New Privacy Complaint Filed Against Google (And The Cloud)
Yet another privacy complaint has been filed against Google with the FTC, this time by the Electronic Privacy Information Center over Google’s cloud computing services and related privacy and data security issues. While Google is the named party, the company is basically the stand-in for “the cloud” as a whole. (If you want to read […]
Yet another privacy complaint has been filed against Google with the FTC, this time by the Electronic Privacy Information Center over Google’s cloud computing services and related privacy and data security issues. While Google is the named party, the company is basically the stand-in for “the cloud” as a whole. (If you want to read the complaint, you can download it here [.pdf].)
Here’s the thrust of the complaint:
EPIC hereby petitions the Federal Trade Commission to open an investigation into Google’s Cloud Computing Services, to determine the adequacy of the privacy and security safeguards, to assess the representations made by the firm regarding these services, to determine whether the firm has engaged in unfair and/or deceptive trade practices, and to take any such measures as are necessary, including to enjoin Google from offering such services until safeguards are verifiably established. Such action by the Commission is necessary to ensure the safety and security of information submitted to Google by American consumers, American businesses, and American federal agencies.
The three services mentioned in particular are Gmail, Picasa and Google Docs. EPIC successfully filed a similar action against Microsoft’s Passport service and won fines and concessions.
The complaint asserts that Google represents to the public that its online services are secure but, EPIC argues, there are known flaws and Google disclaims any responsibility for privacy or security breaches. It claims that Google’s data security practices are inadequate as they stand, and so on.
Privacy has re-emerged as a serious issue and big consumer concern on a number of fronts.
Without saying anything about the merits of the complaint and whether the EPIC claims are accurate, the issues raised are important as we move into the cloud-computing era very rapidly. Mobile access to Internet content and services will further accelerate this trend.
Update: I spoke briefly to a Google spokesperson yesterday and he had this to offer on the record:
“We have received a copy of the complaint but have not yet reviewed it in detail. Many providers of cloud computing services, including Google, have extensive policies, procedures and technologies in place to ensure the highest levels of data protection. Indeed, cloud computing can be more secure than storing information on your own hard drive. We are highly aware of how important our users’ data is to them and take our responsibility very seriously.”
It also struck me after I wrote the item above that there’s something perhaps unnecessarily “vindictive” in EPIC’s complaint that singles out Google. The issues raised are serious but pertain not only to Google but to Microsoft, Yahoo, Facebook and others. So it’s curious that the complaint was only filed against Google. In addition the language of “deception” is quite aggressive.
Everyone has an interest in ensuring better privacy and data security and EPIC is doing something helpful in raising the issues. But there are probably ways to address them at an industry level that are somewhat less “litigious.”