Google Finally Settles Lawsuit Over Decade-Old WiFi Snooping Accusations

from the that-took-some-time dept

So if you’ve been around these parts for a while, you might remember a big stink back in 2006 or so when Google’s Street View vehicles were found to have been hoovering up data collected via WiFi. The collection came while the company was collecting Street View data via its army of specially-configured vehicles, and included pretty much any and all unencrypted data traveling over those networks, including telephone numbers, URLs, passwords, e-mail, or video streams. The goal was purportedly to ensure better geographical positioning data, but the data collected went well beyond what was needed for that goal.

Initially, Google claimed that the data collection was accidental, something supported by engineering analysis at the time. Here’s what Google said in 2010 about the issue:

“So how did this happen? Quite simply, it was a mistake. In 2006 an engineer working on an experimental Wi-Fi project wrote a piece of code that sampled all categories of publicly broadcast WiFi data. A year later, when our mobile team started a project to collect basic WiFi network data like SSID information and MAC addresses using Google’s Street View cars, they included that code in their software?although the project leaders did not want, and had no intention of using, payload data.”

In 2012 however, an FCC document detailed how a Google engineer had created a system that collected this data intentionally, but had downplayed the privacy risk because Google Street View vehicles would not be “in proximity to any given user for an extended period of time,” and “[n]one of the data gathered … [would] be presented to end users of [Google’s] services in raw form.” And while the engineer was probably right that not much useful data was collected, doing so at all was admittedly not a bright idea, and the “mistake” wound up being an intentional, poor engineering choice signed off on by project managers.

Admittedly the real-world risk of the entire scandal was violently over-hyped. The moving vehicles only had access to hotspots as vehicles passed for a few seconds, frequent channel hopping reduced data collection further, and again, the entire effort only collected data from hotspots that didn’t use encryption Still, it was a dumb decision any way you slice it.

Fast forward thirteen years after the data collection occurred, and Google has finally put the entire scandal to bed, at least here in the States. The company will wind up paying $13 million to settle a 2010 lawsuit over this data collection. Because the data is so fragmented, it’s hard to actually identify whose data was collected during that period; so the payout will largely go to lawyers and a handful of privacy activism organizations:

“Lawyers for the plaintiffs said it would be difficult to identify masses of affected people, a decade later, from the random snippets of data that the company collected when its vehicles drove by their homes.

Instead, what?s left of the $13 million — after administrative costs and the lawyers who brought the lawsuit get a commission of as much as 25% — will be distributed to a handful of consumer privacy advocacy groups, according to a court filing detailing the terms of the deal.”

While this scandal may have been over-hyped, it still managed to highlight how non-transparent privacy practices are, how companies have few reservations when it comes to misrepresenting what actually happened, and how long it takes to actually achieve anything even vaguely resembling accountability. Of course in the decade-plus since this scandal began, it has become abundantly clear that this sort of casual disregard for user privacy was always more of a feature than a bug, and we’re still not doing a very good job coming up with a meaningful model for doing much of anything about it outside of hand-wringing and hysteria.

Filed Under: , ,
Companies: google

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Google Finally Settles Lawsuit Over Decade-Old WiFi Snooping Accusations”

Subscribe: RSS Leave a comment
Anonymous Coward says:

I still don’t see what the problem is? This wifi info makes things faster and more accurate for GPS Navigation as you can combine both Data. It’s INFO YOU are in fact broadcasting out to everyone!!! Google’s car is in the street and anything it sees is free to see. You can turn OFF broadcasting on your Wifi if you wanted to and really cared about your so-called privacy!!! It’s not normally as it makes it easy for you to connect to your own Network. But once you are connected and all your devices are connected. you should be able to just turn that feature off.

It’s called Hidden Wifi Networks. They do not broadcast their name and so are hidden from a list of Networks.

If Google had my Wifi Network name, who cares. It’s not like they are using my network as they don’t have the password. All they see is the name I gave it or whatever the default name is. Is that really a big deal? NO!!!

Anonymous Coward says:

In 2012 however, an FCC document detailed how a Google engineer had created a system that collected this data intentionally

According to the embedded link the data was intended to be used to map open wifi access points. That’s not an intrinsically evil intent but Google very clearly wanted to keep the whole thing quiet to avoid bad press. Perhaps if they were just more open about what they were doing it wouldn’t have been such an issue. They obviously didn’t intend to release the data they collected.

Still, I’m surprised they aren’t getting dinged a lot harder for the privacy implications of their actions.

Kept My Underwear On says:

So I was right about that, as Google admits.

With tons of lawyers can stave off the inevitable no matter how guilty. — See the Epstein case, in which DNC-connected billionaire got truly obscene privilege, let out of jail half of 13 month sentence when 13 years is too light.

This is why to not let corporations / businesses be regarded as "persons" with Rights: they can outspend and outlast even gov’t! Of course that false UN-Constitutional, entirely lawyer-created notion is a key feature of Masnick’s corporatism.

Anyhoo, I was and am right on the facts, and Masnick was and still is in the WRONG.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...