1. Cite another example of information technology companies pushing the boundaries of privacy issues; apologizing, and then pushing again once the scandal dies down. As long as the controversy fades, is there anything unethical about such a strategy?
2. Google states that its intention in gathering unprotected wireless network information was simply to be able to provide more accurate location data for its Street View service. Can you think of any reason for Google to have gathered this data? Is there any potential service Google could consider offering with this additional data?
3. Enter the street address of your home or place of work to find what photos are available in Street View. Comment on the accuracy of Street View and the content of the photos you find. Does this sort of capability delight you or concern you? Why?
Googleâ€™s Street View maps allow users to zoom into a location on a map and view actual images of houses, shops, buildings, sidewalks, fields, parked cars, and anything else that can be photographed from the vantage point of a slow-moving vehicle. Itâ€™s a remarkable tool for those trying to find an auto repair shop, a post office, or a friendâ€™s house for the first time. Google launched Street View in a few cities in the United States in May 2007. It gradually expanded to additional U.S. cities and then to other cities around the world. In August 2009,Google began collecting data for Street View in several German cities. Germany, however, has stricter privacy laws than other countries, and prohibits the photographing of private property and people unless they are engaged in a public event, such as a sports match. As a result, Google had to work closely with the countryâ€™s Data Protection Agency in order to comply with German laws in the hopes of getting its Street View service for Germany online by the end of 2010.In April 2010, a startling admission by Google provoked public outrage in Germany and around the world. It resulted in government probes in numerous countries, as well as several class action lawsuits in the United States. In response to queries by Germanyâ€™s Data Protection Agency, Google acknowledged that, in addition to taking snapshots, its cars were also sniffing out unprotected wireless network information. Google reported that it was only collecting service set identifier (SSID) dataâ€”such as the network nameâ€”and the media access control (MAC)addressâ€”the unique number given to wireless network devices. Googleâ€™s geo-location services could use this data to more accurately pinpoint the location of a person utilizing a mobile device, such as a smartphone. The company insisted that it was not collecting or storing payload data(the actual data sent over the network).The German Federal Commissioner for the Data Protection Agency was horrified and requested that Google stop collecting data immediately. Additionally, the German authorities asked to audit the data Google had collected. Google agreed to hand over its code to a third party, the security consulting firm Stroz Friedberg. Nine days later there came another admission: Google had in fact been collecting and storing payload data. But Google insisted that it had only collected fragmented data and made no use of this data. A few days later, Germany announced that it was launching a criminal investigation. Other European nations quickly opened investigations of their own. By early June, six class action lawsuits claiming that Google had violated federal wiretap-ping laws had been filed in the United States. In its defense, Google argued that collecting un-encrypted payload data is not a violation of federal laws. Google explained that in order to locate wireless hotspots, it used a passive scanning technique, which had picked up pay load data by mistake. The company used open source Kismet wireless scanning software that was customized by a Google engineer in 2006.Google insisted that the projectâ€™s managers were unaware that the software had been programmed to collect payload data when they launched the project. Finally, Google argued that the data it collected was fragmentedâ€”not only was the car moving, but it was changing channels five times per second. However, a civil lawsuit claimed that Google filed a patent for its wireless network scanning system in November 2008 that revealed that Googleâ€™s system could more accurately locate a routerâ€™s locationâ€”giving Google the ability to identify the street address of the router. The more data collected by the scanning system, the lawsuit contended, the higher the confidence level Google would have in its calculated location of the wireless hotspot. In the fall of 2010, the U.S. Federal Trade Commission (FTC) ended its investigation, deciding not to take action or impose fines. The FTC recognized that Google had taken steps to amend the situation by ceasing to collect the payload data and by hiring a new director of privacy. But by that time, 30 states had opened investigations into the matter. During the course of these and other investigations, Google turned over the data it had collected to external regulators. On October 22, the company announced that not all of the payload data it had collected was fragmentary. It had in fact collected entire email messages, URLs, and pass-words. In November, the U.S. Federal Communications Commission announced that it was looking into whether Google had violated the federal Communications Act. Some analysts believe that Googleâ€™s behavior follows a trend in the Internet industry: Push the boundaries of privacy issues; apologize, and then push again once the scandal dies down. If this is the case, Google will have to decide, as the possible fines and other penalties accrue, whether this strategy pays off.