© The Financial Times Ltd 2016 FT and 'Financial Times' are trademarks of The Financial Times Ltd.
March 18, 2009 6:56 pm
A leading privacy group has called on the US Federal Trade Commission to consider shutting down Google’s web services until it establishes safeguards for protecting confidential information.
In a 15-page complaint to the FTC, the Electronic Privacy Information Center (Epic) said recent reports suggested Google did not adequately protect the data it obtained.
It cited vulnerabilities that revealed users’ data in its Gmail webmail service, Google Docs online word processing and spreadsheets and in Google Desktop, which can index users’ information held on their hard drives.
Google said it had not reviewed the filing in detail but it had “extensive policies, procedures and technologies in place to ensure the highest levels of data protection”.
The Epic complaint could be another setback for Google’s investment in “cloud computing services”: services such as e-mail and word processing enabled online in a web browser.
The programs are served from remote data centres, and personal data are held there as well, rather than inside a company’s network or a user’s hard drive.
Overloading at Google’s data centres in February caused a major outage of its Gmail service, raising concerns about its reliability.
The Epic complaint, which calls for an injunction, investigation or other action, highlights security concerns. It urges the FTC to take any measures necessary, including prohibiting Google’s services “until safeguards are verifiably established”.
Epic says cloud computing services are becoming an integral part of the US economy, with 69 per cent of Americans using some form of web service as of last September and 26m using Gmail.
The IDC research firm expects worldwide IT spending on cloud services to reach $42bn by 2012.
But the privacy group alleges Google’s cloud computing services have known flaws.
In March, Google revealed a small number of documents saved on Google Docs had been made viewable to people who lacked the necessary permission.
Epic pointed to a report in 2005 by researchers who found flaws allowing the theft of usernames and passwords for the Gmail service.
In 2007, a flaw was exposed in Desktop that could allow someone to remotely access personal data and even take control of a computer.
“Cloud computing can be more secure than storing information on your own hard drive,” maintained Google. “We are highly aware of how important our users’ data is [sic] to them and take our responsibility very seriously.”
Epic says the FTC has brought cases before to enforce privacy and protect consumers’ personal information, including action against the ChoicePoint data aggregation service in 2006 that included $15m in fines and compensation.
It says the commission could compel Google to be more transparent and revise its terms of service.
Copyright The Financial Times Limited 2016. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.
Sign up for email briefings to stay up to date on topics you are interested in