Google's Privacy Safeguards Questioned

By Reuters  |  Posted 03-18-2009 Print Email
Google's security procedures are called into question following an inadvertent release of consumer data.

An online privacy group called on Tuesday for government regulators to investigate the adequacy of Google's security safeguards after the company inadvertently released consumers' private information this month.

In a complaint filed with the U.S. Federal Trade Commission on Tuesday, the Electronic Privacy Information Center faults Google's practices relating to its so-called cloud computing services, which store user-generated documents and other personal information on Google servers instead of on an individual's personal computer.

The Washington, D.C.-based group, which focuses on civil liberties and privacy issues, also asked the FTC to bar Google from offering cloud computing services until the company has put certain safeguards in place.

Google said in a statement the company had received a copy of the complaint but had not reviewed it in detail.

"We are highly aware of how important our users' data is to them and take our responsibility very seriously," the firm said, adding that Google has extensive polices, procedures and technologies to ensure the highest levels of data protection.

On March 7, Google said a bug in online productivity software, Google Docs, caused a small percentage of users to inadvertently share their personal documents with other users. The bug, which has since been fixed, affected 0.05 percent of all documents and was limited to people who had previously shared online documents with others, according to Google.

"The Google Docs data breach highlights the hazards of Google's inadequate security practices, as well as the risks of cloud computing services generally," said EPIC Executive Director Marc Rotenberg in a statement.

He added that there was "ample" precedent for the FTC to begin an investigation.

The group said that Google's cloud computing services have been increasingly vulnerable to data breaches, despite the company's assurances that it secures the documents on its servers. EPIC's complaint also said that Google stores and transmits documents in plain text, instead of encrypting data as is the practice at some other cloud computing services.

Google has introduced a growing menu of cloud-based software from email to spreadsheets. Last week, the company unveiled Google Voice, which transcribes telephone voice mails and routes the messages to a person's email inbox.

Back to CIO Insight
 



 

Submit a Comment

Loading Comments...
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date