Google’s wide net of data-fishing could land it whopping fines

Google may be facing its toughest fight yet, as a series of court cases involving the company’s casual wiretapping of the world’s e-mails and Wi-Fi networks could result in astronomical fines, and drastically reshape the notion of online privacy.

The collected accusations resulted into two major legal attacks
on the company — one involving its groundbreaking Street View
mapping service, the other its Gmail service.

Although Google protested the allegations and asked for them to
be withdrawn, two federal judges, in July and in September, gave
the go-ahead for both cases, to prosecute the company over how
its Gmail and Street View technologies gathered private data on
users, simply because no mechanism was in place to prevent them
doing so.

The Street View case involved the company’s use of unencrypted,
open Wi-Fi networks. Google Maps’ cars would whizz by any
connected building and use the networks and their locations to
assist and enforce its GPS mapping technology, and in so doing,
(unwittingly or otherwise) picked up whole swaths of private user
data it did not need — including web surfing preferences and
communications.

The practice was going on in about 30 countries over a period of
three years, until 2010, when one country — Germany — began
questioning why Google needed all that information. The problem
was that Street View’s activities did not come with any privacy
policies or prior information for the families whose households
were included. They simply collected any data that was not
encrypted. Germany’s enquiry led Google to apologize and claim
that the information was collected inadvertently. Over 600GB of
data from unprotected Wi-Fi networks was collected.

Fast-forward to 2013 and back at home, Google went to an appeals
court to dissuade it from pressing wiretapping charges for the
Street View technology.

The company argued that any openly accessible radio signals the
cars picked up exempted them from the Wiretap Act. Otherwise,
Google believes, intercepting a television broadcast may also be
considered wiretapping.

Mountain View, California (AFP Photo / Justin Sullivan)

Google wrote to the court that the “error is exceptionally
important. It promises to have a substantial, long-lasting effect
on the application of the Wiretap Act in an environment of rapid
technological change. If allowed to stand, the panel’s ruling
will create confusion about the Wiretap Act’s prohibitions,
threaten the development of new radio-based technologies, and
raise questions about whether activities that Congress intended
to protect may now be deemed unlawful.”

On September 10, however, the Ninth US Circuit Court of Appeals
refused to exempt Google from liability under the federal Wiretap
Act saying that “members of the general public do not
typically mistakenly intercept, store, and decode data
transmitted by other devices on the network.”

Google was “disappointed” with the ruling. Alan Butler, a
lawyer at the Electronic Privacy Information Center, outlined the
seriousness of the allegations to New York Times: “What’s at
stake is a core digital privacy issue for consumers right now,
which is the extent to which their digital communications are
protected from use by third parties,”
he said in a piece
published on Tuesday.

Interestingly, only last year Google was cleared of similar
charges involving secret eavesdropping on millions of Americans
via open Wi-Fi routers. The Federal Communications Commission, as
cited by Wired Magazine, said that between 2008 and 2010,
“Google’s Street View cars collected names, addresses,
telephone numbers, URL’s, passwords, e-mail, text messages,
medical records, video and audio files, and other information
from internet users in the United States.”

But the commission let Google off with a $25,000 fine for trying
to slow down the investigation.

However, considering the second case, the situation appears
markedly different, because the broad implications from a class
action lawsuit with half a billion of users worldwide behind it
could mean court fines that will defy imagination.

The Gmail case involves a whole gamut of users — both Google and
outsiders. The company stands accused of scanning incoming and
outgoing mail for words and clues to build a personalized user
profile, one that would allow the company to target the user with
specific advertisements and services.

The matter reached Lucy H. Koh, a respected judge with a
reputation for fearlessly handling Silicon Valley cases, who made
headlines for asking an Apple lawyer if he was “smoking crack”
during a major patent battle against Samsung recently.

On September 26, Koh decided to grant Google’s request to dismiss
the state’s claims regarding the allegedly unlawful wiretapping,
but allowed the plaintiffs to refile their cases. More
importantly, however, the federal claims remained. Koh rejected
Google’s explanation that by becoming subscribers its users had
somehow agreed to being spied on in such fashion.

“The court finds that it cannot conclude that any party —
Gmail users or non-Gmail users — has consented to Google’s
reading of e-mail for the purposes of creating user profiles or
providing targeted advertising,”
the Judge said in the
ruling, as cited by Bloomberg.

Koh attacked almost every argument Google has made in the case:
“Accepting Google’s theory of implied consent – that by merely
sending e-mails to or receiving e-mails from a Gmail user, a
non-Gmail user has consented to Google’s interception of such
e-mails for any purposes – would eviscerate the rule against
interception.”

Reuters / Mark Blinch

The Judge explained that sending and receiving e-mails and
creating targeted advertising profiles in the process have
nothing to do with each other.

In the case involving alleged Gmail wiretapping, Google tried to
push through a motion to dismiss in June. But the lawyers for the
plaintiffs mounted a counter-argument. They accused Google of
using Gmail as “its own secret data-mining machine, which
intercepts, warehouses, and uses, without consent, the private
thoughts and ideas of millions of unsuspecting Americans who
transmit e-mail messages through Gmail.”

Google, for its part, said in July that their activities were
being criminalized, adding that its data-gathering was automated
and not overseen by a human being, much as anti-virus software
catches viruses. They added that even non-Gmail users had no
grounds on which to complain, as any correspondence received by
the company’s servers from outside is managed according to the
natural order of things.

The giant’s lawyers are disappointed with both court rulings, but
offered no comment apart from a statement about considering a
further course of action.

Copyright: RT