[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] The Wi-Fi database that shamed Google

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] The Wi-Fi database that shamed Google
From: Roland Tarver <roland.tarver@xxxxxxxxxxxxxx>
Date: Sat, 1 May 2010 08:14:04 +0100
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=YX30Xr868rSleKNAjVQYkKewpqZpDkGsLhzMKUCiINc=; b=PXYyy5KmnExD26K9mz/ZJ7SBw/eiGIowQLvBFZjVW1yWQBzbSxYUdTr3UfSv3vt1hc 9xv8JW+Rp93mvm06VzxvYxHsdxJkJ02TXC7Lwy47eim0QR1o2mmZqnjOEmMgG5WocTZx hmA7vg03g986KtTmPqY4JlloSIkam19q37jyE=

On Sat, May 1, 2010 at 1:53 AM, Julian Hall <linux@xxxxxxxxxxxx> wrote:
> On 01/05/2010 00:00, Roland Tarver wrote:
>>
>> On Fri, Apr 30, 2010 at 11:40 PM, Michael Mortimore
>> <nospamformike@xxxxxxxxxxxxxx>  wrote:
>>
>>>
>>> On Fri, 30 Apr 2010 22:42:03 +0100, Roland Tarver
>>> <roland.tarver@xxxxxxxxxxxxxx>  wrote:
>>>
>>>
>>>>
>>>>
>>>> http://www.newscientist.com/article/dn18844-innovation-the-wifi-database-that-shamed-google.html
>>>>
>>>> Sneaky!
>>>>
>>>> best wishes
>>>> roly :-)
>>>>
>>>>
>>>
>>> I don't see what the problem is.
>>>
>>> --
>>> The Mailing List for the Devon&  Cornwall LUG
>>> http://mailman.dclug.org.uk/listinfo/list
>>> FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html
>>>
>>>
>>
>> I just thought it was a bit crafty - especially since they did not
>> tell the people who gave them permission. OK, the story says they did
>> not break any laws; but, like I said - still a bit sneaky???
>>
>> Best wishes
>> Roly :-)
>>
>>
>
> If they didn't break any laws I'm the Pope!  I'm pretty sure the DPA
> Principles conflict with that to a very large degree.
>
> I believe the combination of my router's MAC address, network name and
> location is identifiable as belonging to me and therefore personal data.
>  Since so many manufacturers have the default ESSID as the router make/model
> and there are numerous websites listing default usernames and passwords the
> WiFi database is a hackers dream.  Not forgetting that it gives them a huge
> database of MAC addresses to spoof and their geographic locations.
>
> 1: Personal data must be processed fairly and lawfully.
> The data subject must know why their information is being collected, what it
> will be used for and if it will be shared and by whom.  The individual must
> give permission for the use of the data unless the processing is necessary
> for legal or contractural reasons.
>
> Comment: Since Google didn't even tell anyone they WERE collecting it, much
> less WHY that's them flat on their faces to start with.  Plus the small
> matter that *I* did not give permission.
>
> Principle 2: Personal data must be processed for specific purposes and in an
> appropriate manner.
> Data must not be collected unless there is a specific and valid reason.
>  Personal data collected for one reason must not be used for other purposes.
> Consent cannot be inferred from silence or failure to respond to a request
> for consent.
>
> Comment: What's the SPECIFIC valid reason?  Re consent see above.
>
> Principle 3: Personal data must be adequate, relevant and not excessive.
> Information must not be collected just because it may be useful in the
> future.
>
> Comment: There we go again.  Google can't state a reason for needing the
> data NOW.
>
> Principle 4: Personal data must be accurate and up-to-date.
> n/a
>
> Principle 5: Personal data should not be kept for longer than necessary.
> n/a
>
> Principle 6:  Personal data is processed in accordance with the rights of
> the data subject.
> n/a
>
> Principle 7: Personal data is protected by appropriate security.
>
> Comment: Google are how good at data security?  Oh that's right - only our
> government is worse.
>
> Principle 8:  Personal data is not transferred out of the EEA without
> adequate controls.
> Exemptions are provided where the data subject has given prior consent.
>
> Comment: Since nobody knew the data was being collected NOBODY has given
> consent, and now all the data is in America.
>
>
> Once again I'm happy that a) my WiFi is turned OFF when I don't need it and
> b) it's not transmitting the ESSID so the devious ____s won't have it.  Oh
> and c) I'm planning on getting a new router if this one starts making me
> reboot it anymore often, so that's Google's 'accurate and up-to-date' shot
> in the face too!
>
> Kind regards,
>
> Julian


I'm afraid I know virtually nil about the issues/laws involved here,
although perhaps a little more following your comments Julian :-).
Even with an absence of knowledge, it certainly sounded very shady to
me!

Best wishes
Roly

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html

References:
- Re: [LUG] The Wi-Fi database that shamed Google
  - From: Roland Tarver
- Re: [LUG] The Wi-Fi database that shamed Google
  - From: Julian Hall

Prev by Date: [LUG] Mobile broadband
Next by Date: Re: [LUG] The Wi-Fi database that shamed Google
Previous by thread: Re: [LUG] The Wi-Fi database that shamed Google
Next by thread: Re: [LUG] The Wi-Fi database that shamed Google
Index(es):
- Date
- Thread