{"id":1100,"date":"2010-05-27T01:10:22","date_gmt":"2010-05-27T09:10:22","guid":{"rendered":"\/?p=1100"},"modified":"2010-06-19T23:27:35","modified_gmt":"2010-06-20T07:27:35","slug":"the-laws-of-identity-catch-up-with-google","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=1100","title":{"rendered":"The Laws of Identity smack Google"},"content":{"rendered":"

\"\"Alan Eustace, Google's Senior VP\u00a0of\u00a0Engineering & Research,\u00a0blogged recently <\/a>about Google's collection of Wi-Fi data using its Street View cars:<\/p>\n

The engineering team at Google works hard to earn your trust\u2014and we are acutely aware that we failed badly here. We are profoundly sorry for this error and are determined to learn all the lessons we can from our mistake.\u00a0\u00a0<\/p>\n

I think the idea of learning all the lessons he can from\u00a0Google's\u00a0mistake is a really good one, and I accept that\u00a0Alan really is sorry.\u00a0 But\u00a0what constituted the mistake?<\/p>\n

Last month Google\u00a0was\u00a0good enough to provide us with a “refresher FAQ<\/a>”\u00a0that dealt with the subject in a particularly specious way, even though it was remarkable in its condescension:<\/p>\n

“What do you mean when you talk about WiFi network information?<\/em>
\n“WiFi networks broadcast information that identifies the network and how that network operates. That includes SSID data (i.e. the network name) and MAC address <\/a>(a unique number given to a device like a WiFi router).<\/p>\n

“Networks also send information to other computers that are using the network, called payload data, but Google does not collect or store payload data.*<\/p>\n

“But doesn\u2019t this information identify people?<\/em>
\n“MAC addresses are a simple hardware ID assigned by the manufacturer. And SSIDs are often just the name of the router manufacturer or ISP with numbers and letters added, though some people do also personalize them.<\/p>\n

“However, we do not collect any information about householders, we cannot identify an individual from the location data Google collects via its Street View cars.<\/p>\n

“Is it, as the German DPA states, illegal to collect WiFi network information? <\/em>
\n“We do not believe it is illegal–this is all publicly broadcast information which is accessible to anyone with a WiFi-enabled device…<\/p>\n

Let's start with the last point.\u00a0Is information that can be collected using a WiFi device\u00a0actually being “broadcast”?\u00a0 Or is it\u00a0being transmitted for a specific purpose and private use?\u00a0 If\u00a0everything is deemed to be\u00a0“broadcast” simply by virtue of being a signal that can be received, then surely\u00a0payload data – people's surfing behavior, emails and chat – is also being “broadcast”.\u00a0 Once the notion of “broadcast” is accepted, the FAQ\u00a0implies\u00a0there\u00a0can be no possible objection to\u00a0collecting it.<\/p>\n

But Alan's recent post says, “it\u2019s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks.”\u00a0 He adds, “We want to delete this data as soon as possible…”\u00a0 What is the mistake?\u00a0 Does\u00a0Alan mean Google has now accepted that WiFi information is not by definition being “broadcast” for its use?\u00a0\u00a0Or\u00a0does\u00a0Alan see the mistake as being the fact they created a PR disaster?\u00a0 I think\u00a0“learning everything we can” means learning that the\u00a0initial premises of the Street View WiFi system were\u00a0wrong\u00a0(and the behavior perhaps even illegal) because\u00a0the system\u00a0collected WiFi information that was\u00a0intended to be used for private purposes and not intended to include Google.\u00a0\u00a0<\/p>\n

The FAQ claims – and this is disturbing – that\u00a0the information collected about network identifiers “doesn't identify people”.\u00a0 The fact is that it identifies\u00a0devices that are\u00a0closely associated with people – including their personal computers and phones.\u00a0\u00a0MAC addresses\u00a0are persistent, remaining constant over the lifetime of the device.\u00a0\u00a0They are\u00a0identifiers that\u00a0are extremely reliable in\u00a0establishing identity by virtue of being in\u00a0peoples’ pockets or briefcases.<\/p>\n

As a result, Google breaks two Laws of Identity<\/a> in one go with their Street View\u00a0boondoggle,\u00a0<\/p>\n

Google breaks Law 3, the Law of\u00a0 Justifiable Parties.<\/p>\n

Digital identity systems must limit disclosure of identifying information to parties having a necessary and justifiable place in a given identity relationship<\/em><\/p>\n

Google is not part of the transactions between my network devices and\u00a0is not justified in\u00a0intervening or recording the details of their use and\u00a0relationship.\u00a0<\/p>\n

Google also breaks Law 4, Directed Identity:<\/p>\n

A universal identity metasystem must support both \u201comnidirectional\u201d identifiers for use by public entities and \u201cunidirectional\u201d identifiers for private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.<\/em><\/p>\n

My network devices are private entities intended for use in the contexts for which I authorize them.\u00a0 My home network is\u00a0a part of\u00a0my home, and Google (or any other company) has not been invited to employ\u00a0that network for its own purposes.\u00a0 The identifiers in use there are contextually specific, not public, and not intended to be shared across all contexts.\u00a0\u00a0They are more private than\u00a0the IP addresses used in TCP\/IP, since they are not shared across end-points in different networks.\u00a0 The same applies to SSIDs.<\/p>\n

One can stand in the street, point a\u00a0directional microphone at a window and record the conversations inside.\u00a0 This doesn't make them public or give anyone the right to\u00a0use the conversations for commercial purposes.\u00a0\u00a0The same applies to recording the information we exchange using digital media – including our identifiers, SSIDs and MAC addresses.\u00a0 It is particularly disingenuous\u00a0to argue that because\u00a0information is not\u00a0encrypted it\u00a0doesn't belong to anyone and there are no rights associated with it.\u00a0\u00a0If lack of encryption meant information is fair game a lot of Google's own intellectual property would be up for grabs,<\/p>\n

Google's justification for collecting MAC addresses was that if\u00a0a stranger\u00a0walked down\u00a0your street, the MAC addresses of\u00a0your computers and routers could be used provide\u00a0his systems (or\u00a0Googles’?) \u00a0with information on where he was.\u00a0 The idea that Google would, without our consent<\/em>,\u00a0employ our home networks for its own commercial purposes betrays a problem of ethics and a lack of control.\u00a0\u00a0Let's hope this is what Alan means when he says,<\/p>\n

“Given the concerns raised, we have decided that it\u2019s best to stop our Street View cars collecting WiFi network data entirely.”<\/p>\n

I know there are many people inside Google who will\u00a0recognize that these problems represent more than a “mistake” – there is\u00a0clearly the\u00a0need for a\u00a0much deeper\u00a0understanding of identity and privacy within the engineering\u00a0and business staff.\u00a0\u00a0\u00a0I hope this will be the outcome.\u00a0 The Laws of Identity are a harsh teacher, and it's sad to see the Street View technology sullied by\u00a0privacy catastrophes.<\/p>\n

Meanwhile, there is one more lesson for the rest of us.\u00a0 We\u00a0tend to be cavalier in\u00a0pooh poohing the idea that commercial interests would actually abuse our networks and digital privacy in fundamental ways.\u00a0 This episode demonstrates how\u00a0naive that is.\u00a0 We need to strengthen the networking infrastructure, and protect it from misuse by commercial interests as well as criminals.\u00a0 We need clear legislation that serves as a disincentive to commercial interests contemplating privacy-invasive use of technology.\u00a0 And on a technical note, we need to fix the problems of static MAC addresses precisely because they are strong personal identifiers that ultimately\u00a0will be used to target individuals physically as criminals begin to understand their possible uses.<\/p>\n

\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"

The idea that Google would, without our consent, employ our home networks for its own commercial purposes betrays a problem of ethics and a lack of control.<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[71,3,47,11,77],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1100"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1100"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1100\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1100"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1100"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1100"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}