Lately I've gotten a sense that lots of Internet users are suffering from "privacy panic," not unlike the "predator panic" that plagued the Internet a few years ago when lots of people falsely believed that children faced a grave risk of being sexually abused by Internet predators.
The problem with these panics is they tend to be based on extreme and often rare cases, or just plain myths. And they tend to focus attention on the wrong issues. A few years ago, obsession by the media and certain politicians with rare cases of predation distracted attention from much more likely risks, such as cyberbullying. Lately, fears of a loss of privacy at the hands of big Internet companies such as Google and Facebook have been obscuring more serious privacy issues that get less attention.
Google Street View WiFi "Scandal"
For example, a few months ago it was revealed that the cars that drive around taking pictures of buildings for Google Street View were also collecting data from unsecured Wi-Fi networks. Google said the data collection was unintentional and that it never used that data. Critics accused Google of deliberately spying on people's Wi-Fi networks, leading to official government investigations on both sides of the Atlantic and the Pacific.
The furor over this alleged attack on privacy was silly. To begin with, data was collected only from unsecured networks. Most people now know to put some type of encryption on their Wi-Fi networks, and those who don't face risks a lot more serious than a Google car driving by accidentally collecting snippets as it passes the house. It's no surprise to me that the United Kingdom's Information Commissioner's Office found it "unlikely that Google will have captured significant amounts of personal data," and further found "no evidence -- as yet -- that the data captured by Google has caused or could cause any individual detriment."
If you want to be paranoid, why worry about tiny amounts of unencrypted data picked up by passing vehicles? You'd be better off worrying about the data Google really does have access to. That includes not only what people search for but also the incoming and outgoing e-mail messages from millions of Gmail users and literally everything people do with Android phones -- e-mail, text messages, Web surfing and even phone calls.
If Google wanted to get evil about user privacy, it could do a great deal of damage. What I worry about is not so much what Google is now doing with this data but what could happen if some future U.S. government or law enforcement officials conjured up ways to access Google servers.
There has also been paranoia about Facebook privacy policies. It's true that Facebook has raised suspicions on more than one occasion by abruptly changing its privacy policies, making them too complicated and at times reaching too far. That's why the company in May acknowledged its mistakes, backed away from some of its policies and streamlined its privacy settings. But at least Facebook has been transparent about the information it shares, and gives users control over most of the information they share with friends or the public.
Does Facebook Sell Your Info to Advertisers?
Facebook is often accused of harvesting reams of data about users that it shares with advertisers. I suppose it could do that, but it doesn't, not only because it would violate the company's privacy policy but because it would be a bad business decision. Why turn over member information to advertisers when you can make more money by displaying their ads? Once the advertiser had that information, it would no longer need to advertise on Facebook. It makes business sense for Facebook to keep it confidential.
Facebook readily admits that it targets ads to members based on demographic information, just as Google admits that it targets ads based on people's search queries or the content of their Gmail. That's how these companies are able to offer free services -- by making lots of money with highly targeted advertising.
I'm not suggesting that people shouldn't be vigilant about Google and Facebook's privacy policies. It's important not only to be aware of their current policies but to keep abreast of any changes they might make in the future. The same goes for other companies you do business with, especially your bank, credit card companies, health insurance company, phone companies and even the grocery stores where you use loyalty cards.
It's also important to be aware of cookies that can track your whereabouts on the Web. And, most of all, it's important to be cautious of what you say online, especially in public forums.
There is a role for regulators, politicians and the media to keep companies accountable for protecting privacy, but what these parties do about privacy should be based on reasonable concerns, not paranoid fantasies and urban legends.
Disclosure: Google and Facebook are supporters of ConnectSafely.org, a nonprofit Internet safety organization where I serve as co-director.
Follow Larry Magid on Twitter: www.twitter.com/larrymagid
Arianna Huffington: What a Difference a Week Makes: Google Buzz Arrives With a Bang
Randy Susan Meyers: Pushed Out of the Age Closet
In this article you will find outlines of available finance careers, including potential paths for advancement, general salary information and educational requirements. If you do not have a 4-year degree under your belt just yet, there is a section towards the end, which covers finance careers with flexible educational requirements.
Finance Jobs
I use a linux laptop for a lot of my putting around and I am shown hidden networks. I do not have their SSIDs displayed - what I have is their MAC addresses, in fact.
Unfortunately, my old wifi router is somewhere out on loan right now,. That router suppressed SSID broadcast and used MAC filtering to prevent connections from unknown devices. I would not expect either of those to keep it out of Google's database, but until I find it and pull the MAC I won't know for sure.
(Seriously, how hard is it to provide a floodstream of bogus info if you're really worried? Data gathering has been going on for a long, long time and whole lot of it is voluntary. Marketers don't want to send you things you aren't interested in. If your hobby is collecting metric Crescent wrenches, though, you might be very happy to get mail, e-mail, etc. about that rare tool species, no?)
And anyone with Netstumbler or Vistumbler can find out just as much about your Wifi as Google. If you're really worried, there's ways to defeat wardrivers, or even Google.
That's an intrusion on a scale far beyond the reach of anyone running a wardriving routine.
If your router is one of many (on the order of tens or hundreds of thousands, minimum) vulnerable to Samy's hack, anyone anywhere can locate your physical address without driving to your neighborhood.
The data are collected and presented from both secured and unsecured networks - Google is flat lying when they say the did not collect data from secured networks, and the author of this piece either does not understand that or does not care.
Once network owners demonstrate they are trying to restrict access, posting their data is unethical and probably illegal. A router with the telnet port open but a banner presented before login saying "private property, keep out" is illegal to enter. People have been prosecuted for popping WEP on the same principle: the owners had demonstrated their intention to secure their network.
It is ludicrous to expect consumers to sufficiently harden their routers to prevent MAC addresses from leaking, or to fault them for complaining because Google's found a way to make money from them by collecting the data, claiming it was an accident, then turning around and making it available to world+dog.
Wardrivers could get the info, but when the scale is increased it's a bad thing? Is it Google being the one doing it that's the bad thing? Is Google making money a bad thing?
How is Samy's so qualitatively different than just calling directory assistance? Or just running the "six degrees of separation" exercise?
At root, people using Wifi are using a radio transmitter. I totally agree with you that the use of WEP or similar demonstrates intent to keep the information on that network private.
I have to question an expectation of privacy that seems tantamount to posting a "No Trespassing" sign and then insisting that privacy rights mean nobody should even read the sign.
If the network is literally "broadcast" I don't think it's possible for it's existence -- including it's physical location -- to be private.
Trying to get onto that network, however, is a whole other kettle of fish.
The original collection might have been accidental; the database and world-accessible search interface to it is not accidental or unintentional.
One "snippet" of information is a unique hardware ID tied to an individual wireless access point. Another is the location of the vehicle when signal from that ID was strongest. Those two pieces of data together allow a fairly accurate (in a dense neighborhood) or extremely accurate (in an area with single family houses) mapping of street address to access point.
That map of internet users' physical locations is, in turn, world-searchable. A recent security presentation highlighted the existence of this database, which should be purged.
After reading about that talk, I looked around my neighborhood to see what networks are here. I found 17, all of them with WEP or WPA enabled. Yes, WEP is weak, but it shows that the property owner INTENDS data to be private. That is legally and ethically sufficient to say "do not collect."
All those addresses were in google's database, and all have had encryption on since before Street View drove through. Google violated owners' demonstrated INTENT to maintain privacy.
http://samy.pl/mapxss/ includes a button for inputting hardware addresses and retrieving street addresses.
google's ceo has said "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place." this from a guy who blacklisted cnet for publishing private info it got about him from google itself. his "only the guilty have something to hide" logic is typical of people who dislike the privacy of others, while his blacklisting of cnet demonstrates the value he places on his own. this is textbook hypocrisy. larry, you write for cnet, you know about this, why not point out that schmidt's hypocritical attitudes on privacy should concern people more? and why not encourage google to publicize what they collect and what they do with it? i mean if they arent doing anything wrong they shouldnt have anything to hide lol.
yes, people should be more aware of how to secure their own privacy, but i'd rather you didnt whitewash the fact that google's attitude toward privacy is irresponsible by writing that the government is the one we should really be worrying about. we should worry about both. neither google nor a government that hasnt repealed the patriot act cares about privacy. it's not in either of their interests. just as it's in your company's interest for you to criticize google.
Like other gigantisaurus corporations, Google knows that if you please the government, the day will come when the government pleases you. So it has been, so it is, so it will be.
I fully agree with you.Google might target you for advertisements, with this information Washington can target you for the next Spanish Inquisition. You never know when to expect the next Spanish Inquisition.
My mind would be resting easier had the Obama administration demanded the repeal of the Patriot act. This unconstitutional law turns Goodle's motto "Do no Evil" into "Do all Evil.: