If you’re a fan of Google-is-getting-too-powerful-for-its-own-good conspiracies, this piece by independent security specialist Sherri Davidoff on her Philosecurity blog is a must read.
Davidoff explores how Google is gradually gaining greater access to government data by landing municipal contracts from the city of Los Angeles, Washington, D.C., and others who have “Gone Google.”
Going Google of course refers to companies, or government agencies, as it were, who opt to use Google Apps, the suite of collaboration applications that includes Gmail, Google Docs, Google Sites, Google Talk and other apps that the search engine hosts on its own servers.
For example, Google in October won a $7.25 million contract with Los Angeles to power Google Apps for 34,000 municipal employees.
These workers will be using Gmail, Google Docs and other apps to work together, saving what the city’s CIO said would be millions of dollars. Google replaced the legacy Novell GroupWise system and beat out Microsoft and others for the pact. Sounds like a win-win for everyone, right?
Davidoff finds where this can be a lose-lose down the line, for the government in the city and the people who live there:
“According to Google, United States state governments have literally handed over our public data to be held and managed by a private company which has well-publicized partnerships with other governments such as China. The data is physically stored in Google’s buildings, on Google’s servers, managed by Google’s employees. This means Google now controls our government’s access to its own data.“
Moreover, Google is also creating a “government cloud”, or a dedicated cloud computing system for the U.S. government, in 2010.
In short, government adoption of Google Apps, Davidoff noted, means one company controls potentially sensitive government data. She also wrote:
“Homeland security rules for federal intelligence agencies to force Google to turn over information from state and local governments, perhaps without even notifying them. For issues where state laws are in direct conflict with federal laws, the implications for states’ rights are serious. For example, several states maintain lists of registered medical marijuana patients. Could a federal agency force or coerce Google to turn over lists of names without permission from the state?“
Put in such a simplified way without the usual spin about security and 99.999 percent availability from Google seems scary. That a large company is tending our country’s municipal data in its server farms is sort of sinister sounding and downright Orwellian.
Davidoff raises good points about some scary issues. Imagine another government getting control of data stored in Google Apps (but, I wonder, what would they be able to do with this data? I doubt the city governments are trafficking in classified intelligence, but who knows but them?).
Moreover, view this notion through the lens that some experts — cloud aficionados would call them alarmists — who claim there will be a “cloud catastrophe” in 2010.
In this following interview on BusinessWeek.com, Mark Anderson, publisher of high-tech newsletter Strategic News Service, http://feedroom.businessweek.com/index.jsp?fr_story=8b1bce979e7a88d3007250eebf89f235f6995b50 predicts there will either be a major security breach or service outage in the cloud. Scroll to the 6:20 mark for the sky-is-falling on the cloud scenario:
Should would be scared witless or merely wary? I have faith in Google to this point, and apparently so do governments. Do you as a consumer? How about as a business leader?
I’d like to know.