[LINK] Federal police asked to probe Google

Richard Chirgwin rchirgwin at ozemail.com.au
Sun Jun 6 21:39:45 AEST 2010 

It is interesting isn't it? Arguably they're all breaking the Privacy 
Act (for reasons already outlined in great detail by Stephen Wilson).

Google's case is special in that by catching payload it's in jeopardy 
regarding the Telecommunications Interception Act - which is different 
from investigating a privacy breach (the reporting is sloppy on this 
point, it kind of conflates the TIA with privacy breaches).

IANAL but the "Google case" has encouraged me to dig out old textbooks 
and refresh my "Wireless Ethernet 101". So to speak.

Collecting an SSID isn't an interception per se. The SSID is transmitted 
in a particular kind of wireless Ethernet frame called a "beacon", in 
which the destination address is set so that any receiver will process 
the frame.

A "payload" frame, however, has the destination address set. An 
interface with the wrong address, upon receiving that frame, is supposed 
to drop it (a behaviour that's been in Ethernet forever - the old coax 
networks behaved like this). Sniffer software ignores what is an 
explicit part of the standard - "drop frames not addressed to you". So 
it's at least tenable to argue that anyone who captures frames not 
addressed to them *is* breaching the TIA, irrespective of whether or not 
the payload is encrypted. Transmitting in the clear may be silly, but it 
doesn't constitute an invitation to snoop.

Had Google merely stuck with the standard - allow its WiFi interfaces to 
report SSID and MAC address, and drop all other frames - it would be 
invulnerable on an interception charge (although maybe not in relation 
to the Privacy Act).

RC

Kim Holburn wrote:
> On 2010/Jun/06, at 5:11 PM, <community at thoughtmaybe.com> wrote:
>   
>> Federal police asked to probe Google
>> http://www.abc.net.au/news/stories/2010/06/06/2919491.htm
>>
>> The Federal Government has asked the Australian Federal Police to  
>> investigate internet giant Google over alleged privacy breaches.
>>
>> Last month, Communications Minister Stephen Conroy labelled Google  
>> "creepy" and accused the company of committing the "single greatest  
>> breach in the history of privacy" when it collected information from  
>> wireless (wi-fi) networks.
>>
>> Google says it mistakenly collected the data and has apologised.
>>     
>
> ....
>
>   
>> Information about wi-fi networks is used by many companies,  
>> including mobile telephone giant Nokia, to improve the performance  
>> of GPS on mobile devices and provide a more accurate location,  
>> particularly in cities where satellite signals can be blocked by  
>> tall buildings.
>>     
>
> So ... many companies have wifi location data?  Curiouser and curiouser.
>
> Why haven't we heard more about this?  How did they collect this  
> data?  Where?  Did they collect any packets?  Who are these *many*  
> companies?
>
> Kim
>
>

More information about the Link mailing list