Google loses appeal in Street View snooping case (Update)

Sep 10, 2013 by Martha Mendoza
In this Oct. 27, 2010 file photo, an employee drives a Google vehicle around Palo Alto, Calif. Internet giant Google's Street View project has raised privacy concerns in several countries. Attorneys suing Google for enabling its camera-carrying vehicles to collect emails and Internet passwords while photographing neighborhoods for the search giant's popular "Street View" maps look forward to resuming their case now that a U.S. appeals court has ruled in their favor. The U.S. Court of Appeals in San Francisco said Tuesday that Google went far beyond listening to accessible radio communication when they drew information from inside people's homes. (AP Photo/Paul Sakuma, File)

A U.S. appeals court said Google wrongly collected people's personal correspondence and online activities through their Wi-Fi systems as it drove down their streets with car cameras shooting photos for its Street View mapping project.

The ruling that the practice violates wiretap laws sends a warning to other companies seeking to suck up vast amounts of data from unencrypted Wi-Fi signals.

"The payload data transmitted over unencrypted Wi-Fi networks that was captured by Google included emails, usernames, passwords, images, and documents," wrote the U.S. Court of Appeals in San Francisco in a report released Tuesday.

Google had argued that their activities were exempt from the wiretap law because data transmitted over a Wi-Fi network is a "radio communication" and is "readily accessible to the public."

Not so, wrote the judges, agreeing with an earlier federal judge's ruling.

"Even if it is commonplace for members of the general public to connect to a neighbor's unencrypted Wi-Fi network, members of the general public do not typically mistakenly intercept, store, and decode data transmitted by other devices on the network," they said.

Google's Street View cars can be spotted with pole mounted cameras on their roofs, photographing along roadways the world over. The photos then show up on Google's popular Street View map option, where viewers can virtually scroll along a street past homes, cars and shops, all captured in photographs.

But unbeknownst to passers-by, those cameras weren't just making photos. They were also collecting detailed information transmitted over Wi-Fi networks they passed through.

Privacy experts and industry watchers said this was the first time an appeals court has ruled that it's illegal for a company to sniff out and collect private information from the Wi-Fi networks that provide Internet service to people at home. Google is also the first publically known company to try.

"This appeals court decision is a tremendous victory for privacy rights. It means Google can't suck up private communications from people's Wi-Fi networks and claim their Wi-Spying was exempt from federal wiretap laws," said John M. Simpson, Consumer Watchdog's privacy project director. "Because Google's Wi-Spy activity was so extensive, the potential damages could amount to billions of dollars."

Marc Rotenberg, executive director of Electronic Privacy Information Center, called it "a landmark decision for Internet privacy."

"The court made clear that the federal privacy law applies to residential Wi-Fi networks," he said. "Users should be protected when a company tries to capture data that travels between their laptop and their printer in their home."

A Google spokesperson said Tuesday that attorneys for the Internet giant are "disappointed in the 9th Circuit's decision and are considering our next steps."

Attorney Elizabeth Cabraser, representing a class action of plaintiffs who say their privacy was invaded by Google said Tuesday they look forward to resuming their case now that a federal appeals court has ruled in their favor.

Google has apologized for the snooping, which it says took place between 2008 and March 2010. It promised to stop collecting the data and said the practice, conducted in more than 30 countries, was inadvertent but not illegal.

Earlier this year Google settled a 37-state lawsuit for $7 million after attorney generals sued over what they said was an invasion of privacy for the data collection.

The practice was discovered by a German data protection commissioner in 2010. A few months later, Google co-founder Sergey Brin told conference goers the firm had made a mistake.

"In short, let me just say that we screwed up," he said at the time.

Google says it has disabled the equipment that was collecting the data, and agreed to destroy the information as soon as possible. The company is currently obliged to hold it, unused, because of ongoing litigation.

Explore further: Google argues for right to continue scanning Gmail (Update 2)

4.9 /5 (9 votes)
add to favorites email to friend print save as pdf

Related Stories

Source: Google to pay $7M to settle Wi-Fi case (Update)

Mar 09, 2013

Google will pay a $7 million penalty to settle an investigation into the Internet search leader's collection of emails, passwords and other sensitive information sent over wireless networks several years ago in neighborhoods ...

Google argues for right to continue scanning Gmail (Update 2)

Sep 05, 2013

Google's attorneys say their long-running practice of electronically scanning the contents of people's Gmail accounts to help sell ads is legal, and have asked a federal judge to dismiss a lawsuit that seeks to stop the practice.

Canada's privacy czar launches Google investigation

Jun 01, 2010

Canada's privacy commissioner said Tuesday she was probing Google's inadvertent collection of data from unsecured wireless networks as its cars photographed streetscapes for its mapping service.

Google apology to New Zealanders over Wi-Fi data

Dec 14, 2010

Internet giant Google said sorry to New Zealanders Tuesday for collecting personal data from wireless networks for its "Street View" mapping service, in the latest in a series of apologies.

Germany fines Google for privacy violations

Apr 22, 2013

German authorities said on Monday they had fined Google for illegally collecting massive amounts of personal data including emails, passwords and photos while setting up its disputed Street View service.

Recommended for you

Chinese e-commerce rivals challenge Alibaba (Update)

18 hours ago

China's biggest property developer, Wanda Group, and Internet giants Baidu and Tencent unveiled a new e-commerce venture Friday in a challenge to industry leader Alibaba Group ahead of its U.S. stock offering.

Nigeria launches national identity card scheme

Aug 28, 2014

Nigeria's President Goodluck Jonathan on Thursday launched a national electronic identity card scheme, which backers said would boost access to financial and government services in Africa's most populous nation.

User comments : 10

Adjust slider to filter visible comments by rank

Display comments: newest first

kelman66
2 / 5 (2) Sep 10, 2013
This is disturbing.
PoppaJ
1.2 / 5 (12) Sep 10, 2013
This is the same as breaking into my home to steal from me. My neighbor read this and has promised to drag the assholes out of the car and beat them and destroy all the technology in the car. This was a huge mistake Google. Learn your place. And it is not next to the NSA!
HealingMindN
5 / 5 (1) Sep 10, 2013
Let's put this all into perspective now: If Google can do it, then...
Humpty
1.4 / 5 (11) Sep 10, 2013
Hmm true - doing 3D global mapping of all the streets, trails, oceans etc.. is a good and useful thing.

BUT locating and monitoring all the wireless internet transmitters, in peoples homes, while they are doing it????

While the unsecured networks - well that is one thing... but gathering the passwords and peoples personal data while they detect the signals as well????

And Google was seeded with fund money from the CIA.....

Tsk, tsk, tsk.....

The new world order....
Protoplasmix
1.9 / 5 (13) Sep 10, 2013
Google loses appeal in Street View snooping case

I read that and thought, "naw, Google still appeals to me." :)
fmfbrestel
2.6 / 5 (5) Sep 11, 2013
This is disturbing.


This is all old news (except for the court ruling of course). If this is disturbing to you, where have you been the last 3 years?

Google showed some serious lack of institutional control (something the NCAA bashes schools with all the time) in this case, but little malice (at least from the top). A program manager crossed a line, turned around and spit on it, but Google proper never really knew what was going on.

Still, Google should have known what was going on, and will likely be held accountable for that failure.
CreepyD
1.2 / 5 (6) Sep 11, 2013
Anyone watch the TV program Continuum? Google IS Sadtech (who basically rule the world in the future instead of governments).
Seriously though, who runs WiFi without a password?! For many years all routers have come with a password on as the default setting - are people disabling the password or just running very old routers?
I think there needs to a be ruling that manufacturers need to make all routers have a WiFi password or the WiFi simply wont work.
ckid
2.3 / 5 (3) Sep 15, 2013
Supposedly Google operates with an internal review philosophy of "Is it Evil?" Also Google has a goal of not being like other corporations. But this just goes to show that like other large corporations Google ultimately is a soulless predatory organism, and we are the prey.
Anda
1 / 5 (3) Sep 15, 2013
@Fmfbrestel: are you working for google... at the top?
"Little malice from the top" they didn't know... Common! You're either naive or in.
And it's the first time I hear of this here in Europe in these last 3 years. I wonder why.
I'll stop here and won't write what I think of big brother and you...
fmfbrestel
not rated yet Sep 16, 2013
@Anda

They self-reported the violations. No one caught them, they turned themselves in after they discovered what was going on. Facts of the case. Go Bing it if you dont trust google.

I'm not trying to give them a pass, I'm just saying that as an organization, their failure was one of oversight (ironic). One of the primary responsibilities (and challenge) for organizations as large as google is proper oversight over their myriad divisions. This court case in particular explicitly allows people to sue Google over this lack of oversight -- which is a good thing. They should be held accountable for it.

Lets not overlook the actual crime. They read "payload data" from unsecured wifi networks. That's a little bit like a postal worker reading the back of a postcard. Or talking on a HAM radio and discovering some trucker is listening in.

But still - the only reason we are even having this discussion is because Google told us about it themselves.