Appeals court again nixes Google's bid to overturn Street View case

The court also rejects company's petition for a hearing

A U.S. appeals court has once again rejected Google's argument that it did not break federal wiretap laws when collecting user data from unencrypted wireless networks for its Street View program.

In a ruling this week, the U.S. Court of Appeals for the Ninth Circuit held that payload data transmitted over a Wi-Fi network is not "radio communications" as defined under the federal Wiretap Act and as claimed by Google. That means the company cannot claim an exemption for its Wi-Fi data collection under the Wiretap Act.

The appellate court also rejected Google's petition for an en banc, or full court, review of the case. The opinion clears the way for a lawsuit filed against Google over its Street View data collection to proceed in District Court.

"The Ninth Circuit's ruling in the Google Street View case is significant because the court affirmed its previous holding that Wi-Fi communications are protected under the Wiretap Act," said Alan Butler appellate advocacy counsel with the Electronic Privacy Information Center (EPIC).

"Google has been subject to investigation in the U.S. and Europe for its collection of private Wi-Fi communications, and the court's refusal to dismiss this case shows that this collection might have violated federal law," Butler said.

In 2010, Google admitted that its Street View cars had inadvertently captured data transmitted over open Wi-Fi networks when shooting photos. The company apologized for its actions and said it would destroy or render inaccessible close to 650GB of data it had collected from Wi-Fi networks.

Several individuals later sued, claiming Google had violated the Wiretap Act, which prohibits the intentional interception of electronic data. In the lawsuit, the plaintiffs noted that Google's Street View cars had recorded a considerable amount of data from open Wi-Fi networks including SSIDs, MAC addresses and even "payload" data such as personal emails, passwords, videos and documents.

Google claimed that its actions were legal because the only data it collected was data that was unencrypted and freely available to the general public over unsecured wireless networks. The company claimed that people who did not take affirmative action to protect their data on wireless network should no expectations of privacy over the data.

It likened unsecured wireless data to open radio communications and claimed that the Wiretap Act did not offer any privacy protections to the data.

A District Court judge who heard the case rejected Google's argument and held that wireless data is very different from radio communications and therefore enjoys specific privacy protections.

Last September, the Ninth Circuit upheld the District Court's ruling after Google filed an appeal. This week's ruling reaffirms that opinion.

However, it also deletes a significant portion of the earlier ruling in which the court held that unencrypted communications sent from or received by an open Wi-Fi network was not generally accessible to the public. The court also granted a Google request for a rehearing of the case.

Daniel Castro, a senior analyst with the Information Technology and Innovation Foundation (ITIF), said the amendment is significant for Google.

"It's fairly rare for a court to significantly modify a previous opinion," Castro said. With the appellate court's first ruling, Google almost did not have a case. This week's opinion "opens the door for them to continue to argue the case."

A Google spokesman expressed muted satisfaction over the developments. ""We're pleased that the Court granted our request for a rehearing and revised its opinion. But we are disappointed that the order was not completely reversed and are considering our next steps."

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is

See more by Jaikumar Vijayan on

Read more about internet search in Computerworld's Internet Search Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags GooglesecuritylegalInternet SearchElectronic Privacy Information Centerinternetsearch enginesprivacy

More about Electronic Privacy Information CenterGoogleTechnologyTopic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place