UPDATE: Within hours of the FCC’s wristslap on Google for obfuscating an investigation into why Google was sucking down all kinds of private data with its creepy cars, the Electronic Privacy Information Center filed a Freedom of Information Act request with the FCC to force the FCC to release an unredacted version of the FCC’s order to Google.
So why were there redactions in the first place? The FCC Rules state that, when the Commission publishes opinions, orders, policy statements, or certain other documents, the Commission may “delete identifying details or confidential information.” 47 C.F.R. § 0.445(g). Such deletions may be made to the extent they are required to prevent “a clearly unwarranted invasion of personal privacy, or to prevent disclosure of information required or authorized to be withheld by another statute.” When such deletions are made, the FCC must fully explain the justification for the deletions in a preamble to the document.
The document’s author, P. Michelle Ellison, failed to include the required preamble explaining the copious redactions in the Notice of Apparent Liability (or “NAL”) issued to Google. There is a single reference in footnote 9: “Throughout this Notice of Apparent Liability, we use aliases or redact the names of Google employees to protect their privacy.” That’s it. While there are references in the NAL to Google unilaterally redacting documents it produced to the FCC, there is no discussion in the NAL itself of why redactions were made to the NAL (not quoting documents Google itself redacted when produced, but redactions to the language of the NAL).
Neither is there a discusison of who directed that redactions be made to the NAL, if the redactions were made at the request of a third party–oh, I don’t know, maybe someone at Google. And of course, if if the redactions were made at Google’s request, then presumably Google was invited to review the NAL before it was released, just in case they had any comments on language changes or stylistic comments. Or maybe Google got an apology from the FCC like they got from the Justice Department over the Google Drugs case? Who knows.
The FCC’s general rule is that documents are available for public inspection (47 C.F.R. § 0.451) although, the FCC does classify certain records as “not routinely available for public inspection.” This group of records includes those materials that are specifically categorized as confidential in the FCC rules, as well as those materials that are withheld from public inspection on the basis of a specific confidentiality request from the person submitting them. Id.; 47 C.F.R. § 0.457; 47 C.F.R. § 0.459. The FCC rules state that “[t]he Commission has determined that there is a statutory basis for withholding” all such records. 47 C.F.R. § 0.451.
Fine–but if they rely on this language at the FCC, that still does not seem to explain the redactionf from the NAL itself.
For a little comic relief–see John Stewart’s bit “Money Gall” on the Daily Show that lampoons Google’s crony treatment by the FCC.
Google has once again managed to delay and obfuscate their way into defying the U.S. government–the duly designated representatives of the American people. But why should we be left out? They do it everywhere else, too.
On this latest occasion, Google defied the FCC–not by standing up and challenging them, but by refusing to comply with lawful orders about a matter of considerable public consequence. Once again, the issue is privacy–not Google users who arguably have somehow consented to be spied upon. This time it is the public in general who might not have guessed that their privacy was being invaded even further by Google’s cars driving around taking pictures of their homes–and simultaneously snooping on any unprotected WiFi connections that were available to the data sniffer secretly placed in the Street View cars. Meaning if your WiFi is not encrypted and Google’s car drove past your house, the data sniffer made a copy of whatever it could grab out of the air, including, as you will see, emails, passwords, chats and anything else it could grab.
So while you might have been cheese about having a picture taken of your house, imagine how cheesed you’d be if you knew that Google was simultaneously making a copy of anything on your unprotected WiFi connection.
According to the FCC:
Between May 2007 and May 2010, as part of its Street View project, Google Inc. collected data from Wi-Fi networks throughout the United States and around the world. The purpose of Google’s Wi-Fi data collection initiative was to capture information about Wi-Fi networks that the Google could use to help establish users’ locations and provide location-based services. But Google also collected ”payload” data-the content of Internet communications-that was not needed for its location database project. This payload data included e-mail and text messages, passwords, Internet usage history, and other highly sensitive personal information.
And what kind of information did Google snoop on?
“[T]he full names, telephone numbers, and addresses of many [citizens]. We also found complete email messages, along with email headers, IP addresses, machine hostnames, and the contents of cookies, instant messages and chat sessions…instances of particularly sensitive information, including computer login credentials (i.e., usernames and passwords), the details of legal infractions, and certain medical listings….e-mail passwords and 774 distinct e-mail addresses, including “an exchange of e-mails between a married woman and man, both seeking an extra-marital relationship,” from which first names, e-mail addresses, and physical addresses could be discerned…web addresses that revealed the sexual preferences of consumers at specific residences….chat traffic, URLs, passwords, and video and audio files, some of which was highly sensitive..it was “possible to link several packets from Internet user to each other, and in doing so construct an accurate picture of the communication of an often identifiable user.”
So the FCC managed to piece together a pretty good idea of what Google was up to and it was this. While these creepy cars were driving around the creepy line, we are told these creepy Googlers were, of course, collecting data on anything that wasn’t nailed down. All of which, by the way, could now theoretically be shared by Google Maps with any other Google data.
When the FCC called Google out about what in the world it was doing, Google essentially refused to answer, refused to identfy Google personnel involved, had its principal engineer refuse to answer FCC questions on grounds that it might incriminate him (also called taking the 5th) and was generally uncooperative. The FCC issued a wide ranging request for documents and information to give Google a chance to explain this rather obvious breach of the consumers’ right to privacy. Did Google comply in order to maximize transparency?
If you even asked yourself that question in the privacy of your own thoughts, you really have no idea who you are dealing with.
Here’s what Google did:
When Google responded to the [FCC] on December 10, 2010, it produced only five documents. Google’s document production included no e-mails, and Google admitted that it had “not undertaken a comprehensive review of email or other communications,” because doing so “would be a time-consuming and burdensome task.” Google also failed to identify any of the individuals responsible for authorizing its collection of Wi-Fi data or any employees who had reviewed or analyzed Wi-Fi communications collected by Google. Indeed, Google redacted the names of its engineers from the few documents that were produced. Google asserted that identifying its employees “at this stage serves no useful purpose with respect to whether the facts and circumstances give rise to a violation” of the [Wiretap Act].”
In other words–Google told the FCC that they can take whatever they want whenever they want and if you think you can stop them FCC, then you can eat it and bark at the moon.
So once again, Google delays, obfuscates, impedes investigations and displays extraordinary hubris to the government of the United States and representatives of the people. Particularly arrogant for a government contractor. The FCC concluded:
Obtaining the documents and information that Google should have provided in December 2010 delayed the Bureau’s investigation and required considerable effort on the part of Commission staff that should not have been necessary. Google failed to provide a single e-mail in response to the [FCC’s request] until April2011-more than four months after submitting its initial…response. Google also waited until then to identify individuals who worked on the Street View project. It was not until September 2011 that Google–having received five separate demands from Commission staff-finally provided compliant declarations with respect to the accuracy and completeness of Google’s submissions. Under the circumstances, Google’s incomplete responses…constitute willful and repeated violations of Commission orders.
And what happens? Google gets a $25,000 fine and that’s the end of it. And they will probably appeal that.
So Google REALLY doesn’t want to give the FCC the Street View sniffing data or tell the FCC anything about who was involved or anything else. And whatever it is they are hiding is worth getting called out by the FCC and having their employees take the 5th. Exactly which crime was this employee worried about incriminating himself over?
And Google’s response according to Consumer Affairs?
In a masterpiece of non-responsive rhetoric, worthy of being tagged as “inoperative” by onetime Nixon aide Ron Nessen, a Google spokesperson told The Wall Street Journal: “We worked in good faith to answer the FCC’s questions throughout the inquiry, and we are pleased that they have concluded that we complied with the law.”
Now wait a minute…I could have sworn I was on planet Earth….
Or as Sergey Brin said, “If we could wave a magic wand and not be subject to US law, that would be great.”
Ahem…so to summarize:
The FCC did not make any finding that Google did not violate any laws.
The FCC found that Google refused to comply with even the most basic requests from investigators — claiming, for example, that searching its own employee emails “would be a time-consuming and burdensome task” and refusing access to key employees.
Most importantly, the FCC found that Google’s refusal to cooperate prevented the FCC from being able to determine whether Google’s conduct violated the law.
This is very similar to what happened in Korea where Google tried to obstruct an investigation by Korean authorities investigating WiFi sniffing by Google in their country (http://news.cnet.com/8301-1023_3-57354092-93/google-reportedly-faces-maximum-fine-from-korean-trustbuster/)
Maybe what Brin is really saying is that it would be great if Google could wave a magic wand and not be subject to any laws at all. In any event, Google’s FCC strategy is very reminiscent of Eric Schmidt’s own testimony before the U.S. Senate Antitrust Subcommittee where he obfuscated and refused to answer questions on the advice of counsel. It’s getting to be a habit.