What is Google hiding from the FCC?

By Jeff Gould

Last week the FCC gave Google a verbal beatdown that, had it been delivered with karate chops rather than words, would have made Chuck Norris proud. In a 25 page report detailing its efforts to get Google to explain why it eavesdropped on the WiFi transmissions of untold thousands of home and business users, the Commission upbraided the search giant for its repeated attempts to stonewall and derail the investigation. With its relentless accumulation of compromising details the report makes for fascinating reading. But for those who don’t have the time, I offer here a brief summary and some speculation about what is really going on in this decidedly murky affair.

The eavesdropping occurred as part of Google’s effort to create a vast database of worldwide WiFi router locations that would enable location-based advertising on Android cell phones. But instead of limiting itself to collecting just the network addresses and GPS coordinates of the WiFi routers passed by its roving Google Cars (the only data needed for its declared purpose), Google also surreptitiously recorded over a two year period the content of transmissions sent by users who failed to properly secure their routers. According to information released by French regulators and cited by the FCC, the captured content included racy emails and postings to sexually explicit web sites, as well as much other material the owners certainly never intended to disclose to strangers.

The FCC launched its investigation in November 2010 with an official Letter of Inquiry to Google, but found, after months of delaying tactics from the search giant, that the firm was “apparently willfully and repeatedly violat[ing] Commission orders to produce certain information and documents that the Commission required for its investigation”. (FCC, p. 2). A key Google employee, the engineer who designed the code that did the eavesdropping, actually invoked the Fifth Amendment in declining to answer questions about what did or did not happen to the captured data or who else at Google knew what was happening. Despite these shenanigans, however, the Commission reluctantly concluded in the end that, on a strict reading of what it takes to be the relevant law, Google’s WiFi snooping, despite its egregious nature and huge scale, was not unlawful.

Why did the FCC let Google off the hook? It turns out that the law in question, the 1968 Wiretap Act, does not make it illegal to intercept communications when the transmitting system is “configured so that such electronic communication is readily accessible to the general public”. This gigantic loophole in the law was surely not intentional. When Congress passed the Wiretap Act it could not have anticipated WiFi networks, the Internet or the power of data mining algorithms. But despite its oh so lawyerly caution, the Commission’s staff was infuriated enough by Google’s stonewalling to propose a $25,000 fine and – more importantly – to ensure by the publication of its report that Google’s conduct would not escape public scrutiny and, thereby, a measure of well-deserved public infamy.

But seriously folks, what were they thinking in Mountain View? It would be unfair to convict Google in the court of public opinion in the absence of irrefutable proof of wrongdoing. But much of Google’s behavior to date seems specifically designed to prevent any such proof from ever seeing the light of day. This isn’t the first time Google has stonewalled regulators attempting to probe its WiFi snooping antics. The French data privacy agency (CNIL) complained of similar behavior in a report issued last year. This persistent pattern of behavior inevitably tends to suggest that Google really is hiding something serious. We have no conclusive evidence of that, but inquiring minds will want to know more before they accept Google’s cagey denials at face value.

All right then, let’s invoke blogger’s license to ask in a purely hypothetical way what it might be that Google doesn’t want us to know. First, I think we can unhesitatingly discard the possibility that Google was engaged in a genuinely criminal plot to spy on WiFi users for some truly nefarious purpose such as corporate espionage or blackmail. Call Google’s management what you will – arrogant, cynical and reckless are words that come to mind – it is a very safe bet that they are not criminals. What does that leave us with? Well, as Sherlock Holmes put it on many occasions to Dr. Watson, when you have eliminated the impossible, whatever remains, however improbable, must be the truth. I see three possible answers to our question, which are not mutually exclusive:

  1. More people inside Google (and perhaps more highly placed people) knew more about the WiFi snooping, and knew about it sooner, than Google has let on to the regulators. Perhaps there are embarrassing emails floating around in which Google managers make light of the situation or suggest inappropriate responses. The fact that Google, a prominent vendor of eDiscovery services, told the FCC that “it would be a time-consuming and burdensome task” to search its employees’ email for the evidence sought by the Commission is surprising, not to say downright odd.
  2. Regardless of who knew what and when, Google may fear disclosing information that could fuel legal action against it. For example, it might fear class action or individual lawsuits from WiFi users whose data was captured. It might also be worried about the ongoing investigations of several state Attorneys General.
  3. Finally, it might turn out that, far from being due to one anonymous programmer’s failure to turn off the default “capture everything” setting in the repurposed open source wardriving code that Google used, the snooping was part of a secret “science experiment” designed to find out if data mining a large corpus of real-world user content could improve Google’s search response or ad targeting algorithms.

I leave it to readers to determine which if any of these hypothetical explanations for Google’s behavior is plausible. Personally I’m inclined to rate (1) and (2) as quite likely, while classifying (3) as highly speculative. But however that may be, I’m pretty sure that we haven’t heard the last of this episode. Perhaps in a few weeks or months we will learn what those nosy wardriving Google Cars were really doing.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s