Robin Wilton (@futureidentity) has dragged me into a discussion around privacy and SSIDs.
Like probably about anybody else who has ever played with software like Kismet (many years ago), I’m more amused than concerned by Google’s oh shit moment around wi-fi data collection: If you’re out to map wireless networks, then separating collection of packets from evaluation is a very natural thing to do. In other words: I buy that Google simply screwed up on this one. Now, Robin takes the discussion further and asks whether there’s a privacy violation in logging SSIDs (and, perhaps more importantly, BSSIDs) from the streetview cars, and what the usefulness of that data is in the first place. My take is that there are some immensely useful services that can be offered using this sort of data collection — it enables geolocation based on just observing what Wireless networks a device can “see”. (E.g., wi-fi based geolocation is the only one that my laptop is able to perform.) The data that’s interesting for that sort of observation isn’t the content of a packet. Instead, it’s what network I can see from where. Therefore, making that observation (while throwing away any payload you may accidentally get to see) strikes me as harmless, and not a privacy (or other) violation: To begin with, the data isn’t even tied to an individual in most cases. And collecting that data passively isn’t interfering with my use of my network, either. Now, that isn’t to say that all sorts of organized wardriving are automatically legitimate: I might get concerned if an organization doing that sort of exercise was joining networks, figuring out what ISP they use, and perhaps even correlating IP addresses with real identities — probably within the realm of the feasible for an organization like Google. I could see how people might feel violated if they ended up on a map with open access points that directs others to use their network — the distinction being that this sort of service might cross the line between casual use of an open wireless network by third parties and systematic use. But do we have any reason to believe that this sort of thing has happened in the StreetView case? Yes, Google made a fairly bad mistake, and confessed it publicly when they hoped nobody was listening. Yes, the degree of intrusion that comes with wardriving depends on what the wardrivers do with the networks they see. But let’s not throw out the basic measurements that enable wi-fi based geolocation services along the way!
No Such Weblog 
This analaysis still rather misses the point. Google breached information privacy law, whether the wifi data is "public" or not. The issue is pretty well black and white, but numerous commentators are making a bit of a meal of it, rationalising that Google was doing worthwhile, and/or downplaying the incident because wifi data is said to be "public". But privacy is more about control than secrecy; even if a wifi is broadcasting (actually, narrowcasting) personal information, there are strict limits under information privacy law on what a third party is allowed to do with it. I am going to make the assumption that Google has the resources to render wifi data identifiable. Most privacy law prohibits the collection of personally identifiable information with no express reason, without telling the people concerned, and without any commitment to safeguard that information. What Google did is a very straightforward breach of privacy law. Gathering payload data in addition to SSIDs was apparently a mistake, but I’d say it’s exactly the sort of mistake that is made when an organisation systemically doesn’t give a shit about privacy. You cannot compile information about individuals just because it’s there and it’s interesting. Privacy law serves to put the brakes on the sorts of activities that Google is notorious for. If there really is a good reason to compile wifi data for geolocation services, then let’s have Google be upfront about this. They should disclose what they’re doing and why exactly, they should show that the data is not triangulated with other data sets to make it identifiable, and they should take much greater care with their own systems (and culture) so that engineers don’t go about writing surveillance software just because they can. Cheers, Steve Wilson, Lockstep Technologies.
@steve_lockstep, the key difference between your and my analysis is precisely the identifiability point.If you read my analysis, the point really is that, yes, there are things you can do while wardriving that start to look like a very serious invasion of privacy (in particular if you are Google, in particular if you are capable of making the data identifiable by [e.g.] discovering the IP address and looking for recent searches from that IP address) — but that the kind of information you need to drive a Wifi based geolocation service doesn’t require any of that intrusion, and further, that collecting <i>some</i> of the easily accessible information about WiFi networks is entirely ok, even if you’re Google.I agree with you on the transparency point, and we’re already seeing the initial inquiry by the European DPAs cause Google to look into what data it has, and why. That’s good.What I’m worried about, though, is the notion that the data collection that underlies any WiFi based geolocation service gets characterized as an inherent violation of privacy laws. I don’t think it is, even if Google is the actor.
If there are pros and cons to geolocation services, then let’s debate them, and examine them through the privacy frame. But simply saying that collecting wifi data is useful for XYZ is no get-out-of-jail-free card. Rather, it actually sharpens the focus on privacy. So Google has a purported primary purpose for collecting wifi data? Great! But let’s therefore see their privacy policy. It shpould be explicit. Let’s see what constraints, if any, they’ll put on secondary usage of wifi data. Famously Google tends to allow themselves unconstrained secondary usage; remember the original Chrome Ts&Cs?
Kim Cameron has a great series of posts on "public" SSIDs: http://www.identityblog.com/?s=google+ssid&x=0&y=0 It’s one thing to capture public hotspots, but uniquely identifying and aggregating private devices is a very different beast.
FWIW, for the reasons given in the post and the comments, I disagree rather strongly with Kim Cameron’s take on the matter. I think he’s blowing it completely out of proportion.