The class-action suit by two Northwest US residents relies on assertion of privacy of publicly broadcast information: This isn’t going to fly. The suit states, “As data streams flow across the wireless network, the sniffer secretly captures each packet (or discreet package) of information, then decrypts / decodes and analyzes its content according to the appropriate specifications.”
First, it’s not secret. You’re broadcasting data in an unlicensed band. You have no reasonable expectation of privacy over openly broadcast data. Perhaps secret means unknown to the transmitter; in which case, the transmitter shouldn’t be using an unencrypted broadcast network standards.
Second, and related to the first, Google says (and governments will now confirm) that it was sniffing only open networks, which means it only received data that wasn’t locked behind a form of Wi-Fi encryption.
I suspect the attorneys are using this language to make it sounds as though normal decoding of data from an open network is breaking the packets, when, in fact, simple operation of a Wi-Fi adapter allows this data to be received.
The suit also states, “To view data secretly captured by a wireless sniffer in readable or viewable form, after being captured and stored on digital media, it must then be decoded using crypto-analysis or similar programming or technology. Because the data “as captured” by the wireless sniffer is typically not readable by the public absent sophisticated decoding or processing, it is reasonably considered and understood to be private, protected information by users and operators of home- based WiFi systems.”
This is patently inaccurate.
Then we come to this. One of the plaintiffs apparently is engaged in risky data behavior:
“In connection with her work and home life, [Vicki] Van Valin transmits and receives a substantial amount of data from and to her computer over her wireless internet connection (“wireless data”). A significant amount of the wireless data is also subject to her employer’s non-disclosure and security regulations.”
In which case, Van Valin was probably in violation of the terms of her employment and data handling if she had an unsecured, “open” Wi-Fi network. It is more likely, and would be found in discovery if the case goes to court, that Van Valin was either engaged in activity unlikely to be protected by an expectation of privacy, or, in fact, was using a VPN or other methods of encryption required by her employer, thus rendering the captured “open” packets unreadable by Google.
I’m sure there are 1,000 Wi-Fi experts that Google could call upon for this case for testimony to explain the clear difference.
Since 2006, most routers have included software that explains the risks of unsecured networks and makes it easy to secure networks. Further, the FCC’s Part 15 rules don’t impose any expectations of privacy, and various state laws about network sniffing typically require some effort being made to break into a network in order to claim a violation.
This is an opportunistic lawsuit that I suspect will not reach class-action status, nor will Google settle to dispose of.
Copyright ©2010 Glenn Fleishman. All rights reserved. Please notify us if you find this content anywhere but at wifinetnews.com or wimaxnetnews.com. Reproduction of full articles from RSS feeds is prohibited without permission.
May 26, 2010 10:28 pm | 
Subscribe