Google downplays claim it may have breached lawmakers' home networks
Consumer Watchdog finds unprotected network at U.S. Rep.'s home that appears on Google Street View
Computerworld - Google Inc. is playing down claims that it may have accidentally breached personal Wi-Fi networks at the homes of several members of Congress, including some working on national security issues.
Consumer Watchdog, a Santa Monica, Calif.-based advocacy group that has been a sharp critic of Google's privacy practices in the past, said Thursday that the search giant may have breached the networks while its vehicles were collecting wireless SSID information for the company's Street View service.
Google in May had disclosed that the accidental inclusion of code written for an experimental Wi-Fi project was causing its Street View cars to inadvertently collect "payload" data from unprotected Wi-Fi networks along the routes. Google said that it has since removed the code and stopped collecting any Wi-Fi data.
Consumer Watchdog said an investigation found that the wireless network of at least one key lawmaker could have been among those breached by Google's Street View cars before the code was removed.
The group said its conclusions are based on tests it conducted over the past few days using the same kind of packet-sniffing technologies likely used in Google's Street View cars as they gathered images for the service, which lets users overlay street-level images on Google Maps.
A company hired by Consumer Watchdog "sniffed" the networks of five members of Congress whose homes are pictured on Google's Street View. The tests uncovered at least one unencrypted network at the residence of Rep. Jane Harman (D-Calif.), who is chairwoman of the Intelligence Subcommittee of the Homeland Security Committee, said Jamie Court, president of the public interest group. The unencrypted network could have been breached by Google, the consumer group said. Harman couldn't be reached for comment.
Court said Consumer Watchdog found unprotected networks near the homes of four other members of Congress and images of the residences of at least 18 lawmakers in total on Street View. In a letter sent to those lawmakers, Consumer Watchdog urged that the House Energy and Commerce Committee hold an immediate hearing on the issue.
In an e-mail statement sent to Computerworld Thursday, Google said "it was mistake for us to include code in our software that collected payload data, but we believe we did nothing illegal. We're continuing to work with the relevant authorities to answer their questions and concerns."
The company maintains that any information accidentally collected is likely to be fragmented at best because its Street View cars were moving and someone would have had to be using a Wi-Fi connection at the exact moment the car passed by in order for Street View to collect data.
The Computer and Communications Industry Association yesterday criticized Consumer Watchdog for making the charges and for the tests conducted near the homes of lawmakers.
In a statement, Ed Black, president of the Washington-based CCIA, slammed Consumer Watchdog's claims and said the information collected by the consumer group went beyond the type of data collected by Google. "They detected unsecured Wi-Fi networks that anyone, including neighbors, can pick up," Black said. "It proves nothing about what, if anything, a person or company like Google might have done to intercept and record data," Black said.
"What Consumer Watchdog did was not a useful contribution to what could and should be a broader online privacy debate," he added.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts