Google Glass’ easy eavesdropping on people may be illegal wiretapping.
Two courts already have ruled in different class actions that Google can be sued for illegal wiretapping for “interceptions” of personal information without meaningful consent — in circumstances analogous to how Google Glass operates.
First, the Ninth Circuit Court of Appeals recently ruled that wiretap law prohibits the type of transmission “interception” that Google StreetView cars’ did in secretly collecting personal information from unencrypted home WiFi networks.
- Specifically, this court denied Google’s claim that not encrypting one’s WiFi made the transmissions public. And this court also denied Google’s claim it was due the law’s exception designed to protect radio stations.
Second, Federal District Court Judge Lucy Koh recently ruled Google’s scanning of Gmail exchanges to create personal advertising profiles also could violate wiretap law.
- Specifically, Judge Koh ruled that Google was not exempt from wiretap law because creating personal advertising profiles by reading people’s emails was not an “ordinary course of business.” Judge Koh also found that “accepting Google’s theory of implied consent… would eviscerate the [wiretap] rule against interception.”
Given these strongly-analogous court precedents, it follows that Google Glass’ surreptitious “interception” of personal conversations and information for Google’s commercial purposes without meaningful permission could be ruled illegal wiretapping as well.
If it is, Google and Google Glass users and app developers could face a lot more legal risk and liability than everyone currently thinks.
When it applies, wiretap law is tough. If someone has been wiretapped, they have been legally harmed. One does not have to prove specific harm. And the statute has significant fines for each infraction.
The sheer number of potentially illegal Google commercial wiretaps is staggering and unprecedented. Google StreetView may have illegally eavesdropped on tens of millions of Americans homes. Gmail may have eavesdropped on every one of Google’s 425 million users email exchanges for several years.
If Glass is as big as Google hypes it to be, add many more millions of people’s actual conversations on which Google could illegally eavesdrop.
These court precedents suggest that Google has a lot more explaining and qualifying to do before it moves from its testing phase to full-scale commercial rollout of Google Glass. That’s because as a cloud service all the recordings of Glass users will not reside on the Google Glass device that users buy and own, but in Google’s data centers that Google controls. Thus the Glass user and Google are inextricably linked, so what one does, potentially could create wiretapping liability for the other.
First, Google likely will have to get much more explicit permission from Google Glass users for Google to “intercept” their conversations with others for its commercial purposes, and establish a protocol for somehow securing the permission of the others for the “interception” as well.
Judge Koh’s precedent could put Google’s “implied consent” theory at risk if applied to Glass. What if Glass adds a blinking light to Glass to indicate to others that it is recording? Will Google claim that the blinking light is enough for “implied consent” for the wiretapping?
Second, Google likely will have to explicitly state in its terms of service what additional actions Google will do to the recorded Glass conversations in Google’s data centers, if anything, other than store them.
Will Google data mine/”intercept” the Glass users’ recordings and actions for:
- The purposes of targeted advertising?
- “Improving other Google services?
- Predicting user behavior or needs for Google Now?
- Integrating with other Google advertising services?
- Augmenting Google’s artificial intelligence data base of knowledge?
Simply, what if anything will Google do with the private information gleaned from Glass recordings of private conversations?
Third, given Google’s large potential wiretapping liability, will Google change its no curation policy and curate and approve all Glass apps that could wiretap before they can be used on Glass? Will Google have in place internal controls to prevent Glass App developers from violating the wiretap act on their service to limit their liability? Will Google give apps developers access to any of the Glass users’ recordings of conversations to operate their apps, or for any other purposes?
If Google’s StreetView and Gmail both have potential illegal wiretapping liability for intercepting private information without the meaningful consent of the intercepted, it follows that Google Glass has a similar potential illegal wiretapping liability as well.
But Google’s potential illegal wiretapping liability may not stop there.
If Google has applied its theory of “implied consent” – i.e. if one uses Google’s products and services Google can use any “intercepted” personal information for any purpose it alone deems appropriate – some other Google services could attract closer attention for potential illegal wiretapping.
- Since Google Voice is closely integrated with Gmail, does Google “intercept” Google voice conversations in any way like it “intercepts” Gmails to target advertising on any Google service?
- Since Android is a free operating system that enables $9 billion in annual mobile advertising revenues per eMarketer, does Android “intercept” any mobile conversations or personal information without meaningful consent of the intercepted for the purposes of targeting advertising?
- And since Google’s Chrome browser is free, and Google Fiber’s free broadband service offering is implicitly ad-supported, does Chrome or Google Fiber intercept any mobile conversations or personal information without meaningful consent of the intercepted for the purposes of targeted advertising?
Simply, if it is illegal for Google to “intercept” Gmails and WiFi signals for advertising purposes under wiretaps laws, it follows that Google could be liable for intercepting Google Glass, Voice, Android, Chrome, and Fiber personal communications without meaningful consent for advertising and other purposes.
Big picture, why Google is potentially so vulnerable on wiretapping is that it has taken a general legal position that it is most always the responsibility of others to protect themselves from Google’s spying. Consequently, it is not Google’s legal responsibility to refrain from spying on people without their permission.
At bottom, the conflict here is potentially immense. Wiretap law protects people from being spied upon, while Google’s business model is based on “implied consent” for Google’s commercial spying.
[Originally published on Precursor Blog]
Scott Cleland is Executive Director of the Restore Us Institute, an internet policy think tank and nonpartisan, faith-based nonprofit with a mission to restore internet accountability to protect people from online harm.
