[LINK] Google's WiFi bungle

Wed May 19 12:12:00 AEST 2010

Craig,

I don't disagree that there's a big problem in the way people 
unwittingly leak information as they go about their digital lives. And 
there is a huge blindspot in privacy law and policy as to the realities 
of IT.

Yet there is an complementary blindspot on the part of technologists as 
to Information Privacy Principles and law. For all the bombast Craig, 
it's not clear whether you appreciate the following:

- the "publicness" of personal information has little or no bearing on 
whether a corporation can collect it and put it to other uses; 
information privacy law simply forbids the collection and use of 
personal information without a real need or without consent

- people can philosophise and moralise all they like about the 
carelessness of regular folks, the promiscuity of facebook users etc 
etc, but information privacy law is written in such a way that skirts 
these questions. In particular, privacy law is largely blind to the 
method of collection; if a corporation has come to hold personally 
identifiable information then they are required to obey applicable 
legislated Privacy Principles.

You might indicate if your understand this or not; but otherwise a 
"gulf" between IT and privacy seems a fair description to me.

Further, you say that Google's collection of wifi information was 
totally inadvertant given the way that wifi works (they were 'walking 
around with their eyes open'). But that's not how Google themselves 
describe their collection:

"an engineer working on an experimental WiFi project wrote a piece of 
code that sampled all categories of publicly broadcast WiFi data. A year 
later, when our mobile team started a project to collect basic WiFi 
network data like SSID information and MAC addresses using Google’s 
Street View cars, they included that code in their software—although the 
project leaders did not want, and had no intention of using, payload data."

See 
http://googleblog.blogspot.com/2010/05/wifi-data-collection-update.html?spref=tw

So it was not an accidental by-product of operating a regular wifi device.

If we take Google at their word, then they have not breached the Use and 
Disclosure Principles, but they have breached the Collection Principle.

Cheers,

Steve Wilson.

Craig Sanders wrote:
> On Wed, May 19, 2010 at 08:15:32AM +1000, Stephen Wilson wrote:
>> It's also a result of the gulf between the worlds of IT and           
>> privacy.  IT practitioners might say they understand that privacy     
>> and *security* are not the same thing, but then they turn around and  
>> act as though privacy and secrecy *are* the same thing, because if    
>> information is "public" they think privacy no longer applies.         
>
> no, they (we) think that the bulk of the population are scarily
> ignorant about privacy, and about just how much personal data they are
> leaking as they go about their daily lives.  and far too willing
> to give up personal information (and i'm not talking about teenagers on
> facebook).
>
> this is NOT a problem that is going to go away by itself. it is not one
> that can be solved by technology. or by legislation.
>
> it is only going to be solved when people start to understand - AND care
> about - their own privacy.
>
> craig
>