• Enjoy the freedom to innovate and grow your business


    [ad] With Microsoft Azure you have hybrid cloud flexibility, allowing your platform to span your cloud and on premise data centre. Learn more at microsoftcloud.com.

  • IT Admin: No Time to Save Time?


    [ad] Do you spend too much time patching machines or cleaning up after virus attacks? With automation controlled from a central IT management console accessible anytime, anywhere – you can save time for bigger tasks. Try simple IT management from GFI Cloud and start saving time today!

  • Free Forrester analysis of CRM solutions


    [ad] In this 25 page report, independent analyst house Forrester evaluates 18 significant products in the customer relationship management space from a broad range of vendors, detailing its findings on how CRM suites measure up and plotting where they stand in relation to each other. Download it for free now.

  • Great articles on other sites
  • RSS Great articles on other sites


  • Reader giveaway: Google Nexus 5


    We’re big fans of Google’s Nexus line-up in general at Delimiter towers. Nexus 4, Nexus 7, Nexus 10 … we love pretty much anything Nexus. Because of this we've kicked off a new competition to give away one of Google’s new Nexus 5 smartphones to a lucky reader. Click here to enter.

  • Featured, Opinion - Written by on Monday, May 17, 2010 14:16 - 25 Comments

    Google shouldn’t stop collecting Wi-Fi data

    opinion Google’s decision to stop its Street View cars collecting harmless data on the location of Wi-Fi hotspots (including in Australia) is an over-reaction to the baseless concerns of a few privacy experts and should be reversed.

    For those of you not up to date on this little storm in a teacup, here’s what has happened so far.

    In a post on 23 April, the search giant discussed on its Lat Long blog (which is used by the developers of its geographic Earth and Maps services to post updates) the fact that its Street View cars were simultaneously collecting data on Wi-Fi hotspots as they drove around populated countries automatically taking photos.

    It’s not the first time Google has discussed the Wi-Fi data collection — as the blog entry notes, it had publicly revealed the practice as early as August 2008 — two years ago. But certainly there were quite a few people that weren’t paying attention back then and were surprised by Google’s admission.

    Part of the reason for Google’s blog post was the fact that German authorities had asked for more information about its data collection habits.

    The blog post also attracted the interest of the Australian Privacy Foundation and Electronic Frontiers Australia, which sent a concerned letter (PDF) to the search giant demanding more information. And with good cause.

    It turned out that Google had in fact been collecting data it shouldn’t have — its cars have not just been cataloguing the locations of Wi-Fi networks as they drive around global neighbourhoods — but also collecting snippets of unencrypted data as they had been doing so.

    In an apologetic blog post, Google’s senior vice president of Engineering and Research, Alan Eustance, said the search giant would delete the data and stop collecting Wi-Fi data, period (including, we have verified, in Australia). “The engineering team at Google works hard to earn your trust—and we are acutely aware that we failed badly here,” he wrote.

    Now, I applaud Google’s decision to delete any unencrypted data it may have collected with its Street View cars. Not because collecting that data was in some way evil — if you leave your wireless network unsecured, you deserve everything you get — but simply because it’s a bad look for a corporation to be snooping packets like this.

    But, in my opinion, simply stopping collecting Wi-Fi network data as a whole is an over-reaction on Google’s part.

    Privacy experts and “Data Protection Commissioners” from Europe need to realise that like the photos its Street View cars have been taking, the Wi-Fi network data that Google has been collecting is publicly available information.

    There is no difference between collecting Wi-Fi network address data such as SSID and MAC addresses and taking a photo of someone’s house. One constitutes collection of data about an addresses’ physical appearance — and one about its electronic infrastructure. Both sources of information are publicly available.

    Furthermore, there is a valid and useful purpose in Google collecting that data — and it is in a unique position to be able to do so.

    As Google’s own blog posts have noted, it is very useful for smartphones such as the iPhone, or a Google Android handset, to store a list of Wi-Fi hotspots and use this data to quickly deliver geographical information to the user about their surrounds.

    “By treating Wi-Fi access points or cell towers as ‘beacons’, smartphones are able to fix their general location quickly in a power-efficient way, even while they may be working on a more precise GPS-based location,” Google’s original blog on the subject states, noting that this is precisely how the first-generation iPhone worked, before Apple added satellite GPS functionality to the device.

    Using Wi-Fi networks in this way does not violate users’ privacy — Google’s own blog notes that this triangulation of geographical information can be done without any intrusion into the Wi-Fi networks themselves — just noting which ones are accessible.

    And users also have ways of protecting themselves against even inadvertent access to their Wi-Fi networks — through using WPA or even the lesser WEP encryption technology, setting MAC address limitations as to who can connect to the network and even hiding the SSID broadcast.

    Hell, if you’re that worried about the security of your data, you wouldn’t be running a Wi-Fi network in the first place. Those who spend their lives obsessed with security would be more likely to depend on wired connections, which are ten times harder to snoop, because you need access to the physical premises instead of … the air around someone’s house.

    In its corporate history, Google has stepped over the line into being “evil” several times, breaking its organisational motto in the process. And it will again — that’s the nature of corporations. They are too big and too complex to completely control.

    But this isn’t one of those cases. Collecting Wi-Fi network data is a prime example of the reason Google exists — to collect and organise the world’s information and make it useful to humans.

    So stop over-reacting to this privacy mini-storm, Google, and stand up for your rights to do what you can with information that is freely and publicly available and which can, after all, be controlled by its owners.

    Image credit: mrkathika, Creative Commons

    submit to reddit

    25 Comments

    You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

    1. None
      Posted 17/05/2010 at 2:28 pm | Permalink |

      This is a gross invasion of privacy and Google must cease collecting such data.

      It simply doesn’t know when to stop and only did so in this instance because the Germans became involved and sought to access a hard drive from one of the Google cars. This is when Google found that it had “accidentally” been collecting such data.

      Here’s another thing that we’ll need to revisit in a decade. One by one Google’s action seem innocuous, but in a decade when all of this is linked together you’ll see how much you have lost.

      • Posted 17/05/2010 at 2:57 pm | Permalink |

        What exactly is a gross invasion of privacy, None? The fact that Google accidentally collected some packets from a few people’s networks, or the cataloguing of Wi-Fi hotspots? The one was an accident and the data will now be deleted .. the second is simply collating publicly available data. I don’t see what the problem is.

        • Anon
          Posted 18/05/2010 at 11:59 am | Permalink |

          Renai,
          So you wouldn’t have any issue at all with Google also publishing and highlighting a list of properties that their cameras detected with the front door left opened?
          The resident could have locked it, but for one reason or another didn’t. Maybe they don’t care, maybe they meant to leave it open for someone, maybe it was a bad lock, or maybe someone else had broken into the house previously and left the door open so they could come back at a later time.
          Lots of reasons for the door being open, and i hope you are seeing the analogy that the reasons could all apply equally to someone’s WIFI being open.
          Do you still contend, quote, “you deserve everything you get”?

          • Posted 18/05/2010 at 3:54 pm | Permalink |

            “So you wouldn’t have any issue at all with Google also publishing and highlighting a list of properties that their cameras detected with the front door left opened?”

            I don’t think the analogy stands … Google is not publishing a list of open Wi-Fi access points, or even Wi-Fi access points that you can access if you have the right password (ie, WPA or WEP, with no MAC address filtering).

            It is simply using a list of data about Wi-Fi access points in general to provide triangulation information. It is more or less akin to publishing a list of street signs.

    2. Michael H
      Posted 17/05/2010 at 2:51 pm | Permalink |

      Spot on Renai, nice to read a balanced and sensible viewpoint on this.

      • Posted 17/05/2010 at 2:58 pm | Permalink |

        Cheers! It just seemed to me that Google took this one a little *too* seriously in its attempts to be nice ;)

    3. signalsnatcher
      Posted 18/05/2010 at 11:02 am | Permalink |

      So much information on individuals is now available that we need to redefine what ‘privacy’ means. Increasingly it means control rather than secrecy.

      What Google is doing is is collecting data without allowing the owner to exercise control. If I learn someone’s unlisted phone number from a third party I have breached their privacy since they don’t want me to know it. If I walk down the street trying car door handles until I find one that’s open I am collecting publicly available information but even if I don’t steal anything from the car I might have a bit of trouble explaining myself to the owner or the cops. If my neigbour has a two metre fence it’s there to stop me looking over it, even if it only needs a ladder to do it.

      Just because something is easy to do does not mean that we should do it.

      If we don’t allow powerless and technically ignorant people to control their own information then we are abandoning a key concept in the whole idea of the rule of law in a democracy which is to restrain the powerful.

      • Posted 18/05/2010 at 1:19 pm | Permalink |

        I’d agree with you here, signalsnatcher, when you say privacy is more about control than secrecy these days. However, I would disagree that anyone could possibly be powerless over their own Wi-Fi network … surely this is something that is within the hands of the individual?

        I don’t see a problem with Google collecting what is publicly available information and using it for some fit purpose. If you don’t like it, don’t broadcast your SSID or simply use a cat5 cable instead.

    4. Posted 18/05/2010 at 12:18 pm | Permalink |

      how is that an invasion of privacy? if you are stupid enough to run a wireless network that is open to scrutiny because you didn’t lock it down, silly you. I have seen many networks wide open, business and private, because a password was too hard to remember. If you are broadcasting a wireless connection, and I am set to discover, I gain access.

      not hacking, just really dumb wireless network management.

      the google cars aren’t intentionally breaking into a wireless network, they are just connecting to the next open one. it would appear to be just another hotspot, not a business, not a home.

      • Posted 18/05/2010 at 1:21 pm | Permalink |

        +1 to this post.

        Society needs to listen to sysadmins and network administrators more … (speaking as a former sysadmin here). They are bastions of common sense :)

        Don’t worry Peter — know you’re not a sysadmin — but you have the good common sense of one ;)

    5. DataDance
      Posted 18/05/2010 at 1:35 pm | Permalink |

      Idiot. The reason they stopped is obvious. Unauthorised access to electronic data, whether it’s secured or not, is illegal.

      And for heaven’s sake …the ‘those-idiots-deserve-it’ argument? Are you f’in kidding me? Who is this clown?

      • Posted 18/05/2010 at 3:55 pm | Permalink |

        And what data, prey tell, are you accessing in an unauthorised way, if all you are doing is collecting a list of Wi-Fi access points? These Wi-Fi points broadcast their own existence … I don’t see how it can be unauthorised to make note of that existence.

        • DataDance
          Posted 18/05/2010 at 5:15 pm | Permalink |

          It wasn’t just a list of the points….

          http://www.zdnet.co.uk/news/security/2010/05/17/google-wi-fi-data-harvesting-was-a-mistake-40088955/

          In April, the German DPA revealed that Google’s Street View cars were harvesting data about people’s Wi-Fi networks as they drove around. Google said in a blog post at the time that there was nothing wrong with doing this, saying that the company “does not collect or store payload data”. On Friday, Eustace backtracked on this statement in his own post.

          “It’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) Wi-Fi networks, even though we never used that data in any Google products,” Eustace wrote.

          “However, we will typically have collected only *fragments of payload data because: our cars are on the move; someone would need to be using the network as a car passed by; and our in-car Wi-Fi equipment automatically changes channels roughly five times a second. In addition, we did not collect information travelling over secure, password-protected Wi-Fi networks.”

          *In other words IP traffic moving across them.

          • Posted 18/05/2010 at 7:45 pm | Permalink |

            Yes, they did collect this sort of data — but accidentally. And not only would this sort of data likely be useless, because as Google noted, they changed channels frequently, Google didn’t do anything with it and now is deleting it in the safest way.

            But this doesn’t invalidate two points:

            1. If you leave your Wi-Fi network unsecured, you should expect others to snoop on your traffic. You wouldn’t leave the front door of your house open, would you?

            2. There is still nothing wrong with Google collecting publicly available data about Wi-Fi networks — the SSID broadcast and so on. There is no private information there.

    6. DataDance
      Posted 19/05/2010 at 3:00 pm | Permalink |

      “1. If you leave your Wi-Fi network unsecured, you should expect others to snoop on your traffic. You wouldn’t leave the front door of your house open, would you?”

      This is just absurd. If I did leave my door opern would that make it right for anyone to walk in and have a look around? Is that the situation with windows too? Would you like me to come have a look about your house if your left a door or window open? It’s called trespassing and that’s the way digital laws work.

      That’s the moral tenor of your argument.

      Is Galt Media doing any work for Google at the moment? I’d like to know.

      • Posted 19/05/2010 at 10:51 pm | Permalink |

        Firstly, no, I’m not doing any work for Google :) If I was, you’d know about it.

        Secondly … the analogy doesn’t quite fit. Many devices (such as iPhones) automatically check out available local networks, and ask users if they want to connect to them. But you can’t automatically climb through someone’s open window — that’s an active action, not a passive one.

        Scanning for wireless networks on a street is not trespassing, and it’s as simple as that. If you don’t understand that, then I would accuse you of being a luddite >:)

        • DataDance
          Posted 20/05/2010 at 1:09 am | Permalink |

          Renai

          1. If Lemay & Galt media were doing white paper or press release work for Google how the hell would I know about it? God knows you bury the disclosure of the link of Delimiter and the other professional services you offer deep enough in the Lemay & Galt site.

          2. You are clearly the Luddite if you can’t tell the difference between scanning for SSIDs for wireless networks and actually connecting to AND collecting data travelling across unsecured ones which is what Google has admitted to.

          • Posted 20/05/2010 at 8:37 am | Permalink |

            1. Because I would disclose it, as I disclose everything. If you find something that I am doing that I have not disclosed, please let me know about it so I can do so. I challenge you to find other companies which have the same level of openness as my own — I think you will find that most are much more closed. Certainly I would be interested to know which company you yourself work for :) But I don’t know that, because unlike me, you are anonymously attacking me. But that’s fine ;)

            2. I know the difference — and I believe Google when it said it was an accident that it was collecting data and will delete that data. The whole point of my article is that it is not illegal to travel through a neighbourhood, scanning for Wi-Fi networks and creating lists of them. And that Google should not stop doing that, because it provides useful information.

            • DataDance
              Posted 20/05/2010 at 11:28 am | Permalink |

              The whole point of your article, right from the opening, was that Google’s actions were totally harmless. I might be inclined to agree if not for the fact that they went further than scanning and noting the location of wi-fi SSIDs and collected data from unsecured networks of private citizens. Even they acknowledged this was wrong but you opined that this was okay, and even went on to make this rather dubious statement:

              “Now, I applaud Google’s decision to delete any unencrypted data it may have collected with its Street View cars. Not because collecting that data was in some way evil — if you leave your wireless network unsecured, you deserve everything you get — but simply because it’s a bad look for a corporation to be snooping packets like this.”

              Bad look? Bad POLICY. Illegal POLICY. Check the laws on data protection. Collecting the data was in my view an evil invasion of privacy – as evil as me walking up to an open window in your house, climbing in and rifling through your private documents.

              To then have the fourth estate’ers tell people they deserve this is an extremely worrying development and direction for the information climate.

          • Posted 20/05/2010 at 11:10 am | Permalink |

            The proof of my disclosure ethics is in the pudding :)

            http://www.rlemay.com.au/2010/05/20/disclosure-salesforce-com-work/

            • DataDance
              Posted 20/05/2010 at 11:35 am | Permalink |

              Yes, it’s interesting that you’ve made the decision to publish this disclosure in the last 12 hours or so.

              How would you advise your audience to judge any future stories you may write about Salesforce.com? Or even cloud computing? Will each story have a disclosure? Simply not write about them?

              I’m asking that out of quite sincere curiosity – not just winding you up.

              • Posted 20/05/2010 at 12:19 pm | Permalink |

                Well, it’s quite clear. I would advise my audience to judge anything I write about Salesforce.com in future the same way they judge absolutely any piece of content I post anywhere — on its merits. If you think I’m a Salesforce.com stooge, say so, and I’ll outline my reasons for writing or not writing something. I don’t see the need to put a disclosure on every story, because I won’t have a long-term engagement with Salesforce.com.

                Of course I will write about Salesforce.com, as well as its rivals and its customers, on Delimiter many times in the future.

                The only basis you have for trusting any journalist any time is not because they say you should trust them — it is that they have earned your trust over time.

                • DataDance
                  Posted 20/05/2010 at 12:53 pm | Permalink |

                  Trust can be broken as easily as reputations. One bad deed etc…

                  Your disclosure is laudable, of course.

                  Stooge is a bit of derogatory term but, if you will use it, then one could argue that you are their stooge in the sense that you derive a fiduciary benefit from your relationship with them – albeit temporarily as you say.

                  Respectfully, I would submit that you are leaving your readers in a challenging position to expect them to put aside any concern that your relationships with these companies won’t affect your editorial judgements in future.

                  That’s up to them I guess and my opinion is just that – only mine.

                  It’s up to you how you run your affairs and manage your reputation. Who knows? Maybe it can work.

                  But don’t get the impression I’m immediately accusing you of selling out your editorial. I’m just curious as to your view on that.

        • Me
          Posted 20/05/2010 at 11:49 am | Permalink |

          Just because you can, it doesn’t necessarily hold that you should.

          I CAN pickup a wallet I find on the street and take the money, but SHOULD I do it? The owner has just left it sitting there unsecured, so why not?
          I CAN access someone’s unencrypted WIFI, but SHOULD I do it? The owner has just left it sitting there unsecured, so why not? Or was it cracked by a criminal and left open?

          I’ll leave the answers up to you…but be careful of the luddite accusations Renai, with all the “because I can I will, and you’re an idiot if you don’t secure it and you deserve everything you get” talk, someone may accuse you of sounding a little Gen Y shortly ;)

          Also, you may want to skim through the Cybercrime Act (2001) and check out the penalty for unauthorised impairment of electronic communication (which I could accuse you of if you are using my bandwidth and thereby slowing my downloads).

    7. Posted 30/10/2010 at 1:50 pm | Permalink |

      In relation to the law, an above mentioned post citing the Cybercrime Act (2001), is unfortunately a farce.
      The same law that applies to the masses DOES NOT apply in the same manner to corporations.

      Even if it was proven that google has breached a law, NOTHING will be done, as google’s actions are government supported, i.e to gather as much information as possible about the masses.

      If the interpretation is that google ‘stole’ your bandwith, packets etc from you, you could by the same token for example connect (not hack) into an open government / telco wireless installation, and look at the network, and surf the internet without the fear of reprisal.

      If caught, winning a case in your favour is very unlikely.

      It’s also about something called setting a precedence, something the governments and lawmakers are VERY aware of before making judgement, in favour of the peasants.




    Get our 'Best of the Week' newsletter on Fridays

    Just the most important stories, one email a week.

    Email address:


  • Most Popular Content


  • Six smart secrets for nurturing customer relationships
    [ad] Today, we are experiencing a world where behind every app, every device, and every connection, is a customer. Your customers will demand you to be where they and managing customer relationship is the key to your business’s growth. The question is where do you start? Click here to download six free whitepapers to help you connect with your customers in a whole new way.
  • Enterprise IT stories

    • NetSuite in whole of business TurboSmart deal turbosmart

      Business-focused software as a service giant NetSuite has unveiled yet another win with a mid-sized Australian company, revealing a deal with automotive performance products manufacturer Turbosmart that has seen the company deploy a comprehensive suite of NetSuite products across its business.

    • WA Health told: Hire a goddamn CIO already doctor

      A state parliamentary committee has told Western Australia’s Department of Health to end four years of acting appointments and hire a permanent CIO, in the wake of news that the lack of such an executive role in the department contributed directly to the fiasco at the state’s new Fiona Stanley Hospital, much of which has revolved around poorly delivered IT systems.

    • Former whole of Qld Govt CIO Grant resigns petergrant

      High-flying IT executive Peter Grant has left his senior position in the Queensland State Government, a year after the state demoted him from the whole of government chief information officer role he had held for the second time.

    • Hills dumped $18m ERP/CRM rollout for Salesforce.com hills

      According to a blog post published by Salesforce.com today, one of Ted Pretty’s first moves upon taking up managing director role at iconic Australian brand Hills in 2012 was to halt an expensive traditional business software project and call Salesforce.com instead.

    • Dropbox opens Sydney office koalabox

      Cloud computing storage player Dropbox has announced it is opening an office in Sydney, as competition in the local enterprise cloud storage market accelerates.

    • Heartbleed, internal outages: CBA’s horror 24 hours commbankatm

      The Commonwealth Bank’s IT division has suffered something of a nightmare 24 hours, with a catastrophic internal IT outage taking down multiple systems and resulting in physical branches being offline, and the bank separately suffering public opprobrium stemming from contradictory statements it made with respect to potential vulnerabilities stemming from the Heartbleed OpenSSL bug.

    • Android in the enterprise: Three Aussie examples from Samsung androidapple

      Forget iOS and Windows. Today we present three decently sized deployments of Android in the Australian market on Samsung’s hardware, which the Korean vendor has dug up from its archives over the past several years for us after a little prompting :)

    • Businesslink cancelled Office 365 rollout cancelled

      Microsoft has been on a bit of a tear recently in Australia with its cloud-based Office 365 platform, signing up major customers such as the Queensland Government, Qantas, V8 Supercars and rental chain Mr Rental. And it’s not hard to see why, with the platform’s hybrid cloud/traditional deployment model giving customers substantial options. However, as iTNews reported last week, it hasn’t been all plain sailing for Redmond in this arena.

    • Qld Govt inks $26.5m deal for Office 365 walker

      The Queensland State Government yesterday announced it had signed a $26.5 million deal with Microsoft which will gain the state access to Microsoft’s Office 365 software and services platform. However, with the deal not covering operating system licences and not being mandatory for departments and agencies, it remains unclear what its impact will be.

    • Hospital IT booking system ‘putting lives at risk’ doctor

      A new IT booking platform at the Austin Hospital and Olivia Newton-John Cancer and Wellness Centre in Melbourne is reportedly placing the welfare of patients with serious conditions at risk.

  • Enterprise IT, News - Apr 17, 2014 16:39 - 0 Comments

    NetSuite in whole of business TurboSmart deal

    More In Enterprise IT


    News, Telecommunications - Apr 17, 2014 11:01 - 133 Comments

    Turnbull lies on NBN to Triple J listeners

    More In Telecommunications


    Featured, Industry, News - Apr 17, 2014 9:28 - 1 Comment

    Campaign Monitor takes US$250m from US VC

    More In Industry


    Digital Rights, News - Apr 17, 2014 12:41 - 12 Comments

    Anti-piracy lobbyist enjoys cozy email chats with AGD Secretary

    More In Digital Rights