Wednesday, September 11, 2013
Ninth Circuit Allows Suit Against Google to Continue
From Staff and Wire Service Repots
Plaintiffs who claim that Google, Inc. violated state and federal laws by collecting their personal information through their Wi-Fi systems as it drove down their streets with car cameras shooting photos for its Street View mapping project may sue the company for damages, the Ninth U.S. Circuit Court of Appeals ruled yesterday.
In this file photo, an employee drives a Google Map Street View vehicle around Palo Alto.
Google acknowledged in May 2010 that its Street View vehicles had been collecting fragments of payload data from unencrypted Wi-Fi networks. The data “included emails, usernames, passwords, images, and documents,” Judge Jay Bybee noted in his opinion for the Ninth Circuit.
Google apologized, grounded its vehicles, and rendered inaccessible the personal data that had been acquired. In total, Google’s Street View cars collected about 600 gigabytes of data transmitted over Wi-Fi networks in more than 30 countries. But it denied that it had violated the federal Wiretap Act or related state laws, arguing that their activities were exempt from because data transmitted over a Wi-Fi network is a “radio communication” and is “readily accessible to the public.”
U.S. District Judge James Ware of the Northern District of California rejected the argument and denied the motion to dismiss. He then certified the ruling for interlocutory appeal, and the panel yesterday said he was correct.
“Even if it is commonplace for members of the general public to connect to a neighbor’s unencrypted Wi-Fi network, members of the general public do not typically mistakenly intercept, store, and decode data transmitted by other devices on the network,” Bybee wrote. His opinion was joined by Senior Judge A. Wallace Tashima and Senior U.S. District Judge William Stafford of the Northern District of Florida, sitting by designation.
Google’s Street View cars can be spotted with pole mounted cameras on their roofs, photographing along roadways the world over. The photos then show up on Google’s popular Street View map option, where viewers can virtually scroll along a street past homes, cars and shops, all captured in photographs.
But unbeknownst to passers-by, those cameras weren’t just making photos. They were also collecting detailed information transmitted over Wi-Fi networks they passed through.
Privacy experts and industry watchers said this was the first time an appeals court has ruled that it’s illegal for a company to sniff out and collect private information from the Wi-Fi networks that provide Internet service to people at home. Google is also the first publically known company to try.
“This appeals court decision is a tremendous victory for privacy rights. It means Google can’t suck up private communications from people’s Wi-Fi networks and claim their Wi-Spying was exempt from federal wiretap laws,” said John M. Simpson, Consumer Watchdog’s privacy project director. “Because Google’s Wi-Spy activity was so extensive, the potential damages could amount to billions of dollars.”
Marc Rotenberg, executive director of Electronic Privacy Information Center, an amicus supporting the plaintiffs, called it “a landmark decision for Internet privacy.”
“The court made clear that the federal privacy law applies to residential Wi-Fi networks,” he said. “Users should be protected when a company tries to capture data that travels between their laptop and their printer in their home.”
A Google spokesperson said that attorneys for the Internet giant are “disappointed in the Ninoogle spokesperson said that attorneys for the Internet giant are “disappointed in the Ninth Circuit’s decision and are considering our next steps.”
Plaintiffs’ attorney Elizabeth Cabraser said her clients were looking forward to going ahead with the action, in which they are seeking class certification.
Earlier this year Google settled a 37-state lawsuit for $7 million after attorney generals sued over what they said was an invasion of privacy for the data collection.
The practice was discovered by a German data protection commissioner in 2010. A few months later, Google co-founder Sergey Bring told conference goers the firm had made a mistake.
“In short, let me just say that we screwed up,” he said at the time.
Google says it has disabled the equipment that was collecting the data, and agreed to destroy the information as soon as possible. The company is currently obliged to hold it, unused, because of ongoing litigation.
Copyright 2013, Metropolitan News Company