Do you think it’s legal to collect data transmitted over unencrypted WiFi networks? Google does. That’s why it has petitioned the highest court in the land to rule on one of the most hotly debated legal issues of our time.
This month, Google asked the U.S. Supreme Court to review an earlier federal appeals court decision that could make it liable for hijacking data from unencrypted WiFi networks in neighborhoods that were part of its Street View program.
Between 2008 and 2010, Google’s photo-snapping Street View cars didn’t only capture street images. They sniffed private information exchanged through unsecured wireless networks, collected payload data, and sometimes even captured passwords, emails, and documents. When the sniffing became public, Google claimed it was a mistake, apologized, and said it never used any of the data it had collected.
The Department of Justice, the FCC, and the FTC declined to take any enforcement action against Google. But that wasn’t the end of it. Irate WiFi users sued the company. In a dozen merged class action lawsuits, Google defended the legality of WiFi sniffing. It argued that unencrypted WiFi data should be legally classified as a type of radio communication – information that’s readily accessible to the general public – similar to listening in on police calls with a radio scanner. But the appeals court didn’t agree with Google’s argument. It found that capturing unencrypted WiFi data was “an intrusive and unwarranted invasion of privacy” that may have violated the Wiretap Act.
Now Google wants the Supreme Court to overturn that decision and put an end to the lawsuits. The company claims it isn’t illegal to intercept data from WiFi signals that aren’t password protected. According to Google, that not only means data transmitted over unencrypted home and business WiFi networks, it’s also means data sent over public WiFi hotspots or any other network.
In a novel argument to the Supreme Court, Google went even further. It made the case that an adverse ruling could be bad for computer security. Why you might ask? Because security professionals use the same kind of technology employed by Google’s Street View cars to collect and analyze packet data in order to identify vulnerabilities and secure company networks. Google claims IT professionals could be prohibited from doing that if sniffing unencrypted WiFi traffic were found to be illegal.
Given how many technologies use radio signals, the Supreme Court may decide to hear Google’s case in order shed light on exactly what the term “radio communications” means under the Wiretap Act. If the Court decides not to hear the case, it would be up the appeals court to settle or try the case.
In the meantime, the extent to which we can rely on the law to protect our unencrypted WiFi communications is – like WiFi itself – up in the air.
That’s why we need to know how to be invisible every time we connect.
The FBI and the FTC recommend changing the default identification and the administrative password on your home WiFi router. Creating a long strong password of letters, numbers and symbols and using WPA or WPA2 encryption are also important for your wireless security. And using a VPN like PRIVATE WiFi will protect you from wireless intruders whether you’re at home or at a hotspot.
A VPN encrypts the information traveling to and from your computer and your mobile devices. That makes it hidden from intruders every time you connect.
(wifi security / shutterstock)