Google is the new Peeping Tom

They're peeking in your windows, listening at your door, and capturing everything you do on your WiFi network. But heck, it's all "public" information, right?

Want to rent a really creepy movie tonight? Try Michael Powell’s 1960 classic Peeping Tom. It’s extremely disturbing and (according to Kevin Williamson of Scream fame, at least) the original slasher film.

When they eventually make an honest movie about Google, it will probably look a lot like that. Late last week Google made public an FCC report on its WiFi spying activities that bears similarities between Powell’s stalker protagonist Carl Boehm and Google’s Street View vans.

When the FCC released the original report two weeks ago, it was heavily redacted with entire pages blacked out. After the Electronic Privacy Information Center filed an Freedom of Information Act request to obtain the original report, Google released a less redacted version of it – blacking out only the names of Google employees mentioned within.

Reading the less redacted version is a revelation. When the Google Street View vans drove all around the world slurping up 600GB worth of emails, phone numbers, passwords, chat sessions and Web histories from unencrypted wireless networks, that was no accident. It was by design.

And though the report points the finger at one man – an unnamed employee called Engineer Doe who refused to cooperate with the FCC investigation, citing his Fifth Amendment rights – it’s extremely clear that several Google employees knew about it, despite claiming otherwise.

According to the FCC report, Engineer Doe even asked Google’s search team if they could use any of the data his software had siphoned up. They apparently said no.

peeping tomflickr/D. Stenvers

Google’s penalty for lying and stonewalling the FCC? A whopping $25,000 fine, which they may well appeal.

According to the New York Times, FCC officials were unsure whether they could charge Google for violating the Communications Act (which had never been applied to WiFi communications before) or the Wiretapping Act (which is vague about whether it applies to encrypted communications). So the FCC did neither. Thanks for having our backs, guys.

Over at Wired, privacy badass Chris Soghoian has a bone to pick with the FCC over why it tried so hard to cover up the bad news about Google. He wants Congress (yes, our SOPA- and CISPA-happy legislators) to grill FCC officials over it.

Over in Germany though, the investigation and possible prosecution of these crimes is moving forward. Why? Because over there they have real privacy laws.

There’s a lot of chatter in various comment forums about how people who leave their WiFi networks unprotected are somehow making their data “public,” and thus Google (and anyone else who wants to) should have the right to collect it. That argument is BS.

It’s the equivalent of saying that if you leave your drapes open, anyone passing by your house would not only have the right to look in, they could take photos and publish them on the Internet. (Which is literally what Google Street View does.) Light is just unencrypted radio waves, after all.

In fact it’s worse. Because Google didn’t merely just photograph these houses, it also captured personally identifiable information from their networks. If you’re having an argument in your home with the windows open and for whatever reason the person you’re fighting with shouts out your Social Security Number so loud the neighbors can hear it, is that public information too? Should a passerby have the right to capture that and use it as they see fit?

US courts have long held that things visible in public have a lower expectation of privacy than things that happen behind closed doors. Thus Google and its Street View cams, snapping pix of our houses without a worry about lawsuits (in the US, anyway).

But what the law doesn’t address is how the nature of that information changes when it is captured, cataloged, and published. Someone walks by my house, sees my crappy lawn and noisy dogs, and moves on. The image of that house gradually fades from their memory. It’s public, but it’s not a privacy violation.

Someone walks by my house, takes a photo of my crappy lawn and noisy dogs, and publishes it on the Internet. Suddenly my house is frozen in time. It’s visible and permanent and accessible to anyone, not just my neighbors. It’s searchable. Combined with other forms of public information it can be used to determine all kinds of things about me – like my socio economic status, my interests (note the bikes and kayaks in the driveway), possibly even my political or religious affiliations if I’ve got a lawn sign or a Star of  David on the door. 

It doesn’t fade from memory. Nobody asked me if it was OK to photograph all this stuff. And now I feel violated. Yes, I can jump through Google’s hoops and opt out of Street View (and then opt out again when the vans revisit my hood). But why should I have to do that?

The big problem here isn’t Google or how the FCC bent over for them. The big problem is the fact that US law is wholly inadequate to deal with these kinds of issues. We need a law that says my data belongs to me – not Google, not Facebook, not Uncle Sam and not the creepy guy down the street – and that I get to decide what happens to it. And I want it now, while I still have some minimal privacy left to protect.

Got a question about social media? TY4NS blogger Dan Tynan may have the answer (and if not, he’ll make something up). Visit his snarky, occasionally NSFW blog eSarcasm or follow him on Twitter: @tynan_on_tech. For the latest IT news, analysis and how-to’s, follow ITworld on Twitter and Facebook.

Now read this:

Facebook's 'man in the middle' attack on our data

Making Facebook private won't protect you

Google’s personalized search results are way too personal

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon