Google’s Small Problem

Google’s Small Problem

Google Street View vehicle

A new privacy issue has stemmed from a recent incident involving internet search giant Google.  The investigation spearheaded by authorities from around the globe included New Zealand alongside the Australian Police.  The issue came under fire when German regulators were made aware of a breach of privacy regarding Google Street View’s unencrypted Wi-Fi network being left accessible while Google Street View, a division of Google Maps, was in operation.

Google Street View vehicle pulled over for speeding Photo: Flickr user damianspain
The Street View team in turn was able to access unencrypted data, but the question remains if this data was illegally obtained or not.  The program used while Google’s Street View vans were trolling the streets was called “gslite,” which simultaneously worked in part with packet sniffing software Kismet. It was made up of 32 source code files and 12 additional config and changelog information files that jumped channels five timers per second to snap up as many networks possible.  This information was revealed (PDF Link) by forensic investigation firm Stroz Friedberg, who was hired by Google’s attorneys Perkins Coie to analyze the code used.  They must have been thinking the analysis would help defend themselves against privacy authorities.

Privacy International claims that data protection law does not usually permit the interception of communications this way.  “This action by Google cannot be blamed on the alleged ‘single engineer’ who wrote the code. It goes to the heart of a systematic failure of management and of duty of care.” said the company.

Jennifer Stoddart, Canada’s privacy commissioner plans to investigate how Google managed to infiltrate people’s networks and what impact it could have on Canadian’s privacy.

Along with Australia and Canada, Google will be handing out the 600 GB of personal data collected in Europe over to the governments of Germany, Spain, and France as stated by Google’s chief executive Eric E. Schmidt.

All of this seems as a rather stark contrast to Google’s mantra of a user’s privacy being one of its top priorities, doing good and not evil, but the issue at hand seems to be one of great importance and it may in fact hold the livelihood and public perception of Google is in dismay.

Source Code Analysis of gstumbler: "The gslite program parses some, though not all, information from 802.11 wireless frames read in from a source of wireless frames. It simultaneously receives geolocation coordinates from a GPS system and then associates each wireless frame with the time and approximate location in which it was received. The gslite program works in concert with a second program, Kismet, which must run simultaneously. Kismet controls one or more wireless cards on a Google vehicle and provides gslite with the stream of detected wireless frames. The relationship between gslite and Kismet is depicted in Figure 2."