Privacy Concerns On Google's 30 Day Data Policy 154
darkmonkeh writes ""Google Inc. is offering a new tool that will automatically transfer information from one personal computer to another, but anyone wanting that convenience must authorize the Internet search leader to store the material for up to 30 days", CNN reports. Although Google's policy states that it can hold data for up to 30 days, "Google intends to delete the information shortly after the electronic handoff, and will never retain anything from a user's hard drive for more than 30 days", said Sundar Pichai, director of product management. With pressure on Google after the request by the Bush administration for personal information, privacy concerns may be hard hitting."
advertising? (Score:4, Insightful)
pirates? (Score:4, Insightful)
Retention of Data (Score:5, Insightful)
Here's a question: (Score:5, Insightful)
From TFA: Why exactly do any of Google's employees need access to this information? Why can't the content be encrypted by the user via an asymmetric key scheme (like PGP) and decrypted again once it's reached the target system?
I'm really not seeing the necessity for Google to have any access at all to users' information...am I missing something?
Don't Do It (Score:5, Insightful)
If you have privacy concerns, don't use the service. If you are stupid enough to transfer private or sensitive information over someone elses network, let alone store it on their drives, you deserve what you get. I use some online storage for information that I would not want to lose in the event of a catastrophe at my home, but it is nothing I consider sensitive. If it was, I would either store it elsewhere or use some kind of encryption on the files.
Ugh... (Score:5, Insightful)
Technical feasibility? (Score:5, Insightful)
The policy may very well translate into "We will make a best effort to delete the information when you instruct us to do so, but we will only guarantee that the information will be deleted within 30 days."
Not to mention (Score:5, Insightful)
Hopefully this will be sufficient. If not, we will need to block access to all of Google, which would seriously upset many people within the company, and of course this will cascade to other organizations. Will Google be happy it's pissing off a bunch of Fortune 50 companies?
Re:Here's a question: (Score:3, Insightful)
Keep in mind that access does not mean unencrypted. I read it as saying that the data will be stored encrypted on google's system, however some employees will still need to potentially have access to the encrypted data.
In dubio pro reo (Score:5, Insightful)
But, to show off some more latin, cui bono? What's google's gain in the game? What could they possbily gain from having access to my data? My highly sensitive christmas pics?
Hardly.
What they do get in that way is an idea where people and data travels. Information about their users. That's it. And that's by far more valuable than your grocery list or granny's phone number. IMO they don't care about your data. What they want is the information where data comes from and where it goes to. And that can be simply achived by tracking where you are when you dump the files on them, how long they stay there and where you are when you pick them up again (or, what's also possible, where the person is that picks them up).
That's the info they're after. Not your files themselves.
So why the 30 days? Well, this could be connected with their update and deletion cycles. As someone already pointed out, their servers are most likely redundant. It's not like at home, where you simply hit "del" to get rid of a file. Their array of servers first of all has to realize that the file is actually supposed to be deleted. Or it could be that they are using some nightly job to clean up and purge all the "waste" data, and that this can't be done during normal operation, not even more than once a month, simply because the servers got better things to do.
So, in a nutshell, I don't suspect "evil" in that 30 days cycle. More likely, it's simply a technical necessity, and a legal one too. So people don't start suing them 'cause the files are still on their servers 10 days after they picked them up.
Re:Don't Do It (Score:4, Insightful)
The same can be said for online banking, email correspondence, chat, IM, or P2P. The fact is you have to be smart about who you let have access to what data. It's hard enough protecting your security in just the above arenas, without letting an outside group have access to your hard-drive. Another service I don't think I'll be touching anytime soon.
Re:Don't Do It (Score:2, Insightful)
I have a completely encrypted drive in my laptop for sensitive information in case I lose it or it is stolen. This is just wise in my humble opinion and can be easily achieved by many tools, like truecrypt [truecrypt.org]. For everything else, there is Gmail [gmail.com]! =)
Boiling a Frog (Score:3, Insightful)
(First, this is not an Anti-France post.)
Google is starting to creep me out. I've been in love with them and their "Don't be evil" thing, and have adopted many of their tools, including GMail. But, they are starting to do things that make me wonder if we are the frog that is destined to be boiled.
You know:
I'm thinking we are going to turn around one day and wonder how Google got all our data. It will follow the revelation that all the data Google had was exposed to a hacker, or sold by a disgruntled employee, or accessed by Chinese Military Intel.
Government Mandated Retention (Score:4, Insightful)
Let me get this straight (Score:3, Insightful)
To be honest, I think that they should be commended for making the full disclosure. If privacy advocates are concerned, then privacy advocates should avoid using the service.
Re:Wow. (Score:5, Insightful)
Re:Here's a question: (Score:2, Insightful)
Google's not storing people's data out of altruism. They're doing it to make a profit from data mining and association-mapping.
Think supermarket "loyalty" cards but on a far grander scale. That's what Google is aiming for: the ability to study and profit from the collated details of the lives of millions of people. In order to study the details, they must be able to process them in an unencrypted form at some point.
They may have no evil intentions whatsoever. People should just keep in mind that all of these details will be pre-collated for government subpoenas, identity thieves, stalkers, and anyone able to bribe or blackmail an employee. As they say, the road to Hell is paved with good intentions...
Re:Wow. (Score:3, Insightful)
But - you have been warned !
Ever had a really good friend, who you haven't seen for a while, so you go out for a beer, and halfway through a conversation, you discover he is trying to sell you life insurance/water filters/mortgage services/etc/etc ? Not fatal, but uncomfortable and disingenuous.
Well that's google for ya. I can handle advertising on their search pages, as the price of using their service, but I'm damned if I'll help them index me !