Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Network Security / Google's Cloudy Security Under Fire
Google's Cloudy Security Under Fire
Google's Cloudy Security Under Fire
By Patricia Resende / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
The Federal Trade Commission is being asked to investigate Internet search giant Google for a lack of security in its cloud-computing services, a framework of software and services in which applications and data reside on third-party servers that provide remote access through Web-based devices.

The Electronic Privacy Information Center (EPIC), a Washington, D.C.-based public-interest group, filed the complaint and is asking for an injunction by the FTC to stop Google from offering any of its cloud services until the FTC has investigated Google's safeguarding of consumers' information.

The complaint comes just 10 days after Google announced that it had unintentionally disclosed user-generated documents stored on its cloud-computing service.

Privacy Glitches Cited

In its 15-page complaint, EPIC said Google is not providing adequate protection of consumers' information in its group of cloud-computing services, which includes Gmail, Google Docs, Google Desktop, Picasa Web Albums and Google Calendar.

"We understand the FTC is very interested and have received an acknowledgment from the FTC," Marc Rotenberg, president at EPIC, told us. "Now they will make a determination on whether to begin an investigation."

Rotenberg said EPIC always reserves the right to supplement the filing and may add to it because of Google's health-records service that "will clearly raise privacy and security concerns."

In September and November alone, 30.4 million consumers used Google's Docs and Gmail cloud-computing services, according to ComScore Media Metrix.

EPIC points out several flaws in Google's cloud-computing services. In January 2005, researchers found that usernames and passwords for Google accounts allowed others to steal log-in information, allowing outsiders to snoop on users' e-mail. Another flaw exposed Google users' personal data to malicious Internet sites, EPIC says.

"Of course what we did was we looked carefully at Google's statements and they sound very favorable, then you read their terms of service," Rotenberg said. "On one hand they are telling everyone cloud computing works great, but on the other hand in the terms of service they say if you run into trouble, you are on your own."

EPIC is asking the FTC to encourage Google to make its security policies more transparent; report any data breaches or loss of data to the FTC; and ask Google to contribute $5 million to a public fund that will support privacy issues, including encryption, mobile locations and data anonymization.

Cloud Computing Rises

Cloud computing has gained traction in the past few months, with several companies, including Microsoft, IBM and Sun Microsystems, talking about it and offering services.

As of September, nearly 70 percent of Americans were using Webmail services, storing data online, or using applications whose functionality resides on the Web, according to EPIC's complaint.

Organizations such as the Pew Internet and American Life Project have reported that consumers are concerned about cloud-computing services. At least 90 percent of cloud-application users are worried that data stored with one company would be shared or sold to other companies, according to a September report.

Flaw in Terms of Service

Google, however, says that Google Docs saves data to a secure online-storage facility, and documents stored on Google servers are secure. Google says consumer data is private unless the user grants access to others or publishes their own information.

EPIC's argument with Google, however, is that the company's terms-of-service agreement does not stand behind any of its security and privacy pledges.

"Google's terms of service explicitly disavow any warranty or any liability for harm that might result from Google's negligence, recklessness, mal intent, or even purposeful disregard of existing legal obligations to protect the privacy and security of user data," EPIC said.

Along with an investigation, EPIC is asking the FTC to require Google to revise its terms of service with respect to cloud-computing services.

"We have received a copy of the complaint but have not yet reviewed it in detail. Many providers of cloud-computing services, including Google, have extensive policies, procedures and technologies in place to ensure the highest levels of data protection," said Andrew Kovacs, a Google spokesperson. "Indeed, cloud computing can be more secure than storing information on your own hard drive. We are highly aware of how important our users' data is to them and take our responsibility very seriously."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.