Search giant Google has asked the U.S. Supreme Court to review a decision by an appeals court that its collection of data from unencrypted Wi-Fi traffic in neighbourhoods around the country as part of its Street View program networks is not exempt under federal wiretap laws.
The Justice Department and the FCC have cleared Google of direct wrong doing. But last September an appeals court found that the sniffing may have infringed the Wiretap Act. The company argues that its gathering of data does not violate the Wiretap Act as it comes under an exemption that makes it legal to trap electronic communications that are easily accessible to the general public.
Anybody who uses open Wi-Fi connections in public places like coffee houses and restaurants should be concerned by the legal flap. That’s because Google claims it is legal to intercept data from Wi-Fi signals that are not protected by passwords.
The company’s Street View cars are equipped with Wi-Fi antennas and hardware to gather the names and MAC addresses of nearby routers to improve Google’s location services. From 2008-2010, those vehicles were also capturing data transmitted by Wi-Fi networks in nearby homes and businesses, which included network identifying information and also payload data transmitted over unencrypted Wi-Fi networks, turning every Street View vehicle into a spying machine. In 2010 the company acknowledged that it had inconsideratly gathered some personal data from unencrypted networks and apologized for the same. Google has hence discontinued the practice of payload sniffing. In 2012, the Federal Communications Commission fined Google $25,000 for stonewalling its investigation into the packet-sniffing debacle.
That prompted a US Federal Appeals Court, hearing a dozen combined lawsuits, to conclude that "Congress did not intend to condone such an intrusive and unwarranted invasion of privacy when it enacted the Wiretap Act to protect against the unauthorized interception of electronic communications."
It is still unclear whether the court would review the case. Even if the Supreme Court hears the case and eventually rules that unencrypted Wi-Fi sniffing is lawful, it might just give a chance to criminals who eavesdrop on public access points to sniff out passwords or credit card numbers. But Google sagaciously argues that the 9th Circuit’s ruling is actually not good for computer security, because it could prohibit legitimate security scanning. A brief response by the prosecutor in the case is due by April 30.