Why Google’s Wi-Spy Argument Is Stronger Than It First Appears

Google Street View Car(This is Part 2 of 4 posts on the issue of whether the Wiretap Act bars interception of unencrypted wi-fi signals. See Part I.)

When we last tuned in I was explaining the arguments in the Google “Wi-Spy” case, involving Google’s Street View vehicles’ interception of home wireless network transmissions. Google argues that unencrypted wireless network transmissions are not protected by the Wiretap Act. Forget to set your wi-fi password? Then all of your network communications are free for the taking by your neighbor, local hacker, or multi-national conglomerate driving down the street. Sure, that sounds counter-intuitive, Google might admit, but the Wiretap Act is a counter-intuitive statute (they’ve got that part right, at least).

The plaintiffs argue that Google is simply engaged in lawyer games, willfully contorting the statute in order to save its bacon. There’s a provision in the Wiretap Act that (roughly speaking) defines unencrypted communications to be publicly accessible, but it only applies to radio communications. And, the plaintiffs argue, “radio communications . . . readily accessible to the general public” is only used in one place in the statute, a provision that talks only about “governmental, law enforcement, civil defense, private land mobile, or public safety communications system[s].” Home wireless routers clearly aren’t any of those. The exception that Google needs refers to “electronic communication[s] . . . readily accessible to the general public.” There’s no definition for that use of “readily accessible,” however, so the ordinary English reading will have to suffice.

The district court didn’t take quite the same tack as the plaintiffs.

Continue ReadingWhy Google’s Wi-Spy Argument Is Stronger Than It First Appears

Six Words in August

Google Street View CarGoogle’s been catching a lot of privacy flak recently. Just this week, various news organizations picked up the story that Google had filed a brief back in June arguing that sending emails to someone else waives any reasonable expectation of privacy as to the content of those emails. I think the furor that has erupted is somewhat overblown, but that’s not what I want to focus on right now.

Rather, I want to focus on a different Google privacy argument from June. My post last week mentioned Google’s argument to the Ninth Circuit that the Wiretap Act does not protect unencrypted wi-fi signals. This argument has a lot of practical significance. Although the number is dwindling, many people still have unencrypted home wireless networks. Wi-fi hotspots, such as those found in coffee shops and airports, are often unencrypted. And many devices emit all sorts of unencrypted information on a regular basis, which an unscrupulous individual or company could use to track people. If Google is correct, all of that tracking and snooping would be be legally in the clear, at least as far as the Wiretap Act is concerned. The oral argument was two months ago, so a decision could come down at any time.

I began this post as a quick explanation of why I think Google’s argument is mistaken. I’d read the relevant statutory language probably a dozen times or more, and I thought Google’s interpretation was simply wrong. But the Wiretap Act is so convoluted that it is dangerous to draw conclusions without thoroughly mapping out a path through all the definitions and exceptions and exceptions to definitions. After having done that for this post, I don’t think Google’s argument is quite so wrong-headed anymore. But (insert dramatic twist musical cue here) I now believe it should ultimately fail anyway, for a reason I haven’t seen anyone mention–either because it’s eluded everyone else, or because it is so obviously wrong no one has bothered. Caveat emptor.

Much like the Wiretap Act itself, this post is going to be long and detailed, so I’ve broken it up into four (!) parts. In this part, I’ll explain the Ninth Circuit litigation and the basic arguments of the parties. In Part II, I’ll explain why I think Google’s arguments are stronger than an initial read might suggest. In Part III, I’ll make a foray into the legislative history to try to figure out how the Wiretap Act got the way it is. Finally in Part IV, I’ll explore whether Google should still lose based on a close look at how wi-fi actually works.

Continue ReadingSix Words in August

Is Electronic Snooping OK If You Have Good Intentions?

the conversationShould journalists or security researchers be able to access your home network and change settings without your permission, or snoop on your email and web browsing traffic, in order to further their research? I would think the answer is obviously no, even if the research is legitimate. But two stories that ran last week seem to be expressing dismay at restrictions placed on journalists or security researchers by the Computer Fraud and Abuse Act that allegedly prohibit them from doing exactly that. The issue is significant because, in the wake of several controversial prosecutions (Lori Drew, Aaron Swartz, Andrew Auernheimer (a/k/a “weev”)), there is considerable pressure building to amend the CFAA. I think it would be a serious mistake to amend the CFAA, or any other electronic intrusion statute, to permit journalists or security researchers — or possibly anyone describing themselves as such, such as bloggers or hobbyists — from accessing poorly secured home networks or private communications just out of curiosity.

Here’s Forbes privacy blogger Kashmir Hill on a security flaw in a home automation system:

Continue ReadingIs Electronic Snooping OK If You Have Good Intentions?
Newer Posts
Older Posts