Living in Google’s World; or, Lessons from Street View Wi-Fi SpyingBy: Drew Bowling - May 7, 2012
A friend of mine spotted the Google Street View car here in my city a couple of days ago. It’s always fun to hear about those sightings because it feels like catching a glimpse of a full-on double rainbow or maybe even a celebrity discreetly ordering at a Starbucks. Well, at least that’s how I used to feel when I’d hear about somebody spying the Street View car. After the whole Wi-Fi spying-gate scandal, though, news of the car canvasing through town just makes me feel resentful.
You’ve always heard these bogeyman stories about how you should always, at a minimum, secure your Wi-Fi network with a password. I’ve been hearing about it since the nascent days of Wi-Fi networks: using an unsecured network is basically the internet version of leaving the front door of your house open while you’re not home. You never know who could be lurking on your network, siphoning off the password to your email account or waiting for you to enter your credit card number to order that cat litter on Amazon. In short, it’s not safe; it’s the economic way to invite somebody to steal your personal information.
And yet, even as somebody who definitely falls into the category of Should Know Better, I still use unsecured Wi-Fi networks. I use them a lot, actually. Sometimes it can’t be helped, say if you’re at the public library or at a coffee house. Sometimes it can be helped. Me? I usually throw caution to the wind and never think about the risks whenever I need to use a public Wi-Fi network. I don’t think I’ve ever once paused before connecting to one and though, “Wait, on second thought, I shouldn’t do this because someone could swipe my information.” Even though I should know better, I ask myself, why do I still do it? I really don’t know. Sometimes I’m just that stupid, I guess.
Part of that illogical reasoning comes from the fact that I don’t do anything important, at least, anything important to petty cyberthieves. It’s naive, but I always think that if somebody really wants to steal my identity that badly, go ahead – I’m nobody of consequence and, really, I could certainly use the help paying back my student loans if anybody else wants to take on that debt with me.
My weird rationalization for suspending my disbelief only functions if I picture some meddling 26-year-old in the next room of the coffee shop eavesdropping on the Wi-Fi network. I can’t imagine anything more boring than watching the average person browse the internet. You’re not going to secure any confidential trade secrets of Wall Street or stumble upon somebody’s ingenious yet unpatented idea to solve the energy crisis. You probably wouldn’t even learn how to fold a winning paper airplane, let alone instructions on how to make a bomb. For that ostensible Wi-Fi spier, I don’t really see how anything on a general network could be of much use.
I wish I could say the same about the Google Street View Wi-Fi eavesdropping story. These are not middling twentysomethings in a coffee shop just being nosy. This a corporation for whom personal information is a mountain range of Martian blood diamonds. Google makes untold millions of dollars from crunching your personal information into advertising revenue. That kid in the coffee shop with the Jimmy Neutron haircut and an Ubuntu-powered PC might not have much use for what trivia I happen to be browsing in the middle of the afternoon, but the same can’t be said for Google.
That said, I’m not opposed to the general concept of Google having my information (we won’t get into the specifics regarding how long they hold onto it or any other aspects I do have a problem with). I realize that’s how I’m paying for some of their really great services, like Gmail, search (which is sometimes great), and Chrome, to name a few. If that’s what keeps those services top-rate and free, I think I can agree to the simple terms that they collect my data and use it for advertising.
I don’t mind that because it’s a mutual agreement wherein I know when they’re collecting it and what information they’re collecting. What I do mind is Google cat-burglaring people’s information by driving a vehicle around that’s siphoning off personal information from people using an unsecured Wi-Fi network. What I do mind is Google picking the locks on people’s browser security settings so that it can still track user data.
While both of these vampiric practices are irksome, the Street View/payload collecting issue irks me even more because Google has consistently misled the public about it, as if equivocating just enough will satisfy investigators and inquisitors so that they’ll all go away and Google won’t ever actually have to come clean about the what they’ve been up to. After saying it wasn’t collecting payload data but then it actually was, Google blamed it on a “rogue” engineer. After blaming it on said engineer, a Federal Communications Commission report shows that, in fact, several people at Google knew about the payload collection, therefore sinking the “rogue” engineer alibi. After all of that, nobody except Google still knows what data was collected in the Google Street View payload.
Given that kind of duplicity, no wonder so many people were cautious if not accusatory when Google Drive was launched last month: people aren’t so comfortable trusting Google these days.
Beyond all of this, Google already gets loads and loads of information via user consent. What is there to possibly gain from side-stepping security and possible legal protections to acquire even more? It’s like Google’s a data zombie that just can’t ever quite satiate that hunger for more brains.
As mentioned, Google’s bread and butter is information. I get that. I also realize that Google’s habit of holding its cards close to its vest in order to not reveal what it’s doing with the information is probably more indicative of the competitive industry than sincere malice (at least, I hope that Google doesn’t have some Skynet future planned for all of us). However, Google needs to scale back the intensity with which it goes after personal information of people on the internet.
It is not Google’s manifest destiny to pursue your personal data and it has done nothing to really earn any rights to it by misrepresenting its respect (or lack thereof) for privacy. If the company wants more personal data than it already has, it should be approaching the public directly instead of using some under-handed method that nobody knows about until after Google gets caught.
Sorry, Google, but when we shook hands and I agreed to use Google services in exchange for you to use my information, I didn’t realize you had your fingers crossed behind your back. Not cool.
In the end, there’s not really much else that can be done about the Google Street View eavesdropping. The FCC delivered its ceremonial slap on the wrist and Google still gets to keep the info it collected, so all in all, after a cost-benefit analysis at the day’s end, Google did pretty well for itself with the Street Car ordeal.
Google has this irresistible habit of making people feel like it’s Google’s world and we’re just lucky to live in it. Such an approach creates this incredible cognitive dissonance with users, myself included, because I think Google does do a lot of great stuff. But this isn’t a zero-sum game and doing a good thing here or there shouldn’t mean that Google gets some credit to spend on breaking bad.
But if this is indeed Google’s world, the lesson here is to protect your little corner of it and do common things like keep your Wi-Fi network secured. Anymore, if you’re savvy enough with encryption, you should probably limit what devices have permission to access the network, too. It sounds like it could be a pain for allowing visitors or neighbors access to your network, but hey – just assume that companies are spying on you and protect yourself according to your levels of fear. Better to be safe than sorry, really.
And that’s the beast stalking between the lines of every story that comes out about Google’s sponging up of payload data via Wi-Fi networks: better to be safe than sorry because, anymore, it’s obvious that random upstart hackers are no longer the biggest concern for whenever we’re using unsecured connections. They’re still a concern, sure, but now we have to worry that enormous tech companies like Google are out there spying on us, which could have much greater ramifications. And if Google’s already spying on us, that begs the question: just how many other huge corporate (or even government) entities are out there spying on us, too?
It’s probably a safe bet to assume all of them are.