[LINK] Google's WiFi bungle

Kim Holburn kim at holburn.net
Wed May 19 14:21:49 AEST 2010

On 2010/May/19, at 12:12 PM, Stephen Wilson wrote:
> Craig,
> I don't disagree that there's a big problem in the way people
> unwittingly leak information as they go about their digital lives. And
> there is a huge blindspot in privacy law and policy as to the  
> realities
> of IT.
> Yet there is an complementary blindspot on the part of technologists  
> as
> to Information Privacy Principles and law.

Sorry I think that a lot of "technologists" are aware of the issues.

> For all the bombast Craig,
> it's not clear whether you appreciate the following:
> - the "publicness" of personal information has little or no bearing on
> whether a corporation can collect it and put it to other uses;
> information privacy law simply forbids the collection and use of
> personal information without a real need or without consent

This is what makes this matter so interesting.  Every country has  
different privacy laws.  (Laws I should add that companies often  
interpret to their benefit not ours.)  There are countries that have  
banned google street view and countries that are thinking of it.

One of the many questions here would be: does wifi information  
constitute personal information?  I think you can definitely argue it  
doesn't (mostly).  Does the law (of whatever country) forbid the  
*collection* of personal information?  How would companies work under  
that sort of regime?  How could they keep track of their customers?   
What exceptions are there?  For instance how do telephone book makers  
make telephone books?  Telephone numbers and addresses would generally  
not be public information except in that they are published in the  
telephone book or by their owners.  In some countries phone numbers  
are considered public information and in some limited public  
information and in some not.  It's definitely not simple.

You argue as though this is simple and clear cut.  I do not think that  
is so at all.

Tell me, is an advertisement on someone's property in plain view  
private information?

> - people can philosophise and moralise all they like about the
> carelessness of regular folks, the promiscuity of facebook users etc
> etc, but information privacy law is written in such a way that skirts
> these questions. In particular, privacy law is largely blind to the
> method of collection; if a corporation has come to hold personally
> identifiable information then they are required to obey applicable
> legislated Privacy Principles.

Which privacy law?  In the case of google it must work within a  
country's laws for each country it operates in.  But facebook?  Whose  
laws?  Ours? The US?  Does facebook collect personal data?  Because  
people put it on facebook themselves has facebook broken your  
collection principle?

> You might indicate if your understand this or not; but otherwise a
> "gulf" between IT and privacy seems a fair description to me.
> Further, you say that Google's collection of wifi information was
> totally inadvertant given the way that wifi works (they were 'walking
> around with their eyes open'). But that's not how Google themselves
> describe their collection:
> "an engineer working on an experimental WiFi project wrote a piece of
> code that sampled all categories of publicly broadcast WiFi data. A  
> year
> later, when our mobile team started a project to collect basic WiFi
> network data like SSID information and MAC addresses using Google’s
> Street View cars, they included that code in their software—although  
> the
> project leaders did not want, and had no intention of using, payload  
> data."
> See
> http://googleblog.blogspot.com/2010/05/wifi-data-collection-update.html?spref=tw
> So it was not an accidental by-product of operating a regular wifi  
> device.
> If we take Google at their word, then they have not breached the Use  
> and
> Disclosure Principles, but they have breached the Collection  
> Principle.
> Cheers,
> Steve Wilson.
> Craig Sanders wrote:
>> On Wed, May 19, 2010 at 08:15:32AM +1000, Stephen Wilson wrote:
>>> It's also a result of the gulf between the worlds of IT and
>>> privacy.  IT practitioners might say they understand that privacy
>>> and *security* are not the same thing, but then they turn around and
>>> act as though privacy and secrecy *are* the same thing, because if
>>> information is "public" they think privacy no longer applies.
>> no, they (we) think that the bulk of the population are scarily
>> ignorant about privacy, and about just how much personal data they  
>> are
>> leaking as they go about their daily lives.  and far too willing
>> to give up personal information (and i'm not talking about  
>> teenagers on
>> facebook).
>> this is NOT a problem that is going to go away by itself. it is not  
>> one
>> that can be solved by technology. or by legislation.
>> it is only going to be solved when people start to understand - AND  
>> care
>> about - their own privacy.
>> craig
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

More information about the Link mailing list