Friday, June 18, 2010

My take on Google's wireless capture oops...

Regarding Google's wireless capture oops - in a nutshell, Google admitted while gathering information about geolocations of WiFi access points (to allow for location detection by non-GPS devices),  they accidentally captured small amounts of packet data from unencrypted wireless networks. Google's story is that it was an unintentional configuration of third party software they were using that caused it to capture more than they needed.

I believe Google that the over-collection was unintentional. I doubt anything interesting was even captured given the nature of the captured data and I can't imagine any reasonable motivation.

Unless someone can prove actual damages, which I highly doubt, I think this is being blown way out of proportion and I hope any lawsuit is thrown out.

So what should be taken away from this?

A couple weeks ago I was talking to someone from one of the big accounting firms whose job it is to audit online advertising (among other things). What that means is that they auditing companies who sell online advertisements to accredit that when someone buys an ad with certain parameters, they get what they pay for.

It seems reasonable that collection of public data should have the same scrutiny. When a company collects data about the public, they should have a policy about what they collect, what they do with it, who gets access and how long they store it - and they should have audits throughout the process to make sure they are actually doing what their policy says. If Google had does this, defining what data they were collecting and having an audit early in the process of the collected data, that should have caught the fact they were over-collecting and this would never have happened.

Next time it might be data that actually matters.

Edited to add: Interesting post by Lauren Weinstein on the matter.