{"id":397,"date":"2010-05-28T11:50:54","date_gmt":"2010-05-28T15:50:54","guid":{"rendered":"http:\/\/blogs.law.harvard.edu\/niftyc\/?p=397"},"modified":"2011-07-29T22:59:09","modified_gmt":"2011-07-30T02:59:09","slug":"confessions-of-a-spy-car-driver","status":"publish","type":"post","link":"https:\/\/archive.blogs.harvard.edu\/niftyc\/archives\/397","title":{"rendered":"Confessions of a Spy Car Driver"},"content":{"rendered":"

(or: Inadvertently Illegal Programming, A Primer<\/strong>)<\/p>\n

Earlier this month, Google’s official engineering blog confessed that the company’s Street View cars and bikes have “inadvertently” gathered personal data in transit on unencrypted Wi-Fi networks<\/strong> for the past three years (see the post:\u00a0Wi-Fi Data Collection<\/a>). \u00a0As chronicled in major news stories in the past three weeks, Google’s actions are under scrutiny by government regulators everywhere (see links to news stories at the end of this post).<\/p>\n

\"\"<\/a> <\/em><\/p>\n

[One of Google’s Ominous-Looking Spy Cars
\nphoto by byrion<\/a> — click to enlarge] <\/em><\/p>\n

This is a topic close to my heart because my research group has been conducting similar surveys of wireless signals<\/strong> for the past five years as part of a project funded by the US National Science Foundation. \u00a0Here’s a picture of our own slightly less obtrusive Wi-Fi sampling car<\/strong> in South Central Los Angeles in 2005. \u00a0(On second thought, we shouldn’t have chosen a black SUV. \u00a0Too scary.)<\/p>\n

<\/p>\n

\"\"<\/a><\/p>\n

[At least our antenna isn’t as scary as Google’s.
\nClick to enlarge — photo Credit: Hope Hall]<\/em><\/p>\n

Our project was research and not commerce, so thanks to something called the National Research Act of 1974<\/a>, in order to begin our research project we needed ethics approval from a university panel of researchers and civilians. \u00a0We had to investigate, explain and justify the privacy implications<\/strong> of our study to a group called the university’s “institutional review board” before we started doing anything.<\/p>\n

My argument to the board went like this: \u00a0We want to count the presence and absence of Wi-Fi networks, and we want to uniquely identify them so that we can tell where Wi-Fi exists and where it doesn’t. \u00a0(This is the same thing Google wants to do. \u00a0Other companies do it too<\/strong>, like Microsoft and Skyhook Wireless<\/a>.) \u00a0A main commercial motivation for this kind of project is to improve GPS accuracy (try it: http:\/\/loki.com\/<\/a>). \u00a0Our research motivation was to understand the evolution and diffusion of computer networks.<\/p>\n

This is akin to doing a survey of telephone adoption by counting telephone poles<\/strong>. \u00a0We can do this research from public streets and sidewalks. \u00a0We are looking at unencrypted information that is broadcast in the clear to everyone anyway (called the “management frame” — this information is what creates the list of available Wi-Fi access points that is on the upper right (Mac) or lower right (PC) of your laptop). \u00a0We don’t look at the content of the transmissions.<\/p>\n

Although our equipment looks <\/em>different from your laptop (and works faster and on more channels), our code does essentially the same thing that your laptop does when you open it in a new place. \u00a0It listens to see if there is any Wi-Fi around. \u00a0That’s it. \u00a0To me, it didn’t seem like a difficult ethical case to make<\/strong>. \u00a0Indeed we easily passed ethics review and our research was declared exempt from further review.<\/p>\n

To give you an example of what we see, here is a screenshot from a popular open source wireless sniffer, kismet<\/a>. \u00a0(We use a slightly modified version.)<\/p>\n

\"\"<\/a><\/p>\n

[Kismet screenshot — click to enlarge.]<\/em><\/p>\n

Google was trying to do the same thing that my wireless research group was doing — again, no ethical problems there. \u00a0However, they claim to have “inadvertently” also listened to the content of communications<\/strong>. \u00a0(This is called “payload” data.) \u00a0Here’s the problem with the story<\/strong> we’re getting from Google: the word “inadvertently<\/strong>.”<\/p>\n

I see no way that this could be inadvertent. \u00a0Continuing my earlier metaphor: If your plan is to count telephone poles how would you “inadvertently” tap telephone lines and transcribe everything that you hear<\/strong>? \u00a0The two actions are quite different. \u00a0Of course I don’t know how Google wrote its software for these capture platforms. \u00a0With our team we use slightly modified versions of open source wireless tools. \u00a0It is possible to use tools like these to save the “payload” data from wireless systems. \u00a0There are legitimate engineering reasons for doing so if you are trying to improve the performance of your network. \u00a0That’s why these tools exist.<\/p>\n

However, I don’t understand how we could ever have “inadvertently” done that. \u00a0It isn’t like stumbling over a banana peel or forgetting to leave a light switch (or variable) turned on. \u00a0Even sampling some <\/em>of the payload data would start producing about 10x as much data as listening only to the management frame. \u00a0Do you ever go to the store for a can of soda and “inadvertently” fill your cart with ten cans? <\/strong>I didn’t think so.<\/p>\n

If you inadvertently started buying 10x as many groceries as you wanted<\/strong>, I bet you’d notice. \u00a0I bet it would take you less than three years to notice, too.<\/p>\n

The only interpretation I can think of is that the word “inadvertently” is being applied by the legal department. \u00a0The real chain of events is probably that the coders at Google intentionally designed these systems to act in this (illegal) way<\/strong>, but they didn’t understand the legal and PR implications. \u00a0Programmers may have set it up on their own initiative and not briefed anyone else who could have seen this disaster looming, but that isn’t “inadvertent.” \u00a0And it isn’t a “programming error” <\/strong>— another phrase that is being used in the press.<\/p>\n

From here Google looks pretty guilty<\/strong>. \u00a0Now in the most recent news reports it looks like they are trying to destroy the data as quickly as possible as a way out of the scandal. \u00a0But looking at the data would make it even clearer that its collection wasn’t accidental. \u00a0So \u00a0in this case destroying the private data may not <\/em>be a way to protect the privacy of those they snooped on — instead it seems like a way to protect Google’s nontraditional use of this word: “inadvertently.”<\/p>\n

P.S.
\nSee visualizations<\/strong> from our (legal and ethical) Wi-Fi research: \u00a0The RED Project<\/a>. \u00a0From: Sandvig, C. (2007). The RED Project: Rendering Electromagnetic Distributions. Vectors: Journal of Culture and Technology in a Dynamic Vernacular<\/em>. 3<\/em>(1).<\/p>\n

P.P.S.
\nThanks to Rajiv Shah<\/a> for suggesting this post.<\/p>\n

________<\/p>\n

Related news coverage:<\/p>\n

Google Says it Collected Private Data by Mistake<\/a>” (NYT), “Google Balks at Turning Over Private Internet Data to Regulators<\/a>” (NYT), “FTC Asks Google to retain WiFi data<\/a>” (Washington Post).<\/p>\n

________<\/p>\n

UPDATED <\/span><\/strong>on 5\/29: \u00a0Added kismet screenshot<\/strong>, fixed typo.<\/p>\n","protected":false},"excerpt":{"rendered":"

(or: Inadvertently Illegal Programming, A Primer) Earlier this month, Google’s official engineering blog confessed that the company’s Street View cars and bikes have “inadvertently” gathered personal data in transit on unencrypted Wi-Fi networks for the past three years (see the post:\u00a0Wi-Fi Data Collection). \u00a0As chronicled in major news stories in the past three weeks, Google’s […]<\/p>\n","protected":false},"author":2132,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[48405,1321],"tags":[],"class_list":["post-397","post","type-post","status-publish","format-standard","hentry","category-geeking","category-research"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4M7Bm-6p","_links":{"self":[{"href":"https:\/\/archive.blogs.harvard.edu\/niftyc\/wp-json\/wp\/v2\/posts\/397","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.blogs.harvard.edu\/niftyc\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/archive.blogs.harvard.edu\/niftyc\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/niftyc\/wp-json\/wp\/v2\/users\/2132"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/niftyc\/wp-json\/wp\/v2\/comments?post=397"}],"version-history":[{"count":10,"href":"https:\/\/archive.blogs.harvard.edu\/niftyc\/wp-json\/wp\/v2\/posts\/397\/revisions"}],"predecessor-version":[{"id":403,"href":"https:\/\/archive.blogs.harvard.edu\/niftyc\/wp-json\/wp\/v2\/posts\/397\/revisions\/403"}],"wp:attachment":[{"href":"https:\/\/archive.blogs.harvard.edu\/niftyc\/wp-json\/wp\/v2\/media?parent=397"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/niftyc\/wp-json\/wp\/v2\/categories?post=397"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/niftyc\/wp-json\/wp\/v2\/tags?post=397"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}