Read an Computerworld article - Why Google should be allowed to 'harvest' your Wi-Fi data By Mike Elgan on April 21, 2012 which reflects my view that actual doing wardrive http://bit.ly/I66ibO as opposed to piggybacking is legal.
The computerworld article "Why Google should be allowed to 'harvest' your Wi-Fi data" can be found at http://bit.ly/HXe4QA
I have looked at this debate a number of times as a researcher looking at the problems of securing wireless in the urban environment. In the UK which is where I have a better legal understanding, the use of radio is licensed. That means a radio station such as run by the BBC buy a licence to broadcast content on a frequency, the licensing terms allow the general public on a suitable approved receiver to pick up the radio signals and listen providing the have a TV (and radio) licence, the content copyright where it does not belong to the owner of the content ie music will belong with the radio station. The general public should not rebroadcast, record the content without permission of the radio station. This is not the case with WiFi and CB radio this have a different licencing arrangement and this is where confusion and debate takes place. WiFi in the UK uses the ISM band which is licence exempt, you don't need a licence to listen to it although the equipment must be approved within a certain specification, this means that anybody using the approved equipment can broadcast and receive the signals. This means listening to WiFi signals is not illegal; WiFI NICS do this all the time. Where the legal issues come in is listening to a communication and whether you are infringing privacy, if you connect to an Access Point you connection goes beyond the wireless transmission and starts to affect the network. AP don't give out IP addresses the DHCP server in the router does, this is different from listening to a WiFi signal or broadcasting beacons and management frames and getting a response from the AP, that is all controlled by the IEEE specification and is part of the mechanism of the transmission. Connecting to a wireless network in the UK is illegal under the Communications Act 2003 as specific offence. An unencrypted network is not authorisation just like an open door to a domestic property is not an invitation to enter.
When it comes to Google, what it was doing and what it intended aim was where different things, it aimed to collect data from Wireless location services, a lot companies such as skyhook collect data for this. What it did was to capture and record conversations. Now doing the collection and recording was infringing privacy and Google should be taken to task for it.
What I ask is could Google of collected data for Wireless Location Services without collecting and recording data packets, the answer is YES, so why I feel Google need to answer the question why did it happen.
Conclusion
My view is that Google did not need to record the personal data; either through it was effectively being publically transmitted; to complete the WiFi location data.
Collecting the details of the Access Points and their geolocation is a legal activity, and this could of be completed without infringing privacy of communication.
However broadcasting on a 'public' transmission system is a security risk, all data transmission should be encrypted to make illegal capture and recording pointless.
No comments:
Post a Comment