Don't Blame Google For Grabbing Your Data

Why people should secure their own Wi-Fi networks, and what the IT industry can do to help.

Google was taken to task recently when it was discovered that it had captured private payload data from unsecured Wi-Fi networks while its Street View cars traveling to collect data for Google's location-based products.

On the official Google blog, Google owned up to collecting this data mistakenly "even though we never used that data in any Google products." Google added that it collected only fragments of payload data. Despite this, a number of European governments and at least one U.S. state attorney general are launching investigations into Google's alleged invasion of privacy.

While I certainly cannot condone Google's actions, I am a little puzzled by the reaction. Where is the call for personal responsibility? People should be safeguarding their own data.

After all, this data was being publicly broadcast to anyone (and not just Google) who would care to see it. They didn't have to break into your house or network to get it. If I posted private data on a sign outside my house and the Street View cameras captured that in a photo, would Google then be invading my privacy?

No one is accusing Google of doing anything improper with the data. Rather Google is being accused of keeping data that people broadcast (perhaps published or delivered may be a more apt description) to them.

Banks have long held the concept of shared responsibility between the bank and the customer for preventing check fraud. If I leave a number of signed but otherwise blank checks lying around in public and don't bother to reconcile my account statements, it's unlikely that the bank would be expected to make good on my losses.

I have a responsibility to take reasonable precautions to secure my checking account. The same should hold true for my wireless networks. As such, the focus of the government inquiries is missing a key component.

There is one mitigating circumstance. The IT industry has not done a good job of making it easy for people to secure their own networks.

I'm not a network engineer, but I'm probably more knowledgeable (at least I hope so) about wireless networks than the average user. Nevertheless, setting up a secured wireless network accessed by more than one computer hasn't always been that easy.

The setup screens are festooned with acronyms and technical terms and lots of choices, often with no explanation of what the terms mean or the significance of one choice versus another.

The network engineers have designed the setup process for the technically sophisticated user (themselves), not the typical user. In addition, the default setting is often the unsecured option, which is where the typical confused, uneducated user ends up. It's disingenuous for the IT community to rail at users for not securing their networks when we've set them up to fail!

Fortunately, things are getting better. With the more recent versions of PC operating systems (both Windows and Mac) setting up a network has gotten easier. Recent TV commercials for Cisco's Valet networking appear to make it simple to set up a secure wireless network. The commercials tout the ease of setup but only hint that the network is secured (which it is).

This concept is great, and I'm sure we'll see similar offerings from others. Although I'm tempted to scream, "What took you so long?"--I'm glad it's now available.

We still have to large tasks ahead of us. The first is to continually educate people about the need to secure their networks. Second is to figure out a way to handle all of those existing unsecured networks out there.

"Google's Street View car" photo by croila

This article is also posted on Forbes.com.  Feel free to join in the discussion either on this site or at Forbes.com

If this topic was of interest, you might also like these:

• The IT Security Balancing Act
• Identity Protection Goes Beyond Technology
• Security In The Cloud
• Or the posts in the Security category