Australian Privacy Commissioner Rules Google Wifi Actions Illegal

Outsmart Malicious Hackers

Oh dear, poor Google seem to be catching all kinds of flak over their Wifi Data Collection.

The UK Met are already investigating them and they are being pulled to pieces in Germany too with France also weighing in. The latest to jump on the bandwagon is Australia which is stating they have breached the Australian Privacy Act.

It seems they might have dropped the ball big time with this one, although with the amount of money they have I doubt whatever legal restitution is served it won’t dent the coffers severely.

The Australian Privacy Commissioner has ruled that Google ran afoul of the country’s privacy laws when its Street View cars collected personal data from open Wi-Fi networks.

“On the information available I am satisfied that any collection of personal information would have breached the Australian Privacy Act,” said Privacy Commission Karen Curtis in a statement.
Click here to find out more!

“Collecting personal information in these circumstances is a very serious matter. Australians should reasonably expect that private communications remain private.”

Under the Privacy Act, Curtis is unable to sanction a company when she initiates an investigation. But she ruled that Google must publicly apologize, conduct “privacy impact assessments” of any new Street View data collection in Australia that includes personal information, and regularly consult with her about “personal data collection activities arising from significant product launches” in Australia.

Google has already apologised on their Google Australia blog here, which is a step in the right direction. They stated:

We want to reiterate to Australians that this was a mistake for which we are sincerely sorry. Maintaining people’s trust is crucial to everything we do and we have to earn that trust every single day. We are acutely aware that we failed badly here.

Google themselves have stated they’ve collected this data in 30 different countries, so it’ll be interesting to see how many similar cases pop up.

The Australian Federal Police have launched a separate investigation into Google’s Wi-Fi data collection. And since this and other investigations may still be ongoing, Curtis said she would not comment in more detail.

In May, with a blog post, Google said that its world-roving Street View cars had been collecting payload data from unencrypted Wi-Fi network, contradicting previous assurances by the company. The post said that the data was collected by “mistake” and that the data has not been used in any Google products, and the company grounded its Street View fleet.

A month before, in response to a complaint from the German privacy commissioner, a Google blog post said that in scanning Wi-Fi networks its Street View cars were collecting only the SSIDs that identify the networks and MAC addresses that identify particular network hardware, including routers. Google uses this data in products that rely on location data, such as Google Maps.

Google has said it collected payload data in 30 separate countries, and though investigations are still underway in many, the company announced on Friday that after speaking to regulators, it is sending its Street View Cars back on the road in Ireland, Norway, South Africa, and Sweden. This cars will resume their 360 degree picture taking next week, but they will no longer collect any Wi-Fi information.

The Street View cars will be hitting the street again and collecting data (but no-more Wi-fi info). Personally I’d love the maps to contain Wi-fi data, free/open connections nearby your current location would be a great help for the urban warrior.

Best to rely on the old 3G or Wimax dongle then I guess.

Source: The Register

Posted in: Legal Issues, Privacy, Wireless Hacking


Latest Posts:

GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.
QualysGuard - Vulnerability Management Tool QualysGuard – Vulnerability Management Tool
QualysGuard is a web-based vulnerability management tool provided by Qualys, Inc, which was the first company to deliver vulnerability management services as a SaaS-based web-service.
Memcached DDoS Attacks Will Be BIG In 2018 Memcached DDoS Attacks Will Be BIG In 2018
So after the massive DDoS attack trend in 2016 it seems like 2018 is going to the year of the Memcached DDoS amplification attack with so many insecure Memcached servers available on the public Internet.
libsodium - Easy-to-use Software Library For Encryption libsodium – Easy-to-use Software Library For Encryption
Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API.
XSStrike - Advanced XSS Fuzzer & Exploitation Suite XSStrike – Advanced XSS Fuzzer & Exploitation Suite
XSStrike is an advanced XSS detection suite, which contains a powerful XSS fuzzer and provides zero false positive results using fuzzy matching. XSStrike is the first XSS scanner to generate its own payloads.

One Response to Australian Privacy Commissioner Rules Google Wifi Actions Illegal

  1. und3r July 14, 2010 at 12:52 am #

    Seconds Intenctions of google !? =]