Google downplays claim it may have breached lawmakers' home networks
Consumer Watchdog finds unprotected network at U.S. Rep.'s home that appears on Google Street View
Computerworld - Google Inc. is playing down claims that it may have accidentally breached personal Wi-Fi networks at the homes of several members of Congress, including some working on national security issues.
Consumer Watchdog, a Santa Monica, Calif.-based advocacy group that has been a sharp critic of Google's privacy practices in the past, said Thursday that the search giant may have breached the networks while its vehicles were collecting wireless SSID information for the company's Street View service.
Google in May had disclosed that the accidental inclusion of code written for an experimental Wi-Fi project was causing its Street View cars to inadvertently collect "payload" data from unprotected Wi-Fi networks along the routes. Google said that it has since removed the code and stopped collecting any Wi-Fi data.
Consumer Watchdog said an investigation found that the wireless network of at least one key lawmaker could have been among those breached by Google's Street View cars before the code was removed.
The group said its conclusions are based on tests it conducted over the past few days using the same kind of packet-sniffing technologies likely used in Google's Street View cars as they gathered images for the service, which lets users overlay street-level images on Google Maps.
A company hired by Consumer Watchdog "sniffed" the networks of five members of Congress whose homes are pictured on Google's Street View. The tests uncovered at least one unencrypted network at the residence of Rep. Jane Harman (D-Calif.), who is chairwoman of the Intelligence Subcommittee of the Homeland Security Committee, said Jamie Court, president of the public interest group. The unencrypted network could have been breached by Google, the consumer group said. Harman couldn't be reached for comment.
Court said Consumer Watchdog found unprotected networks near the homes of four other members of Congress and images of the residences of at least 18 lawmakers in total on Street View. In a letter sent to those lawmakers, Consumer Watchdog urged that the House Energy and Commerce Committee hold an immediate hearing on the issue.
In an e-mail statement sent to Computerworld Thursday, Google said "it was mistake for us to include code in our software that collected payload data, but we believe we did nothing illegal. We're continuing to work with the relevant authorities to answer their questions and concerns."
The company maintains that any information accidentally collected is likely to be fragmented at best because its Street View cars were moving and someone would have had to be using a Wi-Fi connection at the exact moment the car passed by in order for Street View to collect data.
The Computer and Communications Industry Association yesterday criticized Consumer Watchdog for making the charges and for the tests conducted near the homes of lawmakers.
In a statement, Ed Black, president of the Washington-based CCIA, slammed Consumer Watchdog's claims and said the information collected by the consumer group went beyond the type of data collected by Google. "They detected unsecured Wi-Fi networks that anyone, including neighbors, can pick up," Black said. "It proves nothing about what, if anything, a person or company like Google might have done to intercept and record data," Black said.
"What Consumer Watchdog did was not a useful contribution to what could and should be a broader online privacy debate," he added.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Security in Computerworld's Security Topic Center.
- Securing Mobile App Data - Comparing Containers and App Wrappers Analysts agree that Mobile Device Management (MDM) is not enough when it comes to securing app data. Although it remains a critical component...
- PCI 3.0 Compliance In this white paper, learn how PCI-DSS 3.0 effects how you deploy and maintain PCI compliant networks using CradlePoint devices.
- Mitigating Security Risks at the Networks Edge This white paper provides strategies and best practices for distributed enterprises to protect their networks against vulnerabilities, threats, and malicious attacks.
- 5 Strategies for Modern Data Protection Read the five strategies for modern data protection that will not only help solve your current data management challenges but also ensure that...
- Business-driven data protection Setting up data protection infrastructures with your organizations' core mission or business in mind is key. In this webinar, the ARCserve team will...
- On-Demand Webinar: Mind the Gap! Watch the webinar featuring Bob Janssen, CTO and Co-Founder of RES Software, to start building a solid foundation for business and IT to... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!