Mass Law Blog

Is It Safe? Cloud Computing, That Is

The Electronic Privacy Information Center (“EPIC”) doesn’t think so, at least when it comes to Google’s so-called “Cloud Computing Services” (e.g., gmail, picassa, google calender). Here is a link to the complaint (pdf) EPIC has filed with the Federal Trade Commission. Quoting from the Complaint:

Google routinely represents to consumers that documents stored on Google servers are secure. For example, the homepage for Google Docs states “Files are stored securely online” (emphasis in the original) and the accompanying video provides further assurances of the security of the Google Cloud Computing Service. . . .

Google encourages users to “add personal information to their documents and spreadsheets,” and represents to consumers that “this information is safely stored on Google’s secure servers.” Google states that “your data is private, unless you grant access to others and/or publish your information.” . . .

On March 7, 2009, Google disclosed user‐generated documents saved on its Google Docs Cloud Computing Service to users of the service who lacked permission to view the files (the “Google Docs Data Breach”). This is just one of many example of known flaws with Google’s Cloud Computing Services. . . .

Investigate Google, EPIC asked the FTC, and stop Google from misrepresenting the effectiveness of its security practices in connection with cloud computing. Compel Google to enhance its security precautions, and stop Google from offering cloud computing until it does so. And, order Google to contribute $5 million to a public fund to research and enhance technology-related privacy.

The FTC’s response to this request (whether it pays lip service or really pressures Google to firm-up its security) will be an interesting and early indicator of the Obama-FTC’s views on Internet privacy. Stay tuned.