Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Google Maps offering to "map our locations"....concerns??

From: Heath Barnhart <heath.barnhart () WASHBURN EDU>
Date: Tue, 17 Apr 2012 13:21:45 -0500
I agree with this as well. There's a difference between walking around with your wifi adapter on and seeing what you see and actually capturing information, which I believe if anyone of us got caught doing would land us in a federal prison.
I would suggest, if asked for opinion by administration, that a stipulation be made that Google only be allowed to do passive scanning of the network only. That way they can still gather their WiFi location data if they want but not get user data. 
--
*Heath Barnhart, CCNA*
Network Administrator
Information Systems Services
Washburn University
Topeka, KS

On 4/17/2012 12:20 PM, Hahues, Sven wrote:

The reasonably paranoid person in me was also going to say what David said.  I'd be more concerned with what they may be 
gathering "accidentally" while they are at your campus than what they are there to officially do.

It's not like Google hasn't "accidentally" done this in the past - 
http://www.computerworld.com/s/article/9176810/Google_stops_sniffing_Wi_Fi_data_after_privacy_gaffe

I don't know about you, but the difference between running netstumbler and tcpdump isn't  just a simple "whoops - wrong 
button, my bad..." kinda thing, so a little bit of suspicion is well placed.

Sven

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of David L. 
Wasley
Sent: Tuesday, April 17, 2012 1:04 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Google Maps offering to "map our locations"....concerns??

I'm curious why there have been few comments about what Google did -not- say in the agreement.  There have been many news stories about Google 
"accidentally" collecting emails, passwords, etc., as a byproduct of doing this mapping.  My own paranoia would lead me to request an 
explicit clause that says something like "Any information recorded by Google or it's contractor other than what is described above as 
Location Information shall not be used for any purpose and shall be erased from all records immediately upon discovery."

David


On Apr 15, 2012, at 9:16 PM, SCHALIP, MICHAEL wrote:



         Hi Folks....

         Has anyone else been approached by Google Maps to allow them to "map your campus" in detail - presumably, for student navigation 
purposes??  Here's the "agreement" that they want us to sign off on.  I have some basic concerns, but - then again - my concerns may 
be completely unfounded.  So - I thought I'd offer this up to this group to see what your collective wisdom would respond with....(note the 
italicized entry)....

         Let me know what you all think....



         Thanks,



         Michael


                 Agreement
                 We (the "Property Owner", "Property Manager", or "Property Operator") hereby permit Google Inc. 
(through its employees, affiliates or agents) to enter the publicly accessible areas of the properties described above, at a time and in the manner 
directed by our designated contact person listed in the Signatory Information area below, to collect Location Information.

                 For the purposes of this agreement, "Location Information" means Wi-Fi access point MAC addresses 
(also known as BSSIDs); Wi-Fi access point properties (including signal strength); mobile handset-generated compass, gyroscope 
and accelerometer measurements; and other related information.

                 Google will abide by the property access rules specified by our designated contact person.

                 Google must have suitable insurance coverage or self-insure for all of Google's activities on the 
propert(ies).  Google will be responsible for all costs of its data collection, and will be the exclusive owner of all 
right, title and interest in all data collected on the proper(ties).

                 This letter does not give Google any intellectual property rights to our trademarks or logos.  Neither party 
will use the other's name, trademark or logo in any public statement without the other's permission.

                 We affirm that we are either the Property Owner, the Property Manager, or the Property Operator, and 
that we have full power and authority to grant you the permission above.




         --
         This message has been scanned for viruses and
         dangerous content by MailScanner<http://www.mailscanner.info/>  , and is
         believed to be clean.



________________________________

No department at FGCU will EVER ask you for your username and password in person or through e-mail. If you receive an 
e-mail requesting your EagleMail or FGCU email password, DO NOT respond. Delete the e-mail immediately. If you receive 
a questionable e-mail, please contact the Help Desk at 239-590-1188.

________________________________

COMPUTING SERVICES WILL NEVER ASK FOR YOUR PASSWORD. You should never give out your username or password for any 
accounts you have, including bank accounts, credit card accounts, and other personal or University accounts. Computing 
Services will never contact you using a return e-mail address that is not @fgcu.edu. If you receive a questionable 
e-mail or an e-mail asking for passwords and logon information, DO NOT RESPOND, and please contact the Help Desk at 
239-590-1188.
Previous By Date Next
Previous By Thread Next

Current thread: