RSSInside EPIC's privacy claim against Google: What's the evidence?
By Scott M. Fulton, III | Published March 18, 2009, 4:40 PM
By now, the matter of Google's multiple small disasters with its early round of cloud-based applications -- troubles which led to the unauthorized sharing ability of some files -- is one of public record, and certainly the company has made plenty of public apologies. But was it criminally deceptive in promising to users a safe system, only to then be hit with safety issues? The Electronic Privacy Information Center advocacy group says yes, and it has taken its case to the US Federal Trade Commission.
In a formal complaint issued this morning (PDF available here), EPIC uses citations from Google's online marketing promotions for its cloud-based applications, along with links to news articles about the company's recent headaches, to build the case that the company makes promises to users that it can't keep.
"Google encourages users to 'add personal information to their documents and spreadsheets,' and represents to consumers that 'this information is safely stored on Google's secure servers,'" reads the complaint co-authored by EPIC President Marc Rotenberg. "Google states that 'your data is private, unless you grant access to others and/or publish your information.'"
Last month's Gmail service outage, which only affected a minority of Google's customers, still managed to point to a serious problem with respect to the centralization of the company's online resources. Then two weeks ago, the inadvertent availability of unauthorized documents in some users' online storage gave a clear signal that identity and authentication in the Google system were still very much in "beta."
But Google admitted as much -- in fact, it's through its admissions that many in the press discovered the existence of these troubles in the first place. EPIC cited the FTC's regulations regarding deceptive advertising, which state, "There must be a representation, omission or practice that is likely to mislead the consumer. This includes the 'use of bait and switch techniques.'"
With that, EPIC went on to contend the evidence, in its view, speaks for itself: "Google made material representations that misled consumers regarding its security practices, and users reasonably relied on Google's promises. As demonstrated by the Google Docs Data Breach, Google's material representations were deceptive."
EPIC is requesting that the FTC enjoin Google from providing any kind of cloud computing service "until safeguards are verifiably established," as well as to contribute $5 million to a public research fund for developing encryption, anonymization, and mobile privacy techniques.
It's an important step what EPIC has done, but I think its unlikely that the FTC will do all they ask. There's a related article that is interesting here:
http://www.atelier-us.co...e-google-cloud-services
Score: 0
|digital security does not exist. as long as its binary it can be hacked. even the most advanced security can be hacked, just give it some time. for every genius that invent a security software there's another genius that breaks it.
of course software companies promise security, but that doesn't mean that is impossible to hack.
even our government promise us security, with the CIA, NSA, and was it impossible what happened on 9/11? Google designs its software secure to a reasonable extent. 100% secure is impossible.
Score: 0
|The problem is that there wasn't any hacking done. Due to a bug, the documents were tagged as public/available to everyone on the contacts list even though they were private.
Had it actually been due to someone hacking Google Docs, I'd have said you had a point but no such thing took place.
Score: 0
|It is strange that m$'s simular could apps have not yet had these issues.. 5M for research?? why not more..
Score: 0
|"Google encourages users to 'add personal information to their documents and spreadsheets,' and represents to consumers that 'this information is safely stored on Google's secure servers,'"
Isn't it exactly what credit card companies and banks said about their security about the personal information of their customers , time and time again?
Score: 0
|