Computer users are storing more and more of their personal, and sometimes confidential, information on Web servers they don’t own and control. Will security concerns be the undoing of Google and Web computing?
Google’s corporate motto is “Don’t Be Evil”. But I’ve recently started wondering whether the company should be trusted with my personal information. Let me explain.
I use Google extensively. I use it to search the Web and to do my e-mail, I use its instant messaging application Google Talk, I check out satellite maps in Google Earth, I use Google Picasa to organise my photographs and I make use of Google Groups to subscribe to e-mail discussion forums.
More recently, I started using Google Docs & Spreadsheets and I now write many of my articles, including this column, in Google’s online word processor. It saves me time because I can pick up my work wherever I happen to be, on any machine, provided there is an Internet connection (and there almost always is one). No more e-mailing documents to and fro and losing track of which version is most current. I simply log on to Google’s servers and continue where I left off.
A friend of mine thinks I’m crazy. “Go right ahead and put your documents somewhere where you don’t have any control over the machines they’re stored on,” he said recently in an e-mail. “You don’t know how secure they are [and] someone else you don’t know controls complete access to your documents.
“Google,” my friend said, “will own you. Your documents are stored on Google kit. You cannot get them off. If you ask me, that’s far worse than anything Microsoft ever did.”
Initially, I simply dismissed what he said. Why would Google have any interest in my private data?
But my friend has a point. Most of the work I do in Google isn’t confidential — in fact, I write articles in the very hope that they will be disseminated publicly. But some people’s data, if leaked, could do enormous damage — a politician’s steamy conversations with his mistress or a listed company’s unpublished financial records, for example.
It’s not only Google, of course, that should have me worried. Microsoft, Yahoo and other companies also have the potential to use my information for nefarious ends. But it’s Google that gets all the attention because of its pervasiveness.
A recent issue of MotherJones, a left-wing US magazine, alleges that, in September, Google handed over the records of some users of its social networking service, Orkut, to the Brazilian government, which was investigating alleged racist, homophobic and pornographic content.
“The question is not whether Google will always do the right thing — it hasn’t, and it won’t,” MotherJones says. “It’s whether Google, with its insatiable thirst for your personal data, has become the greatest threat to privacy ever known, a vast informational honeypot that attracts hackers, crackers, online thieves, and — perhaps most worrisome of all — a government intent on finding convenient ways to spy on its own citizenry.”
Is MotherJones exaggerating? Yes, probably. But companies should be concerned about their employees using Google and other websites to do their work. How would you feel about one of your employees uploading a confidential company document onto Google’s servers so they can work on it when away from the office?
Will this compromise your company? Probably not. It’s not in Google’s interest to undermine the privacy of its users. If people become fearful of Google — if they worry that the company is not protecting their privacy — they will switch to its rivals in an instant. Just one high-profile incident could inflict enormous and permanent damage on Google’s credibility. Comfort enough?