Judge rules against Google in Street View 'Wi-Spy' lawsuit
Denies motion to dismiss federal complaints that Google's mapping cars snatched passwords, emails from home wireless networks
Computerworld - A federal judge has declined to dismiss charges against Google that it allegedly violated the Federal Wiretap Act when it collected personal data from Wi-Fi networks.
U.S. District Court Judge James Ware on Wednesday tossed accusations that Google's Street View vehicles broke several states' laws when they harvested usernames, passwords and emails from consumers' and businesses' wireless networks, but allowed the claim that the company violated federal law to continue.
Google's Street View vehicles began cruising American roads in 2007 as part of the company's mapping program. Along with snapping photographs of each street and collecting GPS data, the vehicles also mapped the location of Wi-Fi networks to build a database that could be accessed by mobile devices to determine users' whereabouts.
Google acknowledged the privacy problem in May 2010, but said collection of personal data from Wi-Fi hotspots had been inadvertent. The company blamed an unnamed engineer for adding code to the Wi-Fi location detection software.
Although Google initially said that the packet sniffer grabbed only data fragments, it later acknowledged that the vehicles had harvested complete usernames and passwords from unprotected wireless networks, as well as emails.
To arrive at his ruling, Ware threaded his way though years of legislative history of federal privacy laws related to over-the-air communications, and even went to the Oxford English Dictionary in an attempt to define "radio communications."
He concluded that the exemptions built into the Federal Wiretap Act did not apply to Google's snooping.
"The Court finds that Plaintiffs plead facts sufficient to state a claim for violation of the Wiretap Act," Ware wrote in his ruling. "Defendant's contention that Plaintiffs fail to state a claim for violation of the Wiretap Act, as Plaintiffs plead that their networks were 'open' and 'unencrypted,' is misplaced."
Jim Dempsey, the vice president for public policy at the Center for Democracy and Technology (CDT), a Washington D.C.-based advocacy organization, said that intercepting data communications from a Wi-Fi network, even one unsecured with a password, "should certainly be illegal."
But he also argued that Congress needed to clarify the law. "It's certainly preferable to clarify the statute legislatively," Dempsey told Computerworld on Friday, rather than require judges like Ware to parse the ambiguous and outdated language of the 25-year-old Electronic Communications Privacy Act (ECPA). "But whichever way this case comes out, clarifying the statute on this particular point is not going to be easy."
Google said it was considering its next move.
"We believe these claims are without merit and that the Court should have dismissed the Wiretap claim just as it dismissed the plaintiffs' other claims," a Google representative said in an emailed statement today. "We're still evaluating our options at this preliminary stage."
- Franken presses Ford on location data collection practices
- Justices let stand appeals court decision on border searches of laptops
- California lawmakers move to bar state help to NSA
- Appeals court again nixes Google's bid to overturn Street View case
- Older Mac webcams can spy without activating warning light
- Update: Judge rules NSA spy efforts may be unconstitutional
- Perspective: Privacy concerns could keep Amazon delivery drones grounded
- NSA collects data from millions of cellphones daily
- Perspective: Curbing data use is key to reining in NSA
- Lavabit-DOJ dispute zeroes in on encryption key ownership
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Mobile Applications Case Study: 8 Billion Transactions a Day The story documents how the online brokerage company tradeMONSTER created a custom mobile app and the success gleaned from this initiative. Also covered...
- Who's afraid of the big (data) bad wolf? Survive the big data storm by getting ahead of integration and governance functional requirements This paper provides a detailed review of the best practices clients should consider before embarking on their big data integration projects.
- Understanding big data so you can act with confidence Automating information integration and governance and employing it at the point of data creation helps organizations boost confidence in their big data.
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Mobile Apps and Devices Slash Customer Cycle Time Consolidated Engineering Laboratories' field employees used to collect data on triplicate forms that were sometimes hard to read and difficult to manage. After... All Privacy White Papers | Webcasts