone noticed that its Street View cars were snarfing up stray Wi-Fi signals as they trolled city streets taking pictures and mapping wireless networks.

Mapping isn’t the same as collecting data, which Google said happened by accident. In any case, the company claimed, all that was being inadvertently collected were disconnected and unusable snippets from unsecured (i.e. unencrypted) home Wi-Fi networks.

Actually that wasn’t true, according to a report by the FCC. It was neither a mistake nor the action of some undisciplined engineer working on his or her own. A new, uncensored version of a report on the matter is now available, and reading it — which you can do here — will make you mad.

It turns out that an engineer on the project who intentionally wrote code to glean the personal data, told two other engineers what he was doing, and gave the entire Street View team a document that detailed his work on Street View, including the logging of payload data — all the data that your network broadcasts — including things like the full text of emails. When the FCC investigated, he refused to cooperate and hid behind his Fifth Amendment rights to not incriminate himself.

According to the report:

 “As early as 2007 and 2008, therefore, Street View team members had wide access to Engineer Doe’s Wi-Fi data collection design document and code, which revealed his plan to collect payload data. One Google engineer reviewed the code line by line to remove syntax errors and bugs, and another modified the code. Five engineers pushed the code into Street View cars, and another drafted code to extract information from the Wi-Fi data those cars were collecting.”

That seems pretty clear, doesn’t it? But the report continues: “Nevertheless, managers of the Street View project and other Google employees who worked on Street View have uniformly asserted in declarations and interviews that they did not learn the Street View cars were collecting payload data until April or May 2010.”

Even when I’m angry I don’t usually call anyone a liar. But in this case, I will. There was a whole lot of lying going on here.

On Saturday, a Google spokeswoman told the New York Times that the company now has much stricter privacy controls than it used to, partly because of the Street View controversy. She noted that Google has now released the full report (earlier versions were heavily redacted) and added that “we can now put this matter behind us.”

Well, no. We can’t. As Richard Nixon found out, it’s often not the crime that matters so much as the coverup. But the FCC only slapped Google, a company worth nearly $200 billion, with a fine of $25,000 for not being cooperative.

Meanwhile, yet another agency, The Federal Trade Commission, is stepping up its investigation into Google’s business practices. The FTC is asking whether Google is using its dominant position in search to promote its various other products, a violation of anti-trust laws and has hired as outside counsel Beth Wilkinson, who headed the federal prosecution of Timothy McVeigh, the Oklahoma City bomber.

McVeigh was executed for his crimes. No, I’m not going over the top and saying that would be an appropriate penalty for Google. But I am glad to see that the feds are taking the anti-trust issue seriously enough to hire such a heavy hitter. And I wish that the FCC had been that serious about Google’s egregious violations of both privacy and the truth in the Street View debacle.

Don’t forget, the reason Google, Facebook and others violate our privacy comes down to money. Personal data really is gold when it comes to selling advertising. The more that’s known about your shopping, browsing and reading habits, the easier it is to sell you stuff.

And Google, of course, is really about selling advertising. So why be surprised when companies that can profit from gleaning every bit of information they can steal from you, go ahead and steal it?

There’s another, far more prosaic, lesson to be learned here. If you haven’t protected your home or small business Wi-Fi network with WPA2 encryption, you’re simply asking for trouble. It’s easy to set up, and gives you a bit of protection against the serial violators of our privacy.