TheMarketingblog

Front-page splashes : “Your emails, sex secrets and health details – all harvested by Google” | PC Pro blog

The arrival of our mini-heatwave appears to have tricked some of our national newspapers into thinking “silly season” has arrived.

Both The Sunday Times and The Daily Mail have led with front-page splashes about Google’s Street View data harvesting – both based on a report by the US Federal Communications Commission (FCC) that we and many others reported on when it was published over a month ago.

By Barry Collins

It’s not the newspapers’ late arrival to the story that has me pounding my keyboard in frustration, however. It’s the sensationalist exaggeration of the Street View data collection that has triggered a sudden spike in my blood pressure.

This new wave of reports has been triggered by the revelation that a Google engineer warned his bosses in advance that the software installed in the Google Street View cars would collect user traffic – undermining the company’s long-held claim that the data was collected “mistakenly”.

It’s hard to conceive of a more stupid, inefficient way to conduct mass surveillance of the nation than fitting snooping software into the Street View cars

That Google allowed this software to be used in its Street View cars is nothing short of shameful, as is the lack of any meaningful punishment from our own Information Commissioner’s Office and data protection authorities worldwide.

Even more shameful, however, is the way in which the newspapers have wildly over-egged the data-harvesting capability of the Street View cars.

Take the headline on The Sunday Times story, for example: “Your emails, sex secrets and health details – all harvested by Google”. The chances of Google capturing any one of those things – let alone all three – are only slightly higher than your chances of winning this Saturday’s lottery and having the cheque presented by Princess Diana. Here’s why.

How Street View harvested data

The software in Google’s Street View cars could only collect payload data from Wi-Fi connections that weren’t password-protected. An unsupported stat in The Daily Mail story claims one in four Wi-Fi routers isn’t secured; but assuming that data is accurate, that still means Google’s cars could potentially collect personal data from only a quarter of the houses they passed.

What’s more, the cars can only collect data during the few seconds they pass your house when taking Street View photography. Google doesn’t have a fleet of thousands of Street View cars driving down your road every day: my street in Sussex was last photographed in 2009, for example. And because Google wants nice, well-lit photos of our streets, its cars operate during the daytime – when most people are at work and not using their internet connection.

In other words, the window of opportunity for Google’s Street View cars to collect data was tiny: a few seconds every three or four years.

Even assuming that Google did manage to capture your net traffic as its cars passed your house on your day off, the chances of it capturing anything sensitive are extremely slim. The FCC report states the payload data “included email and text messages, passwords, internet usage history, and other highly sensitive personal information”; but it also acknowledges that much of this data would have been encrypted, even if the Wi-Fi connection itself wasn’t.

For example, if you were logged into your online bank account, the data passing between your computer and the bank would be encrypted. Unless Google had the encryption keys (it didn’t), all it would see is an indecipherable deluge of 1s and Os. It might be able to work out which bank you used, but nothing else.

In short, only if you were sending an unencrypted email to your doctor with details of a sexually transmitted disease you picked up from the woman you’re having an affair with at No 42, at the exact moment the Google Street View passed your unsecured Wi-Fi connection, would Google have had access to your “emails, sex secrets and health details”, as The Sunday Times claims.

Indeed, it’s hard to conceive of a more stupid, inefficient way to conduct mass surveillance of the nation than fitting snooping software into the Street View cars. But let’s not let that get in the way of a good headline, eh?

Leave a Comment