In May of this year Google announced that their Street View cars, who also collected WiFi data to assist in positioning your smart phone etc., had captured some of the unencrypted data that was received. In that announcement they stated that they only received fragments of data. Last week, they announced that in some cases whole emails were captured.
Of course, their official reaction has to be “we’re very sorry, we shouldn’t have done this, and we’ll get rid of it immediately.” But remember what they captured - unencrypted data, being broadcast by people who probably didn’t even know they did it. In fact, I think Google did them a service, by pointing out that their “private” data was being broadcast in the clear in a radius of about a city block. And apart from that, think of the data that an ISP sees and can capture (or allow to be captured), even if you use encrypted WiFi: all the data that Google has captured, emails, URLS, etc. and then some.
It seems to me the same knee-jerk reaction that happens with Street View pictures, especially in Germany. Although all the information Google collects with Street View is publicly available for anyone at the same position, it suddenly becomes a major issue when Google collects it. Oh, and the “opt out” where Germans can tell Google not to show their house in detail on Street View - another knee-jerk. Have all these people removed their address from the phone book, so they can’t be identified in that way? Did they smudge their license plates, so no one can trace them that way?
So, how can you prevent Google Street View from capturing your data? Two ways:
- Enable encryption on your WiFi network
- Use a secure web protocol to communicate with the network
Enabling encryption on your WiFi network has to be done on all devices. Your router determines the level of encryption, and all devices connecting through WiFi have to support that encryption level. Don’t use WEP, but opt for WPA2 without TKIP (AES only).
Using a secure web protocol is simply using https where possible. Sites like Google Mail support this, and even Google Search can be run over https.
I’m not a Google Fanboy, although I use several Google products daily. But this seems like singling out Google for things that are common occurrences, or for things that can be easily prevented.