backtop


Print 19 comment(s) - last by Divide Overflo.. on May 24 at 10:48 PM

Suit is seeking class action status

The sheer number of wireless networks in use in the average neighborhood in America is staggering. Most of the routers and networks today are easy to setup and anyone can install a secure network that blocks unauthorized users from accessing sensitive data. Some people setup a network and simply leave it open allowing any data sent to potentially be seen or captured.

Last week Google announced that after an audit requested by a German data protection authority it discovered that it had been inadvertently capturing some "payload" data from unsecured wireless networks. Google admits that it knew its Google Street View vehicles (GSV) were capturing the SSID and Mac address of protected WiFi networks.

lawsuit has been filed in a court in Portland, Oregon by two people accusing Google of violating federal privacy and data acquisition laws reports
ComptuerWorld. Lawsuit documents read, "When Google created its data collection systems on its GSV [Google Street View] vehicles, it included wireless packet sniffers that, in addition to collecting the user's unique or chosen Wi-Fi network name (SSID information), the unique number given to the user's hardware used to broadcast a user's Wi-Fi signal (MAC address, the GSV data collection systems also collected data consisting of all or part of any documents, e-mails, video, audio, and VoIP information being sent over the network by the user [payload data]."

The plaintiffs are seeking a court injunction to prevent Google from deleting any of the data that it collected. Google had stated that it intended to delete the data as soon as possible, but that it was working with appropriate regulatory authorities to determine how to safely delete the data.

The plaintiffs in the suit, which is seeking class action status, are Vicki Van Valin from Oregon and Neil Mertz of Washington. Ironically, Van Valin claims to work in a high tech industry and to send large amounts of data for her job across her wireless network. The work she does is covered under non-disclosure agreements and security regulations, yet shewas sending the data over an open Wi-Fi network. Van Valin claims that GSV vehicles have driven by her home at least once. Mertz also claims to have sent confidential information over his open WiFi network.

The compliant stated, "Van Valin works in a high technology field, and works from her home over her Internet-connected computer a substantial amount of time. In connection with her work and home life, Van Valin transmits and receives a substantial amount of data from and to her computer over her wireless network. A significant amount of the wireless data is also subject to her employer's non-disclosure and security regulations."

Both plaintiffs in the case are seeking statutory and punitive damages in the amount of $100 per day for each day any plaintiff or class member's data was captured or $10,000 per violation, whichever amount is greater.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Van Valin needs to get fired
By nafhan on 5/21/2010 9:51:28 AM , Rating: 5
As she apparently has no understanding or desire to secure her employers/customers sensitive data. Really, sending sensitive, unencrypted data over an open wifi network? Would Google be getting sued if she'd been putting the data on billboards out front of her house and they took a picture of it?
The lawyers (and likely only the lawyers) are about to make some money...




RE: Van Valin needs to get fired
By rcc on 5/21/2010 11:46:26 AM , Rating: 1
While I agree that this woman is dumber than a stump and probably has a great future career as a restroom attendant, Google has no business roaming the streets collecting data either.


RE: Van Valin needs to get fired
By nafhan on 5/21/2010 12:25:39 PM , Rating: 2
I agree, they certainly don't. However, this occurrence is probably more notable for it's uniqueness than it's actual security implications. Having some of your potentially private info captured by Google is not nearly as bad as having your personal info released into the wild as seems all too common lately.


RE: Van Valin needs to get fired
By bug77 on 5/21/10, Rating: 0
RE: Van Valin needs to get fired
By rcc on 5/21/2010 2:46:09 PM , Rating: 2
?? Was this really a response to my post?


RE: Van Valin needs to get fired
By bug77 on 5/21/2010 3:19:04 PM , Rating: 2
Of course.


RE: Van Valin needs to get fired
By rcc on 5/21/2010 5:28:59 PM , Rating: 2
lol, ok, then you lost me. Or misunderstood my post.


RE: Van Valin needs to get fired
By LEDFlashing on 5/21/2010 10:06:56 PM , Rating: 3
If the data is there, and freely available in the air ... then it's free for the taking. You have a right to privacy, but failure to enforce that right is you're own problem. If you run an unsecured network then you MUST accept that your data may well be unsecure. It's not google's fault. It's your fault for being an idiot.


By Lazarus Dark on 5/22/2010 3:34:33 AM , Rating: 3
This is kinda what I keep thinking. It's like when they came out with VCR's. The tv stations tried to raise cain and say that recording tv was stealing, but courts ruled that if you broadcast frequencies into a persons home, they have the right to capture and record those frequencies. Same with Wifi, if you choose to broadcast everything to the world, you can't complain if the Google truck driving down the street happens to catch it when you broadcast it into thier truck.

This is not the same as stealing wifi from your neighbor, as that would require you communicating directly with their router. Google was only passively collecting info given out freely. If Google had collected encrypted data and then tried to break the encryption, it would then be an issue, but that's not at all what happened here.

Moral: If you broadcast data, don't complain if someone listens.


Perhaps...
By MrBlastman on 5/21/2010 9:25:00 AM , Rating: 5
If her job depended on security of her work, she might have had the forethought to secure her router and then go the additional step of using an RSA-SecurID plus an encrypted tunnel.

She did not.

She is full of fail. I suggest that her employer sue her for violating the NDA contract and all possible damages they may encur from this breach of security.

I'm not defending Google, but, when I see a numbnuts making a lawsuit, I have to point it out.




RE: Perhaps...
By Golgatha on 5/21/2010 9:31:37 AM , Rating: 2
I rated your comment up. Furthermore, if the data is very sensitive, I would not be sending it over WiFi anyway. Wired connections FTW. Classified networks simply do not allow WiFi to be present. Too much of a security risk.


RE: Perhaps...
By Trekie on 5/21/2010 9:34:03 AM , Rating: 2
Haha. I totally agree. Also not defending Google (but I still love them!), but I would totally like to see this lady get into a little trouble from her company. Seriously, who in their right mind would send secure/confidential documents over an insecure network? "Here's your sign!"


RE: Perhaps...
By Aikouka on 5/21/2010 9:35:31 AM , Rating: 3
"A significant amount of the wireless data is also subject to her employer's non-disclosure and security regulations."

The quoted statement is kind of vague, but I can't imagine that if her work is governed by security regulations (assuming governmental), that she would ever be able to work remotely without using some sort of passcode-based VPN login.

I wouldn't call myself a Google apologetic, but I think the whole thing is kind of silly. If I didn't know anything about technology, this suit would make me think that Google gained massive amounts of data from these people where in reality, it maybe intercepted a dozen or so packets. Although, that's really just my guess about the thought of a vehicle simply driving by in an area and picking up on a signal for a small time before jumping to another closer one (or losing it because it drops out of range).


Three things...
By iFX on 5/21/2010 9:51:53 AM , Rating: 2
1.) First off, yes, open wireless networks can be accessed by anyone within range with the right equipment however, no one on this forum or most people in general have the ability to document and map these networks on the scale that Google does (nationally, globally?) which is where the concern comes in. Whether there is a legal concern I don't know but I'm surprised anyone is ok with Google's mapping of networks including the MAC addresses and then correlating them with a specific GPS/Address. Anyone who thinks this was accidental is kidding themselves.

2.) People... secure your networks for Christ's sakes. It takes less than five minutes to setup WPA2... maybe slightly longer to reconnect your existing devices. Just do it, Google has proven that not just war drivers are out there looking for YOUR network. Who else may be?

3.) Who sends critical, confidential data over wifi? A lot of people apparently. I think people don't understand the risk to their data, otherwise they wouldn't be doing it. Lock down your $#!^ people!




RE: Three things...
By Motley on 5/21/2010 10:19:57 AM , Rating: 2
I am suprised anyone cares if google knows your SSID/MAC address. This is about as sensitive as correlating someones address with a GPS location on a global scale... You might also call that process making maps.


RE: Three things...
By iFX on 5/21/2010 10:22:23 AM , Rating: 2
A street address does not confirm a specific activity at that specific location.


RE: Three things...
By keith524 on 5/21/2010 11:38:09 AM , Rating: 2
My view of this is that once you set-up a wireless network you are freely sending that data out into the world around you. If you are worried about someone being able to pick it up then you shouldn't send it out. You can try to minimize the risk by setting-up security on your network, but the risk is still there...


Privacy?
By MegaHustler on 5/21/2010 3:25:28 PM , Rating: 2
If you send out data on your WiFi which is operating on a non-exclusive public license-free frequency, do you really have a reasonable expectation of privacy? Is it illegal to "listen" to other peoples WiFi in the USA? I know radio scanners are legal, but that it's illegal to own one that can listen to cell phone frequencies.




Proof of injury?
By Divide Overflow on 5/24/2010 10:48:09 PM , Rating: 2
Hysteria and paranoia. This gal (or anyone else) is going to have a hard time showing that they were harmed by Google collecting this random data. Does Google actually have her data? If so, how is it being misused?

No crime committed here. Nothing to see, move along.




"And boy have we patented it!" -- Steve Jobs, Macworld 2007














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki