I am also talking about my common sense. The fact that we should expect something to happen is orthogonal to whether the one who made it happen was justified.
In my common sense there are many factors in this story that play against Google: 1) the said army of drones 2) it is unreasonable for users to force exclusively encrypted communication 3) they clearly operated in a "let's collect as much as possible" rather than having a clear objective like for the SSID 4.1) they have collected potentially sensitive data from businesses connections not intended for the public space 4.2) they have collected private data from personal connection not intended for the public space.
Overall what I see is that wifi is not as secure as I expected and Google (lawfully) exploited said lack of security with complete disregard to other's privacy.
Many other points of view might be possible, but I believe this is a reasonable/valid way to interpret what happened.
> it is unreasonable for users to force exclusively encrypted communication
Hard disagree. That's like saying it's unreasonable to expect cable modem routers to come with firewalls or websites to default to HTTPS. I think it's rather unconscionable that the opposite is the case: we had too many years of wifi routers come to market that were unencrypted by default.
4.1 doesn't agree with the law or common sense. Don't broadcast cleartext data if you don't intend it for the public space. TCP/IP packets or Morse code, the principle is the same.
Expecting every radio receiver to know whether broadcast cleartext was "intended for the public space" is impractical, and both law and radio culture reflect that impracticality. Expecting the radio recipient to decide whether your data is intended for public space or not would be like replacing telephones with megaphones and then fining people for listening to conversations.
> Expecting every radio receiver to know whether broadcast cleartext was "intended for the public space" is impractical, and both law and radio culture reflect that impracticality.
I agree, but I cannot agree that this can apply to google sniffing wifi packets. Google knew they were wifi packets, they knew those packets where intended for the "internet", they knew they were not addressed to them; it was not a generic radio transmission. It is a good argument for why it should be legal anyway.
>> it is unreasonable for users to force exclusively encrypted communication
>Hard disagree. That's like saying it's unreasonable to expect cable modem routers to come with firewalls or websites to default to HTTPS. I think it's rather unconscionable that the opposite is the case: we had too many years of wifi routers come to market that were unencrypted by default.
This is no justification for the methodical exploitation of this lack of security. This is only relevant to whether also OSs and ISPs/router manufacturers should have done better.
If you're talking about capturing payloads, I think Google appears to agree with you; they went on record as full payload capture being unintentional. I have insufficient personal investiture to argue the private packet capture point further; my personal morality doesn't tend to hinge on what other people should be doing, but what I should be doing. In an ecosystem that doesn't and shouldn't protect me from capture of my packets in the commons, I should be encrypting my packets. Full stop. What other people do is up to them.
If you're talking about any radio packets, SSID name broadcast packets aren't sent with a recipient in mind.
In my common sense there are many factors in this story that play against Google: 1) the said army of drones 2) it is unreasonable for users to force exclusively encrypted communication 3) they clearly operated in a "let's collect as much as possible" rather than having a clear objective like for the SSID 4.1) they have collected potentially sensitive data from businesses connections not intended for the public space 4.2) they have collected private data from personal connection not intended for the public space.
Overall what I see is that wifi is not as secure as I expected and Google (lawfully) exploited said lack of security with complete disregard to other's privacy.
Many other points of view might be possible, but I believe this is a reasonable/valid way to interpret what happened.