The ongoing storm over Google's collection of private WiFi data doesn't seems to be ending anytime soon. It all started when German authorities asked Google to audit the WiFi data collected by Google's Street View cars and Google responded to this by re-examining the collected data. The re-examination revealed the startling fact that the company mistakenly collected payload data from unsecured WiFi networks. Before this, Google was saying that it only collected WiFi network information consisting of SSID and MAC address and not the payload data.
The payload data from open WiFi networks can contain personal information such as emails, passwords, fragments of files, browsed internet data, pictures, video clips, etc., which is why the revelation of the fact it collected payload data has completely shaken Google’s management, as people and authorities in the effected countries considered it as a privacy breach.
Investigations over the collected data and legal actions against Google have already been initiated by a few countries. With each passing day, results of the investigations and news of new lawsuits/actions against Google are coming up. Recent news by BBC revealed that French investigative authorities found email passwords in Google Street View data.
The whole incident and current situation is really alarming for Google, but it is equally alarming for all people who are using WiFi at home, offices or during travel but still adhere to insecure WiFi practices. This is another big wake up call to stop and avoid insecure WiFi practices after the financially devastating TJX WiFi security breach a few years back. Even a couple of previous studies, such as Airport WiFi scan and Financial Districts WiFi scan, also indicated the alarming scale of WiFi malpractices.
In order to ensure safe WiFi usage, the least cumbersome available option lies in use of strong WiFi encryptions (WPA/WPA2) instead of open or WEP options while hosting WiFi networks. This would be sufficient for home users and travelers setting their own personal WiFi network. Hotspot users at public places should adhere to a hotspot precautions list (easily available on web) to ensure safety, whereas enterprises need to look for a more comprehensive WiFi security solution, as they are subjected to a broad spectrum of WiFi threats.
WiFi is a mature technology for local wireless networks and is constantly evolving. However, due to the nature of the technology, the communication signals keep intruding secure physical limits and thereby invite all types of eavesdroppers who try to invade privacy. Thus, if one needs to enjoy all the cool benefits that WiFi technology offers, then adherence to some basic WiFi security best practices is required. In my experience, these practices do not require so much hard work.
Google’s counter arguments are ongoing; let’s see how much Google will succeed in pacifying the furious people and concerned authorities.