Privacy Concerns On Google's 30 Day Data Policy

darkmonkeh writes ""Google Inc. is offering a new tool that will automatically transfer information from one personal computer to another, but anyone wanting that convenience must authorize the Internet search leader to store the material for up to 30 days", CNN reports. Although Google's policy states that it can hold data for up to 30 days, "Google intends to delete the information shortly after the electronic handoff, and will never retain anything from a user's hard drive for more than 30 days", said Sundar Pichai, director of product management. With pressure on Google after the request by the Bush administration for personal information, privacy concerns may be hard hitting."

advertising?

Does this give Google the right to search the data for advertising purposes? Google desktop could easily have small text-bases ads relevant to data in my MyDocuments folder.

Fortunately...

...you can count on Slashdot to re-post it every few days, so don't worry about the 30-day expiration.

pirates?

could you give this out and let people download your drive for up to 30 days?

Retention of Data

I suspect that this is just due to their data model of redundant machines. As with GMail, they can't guarentee deletion of the material in a time period less than thirty days, although it may actually be retained for much less.

So ?

Whit google already indexing the whole web, including several private ftp servers and file storage servers (both public and private) it will not be something new.

Mind you grammar!

> Whit google already indexing the whole web

That should be "whit teh google", sillyhead.

Here's a question:

From TFA:

To enable the computer-to-computer search function, a user specifies what information should be indexed and then agrees to allow Google to transfer the material to its own storage system. Google plans to encrypt all data transferred from users' hard drives and restrict access to just a handful of its employees.

Why exactly do any of Google's employees need access to this information? Why can't the content be encrypted by the user via an asymmetric key scheme (like PGP) and decrypted again once it's reached the target system?

I'm really not seeing the necessity for Google to have any access at all to users' information...am I missing something?

Re:Here's a question:

They're not evil, but they still want to see those pics of your girlfriend naked.

Don't Do It

"With pressure on Google after the request by the Bush administration for personal information, privacy concerns may be hard hitting."

If you have privacy concerns, don't use the service. If you are stupid enough to transfer private or sensitive information over someone elses network, let alone store it on their drives, you deserve what you get. I use some online storage for information that I would not want to lose in the event of a catastrophe at my home, but it is nothing I consider sensitive. If it was, I would either store it elsewhere or use some kind of encryption on the files.

Re:Don't Do It

If you have privacy concerns, don't use the service.

The same can be said for online banking, email correspondence, chat, IM, or P2P. The fact is you have to be smart about who you let have access to what data. It's hard enough protecting your security in just the above arenas, without letting an outside group have access to your hard-drive. Another service I don't think I'll be touching anytime soon.

Ugh...

This has nothing to do with your rights online. It's an opt in service. No one is being forced to do anything. If you don't like the TOS, don't use it.

As reported on SANS...

... http://isc.sans.org/diary.php?storyid=1113 [sans.org]

Technical feasibility?

I suspect that the 30 day requirement is a matter of technical feasibility rather than "evil intentions." I seem to recall Google announcing that it could not guarantee that email deleted from Gmail would be deleted from Google's data storage system, at least immediately. When you consider how much redundant storage Google holds, and how that storage is distributed around the world, the 30 day provision may be more of a CYA from legal liability.

The policy may very well translate into "We will make a best effort to delete the information when you instruct us to do so, but we will only guarantee that the information will be deleted within 30 days."

Wait...

Aren't ISPs required by law to keep generally more incriminating information for longer? Haven't multiple bank/credit agencies 'lost' the whole of personal information for tens of thousands of customers lately? Why is Google's privacy suddenly more worrying?

Not to mention

I work for a healthcare company, and we have already attempted to block Google Desktop at our proxies. There are HIPAA concerns with allowing users to transfer personal data between their work machines and . But we're not the only ones, banks and other healthcare companies will eventually do the same.

Hopefully this will be sufficient. If not, we will need to block access to all of Google, which would seriously upset many people within the company, and of course this will cascade to other organizations. Will Google be happy it's pissing off a bunch of Fortune 50 companies?

How else could they transfer the data

They have to retain it for a certain period:
1. Turn on computer A, and indicate you want to sync with computer B
2. Data is copied to googles servers
3. Turn on computer B, and your data automagically appears.

Without the google servers, both systems need to be on all the time, and data retaining issues, as well as another google tool are a non issue.

What about GMail?

Pretty much half my life is saved in my GMail anyway, so I figure what the hell, why not? Just from reading TFA my concern would be less with the government and more with other security/privacy breaches, though.

For Mac users it's really easy

Create a tarball or zip of your home directory and overwrite the home directory with the same name on another Mac. Reset permissions if needed. Problem solved, no third party. *scratches head* Come to think of it, the only group that has problem with this is the Windows users with all of their hidden, protected yada yada directory crap.

One more area where Microsoft creates markets, sometimes for their competitors.

In dubio pro reo

Now, I'm a big fan of privacy and having my data securely and tightly to my chest.

But, to show off some more latin, cui bono? What's google's gain in the game? What could they possbily gain from having access to my data? My highly sensitive christmas pics?

Hardly.

What they do get in that way is an idea where people and data travels. Information about their users. That's it. And that's by far more valuable than your grocery list or granny's phone number. IMO they don't care about your data. What they want is the information where data comes from and where it goes to. And that can be simply achived by tracking where you are when you dump the files on them, how long they stay there and where you are when you pick them up again (or, what's also possible, where the person is that picks them up).

That's the info they're after. Not your files themselves.

So why the 30 days? Well, this could be connected with their update and deletion cycles. As someone already pointed out, their servers are most likely redundant. It's not like at home, where you simply hit "del" to get rid of a file. Their array of servers first of all has to realize that the file is actually supposed to be deleted. Or it could be that they are using some nightly job to clean up and purge all the "waste" data, and that this can't be done during normal operation, not even more than once a month, simply because the servers got better things to do.

So, in a nutshell, I don't suspect "evil" in that 30 days cycle. More likely, it's simply a technical necessity, and a legal one too. So people don't start suing them 'cause the files are still on their servers 10 days after they picked them up.

Safety

This is basically using Google's storage as a BigAssDisk(tm) for you to move/wipe your machine. Think about what would happen if they didn't do this:

1) User "saves" his data to google.
2) User wipes and rebuilds his PC.
3) User loads his data from google, after which google immediately forgets it.
4) User realizes that his drive was set up incorrectly and repeats step 2.
5) User says, "Fuck. I thought I'd saved that!"

They're emulating a temporary backup tape in this case, so they're acting more like one. Destructing 30 days after last use is reasonable (it is a temporary tape) and indeed useful. Destructing 30 seconds after first use is potentially catestrophic.

bandwidth impact?

What's the likely impact on Verizon's data network if you have millions of users all over the world sending data constantly to Google's server farm for this new service in addition to the already high amount of web traffic? Verizon is going to be pissed.

Google file system

If you read the white paper on how the google file system platform works, this makes perfect sense. The provision is a CYA to make sure that the customer knows that while google makes every attempt to remove the data quickly, the system only marks files for deletion. Files are later ACTUALLY deleted by an automated sweep.

http://labs.google.com/papers/gfs-sosp2003.pdf [google.com]

Let's rewrite this article.

Google Adresses Privacy Concerns With New '30-Day' Policy

"Following stern warnings [eff.org] by the EFF and other consumer groups over Google's new 'Search Across Computers' feature, the company has responded by implementing new policies aimed at protecting their users' privacy. The steps taken by the search giant include encrypting all the user's information and restricting its access to just a handful of employees. And if that's not enough to allay privacy concerns, Google has promised to delete all data within 30 days [cnn.com]. In an industry where more extensive data usually leads to higher profits, this tradeoff made by the company appears to be placing customer priorities over shareholder priorities." Looks like someone's trying to earn back their "Do no evil" motto.

Oh dear

With pressure on Google after the request by the Bush administration for personal information, privacy concerns may be hard hitting.

Me: okay, delete data
Google: I'm sorry, Dave. I'm afraid I can't do that....

encryption?

Couldn't they encrypt the data in such a way that they (Google) couldn't even read it? Perhaps data could be encrypted/decrypted client-side so the their servers never even know the decryption keys...?

This doesn't make any sense

So it's based on the presumption that it's easier to transfer your whole hard drive than sort through the data and burn only what you need. Even with broadband and a reasonably small (5gb) hard drive, you're talking a good day or two at constant top speed (40kbps for me). I think just a small amount of effort in cherry-picking what you really need on the other computer could easily fit on a burned cd or dvd, and take up infinitely less time.

Besides, won't Microsoft throw a hissyfit about this? Technically, if I upload my entire c:\, google now has a copy of windows it didn't pay for. Along with every other registered program in my program files directory. I can't imagine Sony would be too pleased either when they find out I rip my DVDs to hard disk and pass 'em along to google.

Boiling a Frog

(First, this is not an Anti-France post.)

Google is starting to creep me out. I've been in love with them and their "Don't be evil" thing, and have adopted many of their tools, including GMail. But, they are starting to do things that make me wonder if we are the frog that is destined to be boiled.

You know:

How do you boil a frog?
Put him in a pot of cold water then slowly increase the heat.

I'm thinking we are going to turn around one day and wonder how Google got all our data. It will follow the revelation that all the data Google had was exposed to a hacker, or sold by a disgruntled employee, or accessed by Chinese Military Intel.

Government Mandated Retention

No matter what Google says their current retention policy is, I expect that the U.S. government will eventually require sites like Google to maintain all data on their users for a specified period, probably years. The government wants to know all about you, and under the guise of 'hunting terrorists', they'll get it.

Nothing to see here

This is not a new function that will act as a big network based hard drive. This is simply the index that google desktop search uses that is being shared.

Let me get this straight

Google is allowing people to use their servers as a temporary holding pen for information so that you can transfer it from one machine to another. People are complaining about privacy because, um, why? Because the data isn't just on their computer any more? How does this differ from an FTP server or services like Dropload [dropload.com]? I'm betting that Google's 30 day policy is a nuisance number designed to protect them from litigation in case the auto-wiping fails. This way they can re-image their hard drives every 30 days to protect themselves.

To be honest, I think that they should be commended for making the full disclosure. If privacy advocates are concerned, then privacy advocates should avoid using the service.

Any suggestions other than Google for enterprise?

Our IT guys don't want anything to do with Google. They think, rightly or wrongly, that Google is a potential IP leak. Fine, but we really need to be able to Googlelike search our network volumes. What other products can I suggest to them?

Send a message to Google

[I posted this yesterday, but since it followed about 200 other comments,
  I'll try again.]

For the past few days, I've been doing Google searches that look like this:
            "Google, what is your data retention policy?"
    and
            "2037: My cookie is *still* here?"
    and
            "Hi to my friends at NSA"

Google would notice if enough of you do the same.
I suggest doing searches on the hour: 1PM, 2PM etc., so the clustering
will draw attention. Have fun.

encrypt the encrypted

So why can't I encrypt the data I want to transfer, and then transfer it through this Google service?

That way, they encypt my already encrypted data. The government wants to see it, the "handful of employees" want to see it, it's encrypted.

Am I missing something? Does it say anywhere you can't do that?

No one is forcing people to use Google's service

You want to play, you play by the ref's rules. ;-)

I'm really surprised peopel are getting bent out of shape over this. There are other methods besides Googles new service. use those if you don't agree with Googles TOS.

Hotmail has this, too

When your Hotmail address gets deleted due to inactivity (or even by your request), your email is kept for 30 days in case FBI wants to take a look at it. I think there's a law that forces them to do so, so everyone else has to do it.

One of the reasons why I love my colocated server

Being able to store files temporarily while moving them between machines is a very valuable tool. While everyone else is futzing around with USB keys I just use SCP. Plus, using unison [upenn.edu] I keep a common directory synchronized on my laptop, server, and workstation at home. This is extremely useful :) Now, if only Comcast would offer a faster file upload from home it would be even better.

Plus, because the machine is mine I don't have to be concerned about privacy. I also give accounts to friends and aquaintences, allowing them access to the same resource. And, of course, to set aside any further privacy concerns files can always been encrypted before transfer.

Well Of Course...

They need the 30 days so they can sell any Chinese democracy activist up the river if he or she is so foolish as to use this service.

Another Violation of MY Privacy

I keep my money at the bank! The bank can be subpoenad by the federal courts and all my information gets sent to the courts.
Our privacy is seriously intruded upon by this blatant, monolithic overseeing of MY OWN PERSONAL history. Based on this I can be held accountable for my actions AND THAT IS BS!

What if I was to rob a bank and inject a large amount of cash??? They could trace me and that isn't fair!!!

So please stop all data gathering because what if all americans were terrorists then we would be all be put in jail for our actions. Or what if _I_ was a terrorist, then I would be put in jail and that is BS. Even if I wasn't a terrorist _I_ may have to go to court and defend myself and if I was maybe just a little terroristy I could be held accountable! This is BS and I don't like it, close the banks and long live leeroy.

Now imagine encrypted p2p on this (or GMail)

Just think about it - 20 gmail accounts exchange encrypted data chunks - your traffic is null, google traffic is null...

You just register your email with a private tracker and in a few hours get your "linux distribution" as an email attachment...

Is this not just the foldershare plugin?

http://desktop.google.com/plugins/i/foldershare.ht ml [google.com]

Which seems kinda hard to force people to use.

All the articles I have read seem a bit lite on details. Where do we get the idea that this is in some way involuntary in the current google desktop? My version 3.0.128.1 does not seem to have anyway to enable or disable such a feature. Besides, if it wants to share my terabyte raid of mp3s and ancient backups in iso format, it is gonne clog up the pipe for quite a while...

Any links to real info on this?

If this is coming down the pike/pipe, then who can speak about it without violating their NDA?

All you google admins reading this should know enough to bounce an AC comment through an anon shell in europe.

What is the truth in this broughaha.

p2p just got a new name!

And it's Gooogle.

Did we miss a "secret cult invisible gif" or?

I can't believe people still "defend" Google like they are kind of unpaid PR officials.

The services offered by Google lately are... Spyware. I can't imagine the number of non US (or USA) govt. workers relying on Google for their private mail and now this, storing PERSONAL DATA on their network!

Were there a "hidden gif" somewhere on Google page that we missed? "We" as people using other search engines etc.

If there is a thing like that, please tell the address, all of this looks so surreal to me (and others). :)

Or don't jump up and down next time shouting "spyware!" when $400 Software package you purchased tries to access to net, to check for updates!

Optional

Remember, this service is optional. Google can create whatever policy they like... if you don't like their policy, don't use their service. Sheesh, if it is really that bad, eventually competition from other companies will change things.

What's w/the Google FUD lateley?

What's w/the Google FUD lateley? I'm really curious; there's not a day that goes by lately without a FUD "story" appearing somewhere. It's very apparent that Google has seriously pissed off some people, as the so-called media has really been going at it lately w/their Chicken Little FUD & Fluff; sad really.

Another little rant: Google only has the info *you* GIVE THEM. I don't need GMail, nor do I need some lame Desktop search; why would I? As a professional, I need to be organized; if I need some tool to find my files, then I've got bigger problems than a few misplaced documents.

Seriously, what's the issue here? If you don't want SkyNET to have your data, THEN DON'T GIVE IT UP.

I'm just fine w/my old-school POP mail w/occasional web access while out of town, and I store my docs the same place I've stored them over the last ~20 years: where they belong, in a logical folder structure. Now before someone posts some weak, contrived example of a file that could be possibly belong in 2 different folders, I offer you the advanced technology of the 'ln' command, or its GUI counterparts.

Whew, I feel better now.

Bush? What about China!!!

Really, what about China? Google gave into China's censorship demands without a moment's hesitation while at the same time fighting off a somewhat harmless request for information from the US Justice Department. So in all fairness I'm not worried about Google giving the data to the US government, they've already shown they won't do that.
But I am worried about them giving it to China, because they've already shown that they won't fight the Chinese government.

And no, this isn't meant as a troll or flamebait. I just find their behavior to be rather contradictory and to put it mildly, odd.

Re: Wow.

> Next you'll have to share your DNA configuration.

Not so bad, if you get to choose who you share it with!

Re: Wow.

Please elaborate. I can't think of a good reason for wanting to share DNA configs with anyone. :)

Re: Wow.

> Please elaborate. I can't think of a good reason for wanting to share DNA configs with anyone. :)

That should be in the Slashdot FAQ by now.

Re:Wow.

Yeah, I know. It's so horrible how we're all forced to used this free service.

Re:LeftDot FUD alert!

repeatedly assert that 'Bush was trying to find out our personal information' is by this time just repeating a lie.

Don't be naive.

Considering, that they get a lot of information using other methods, they can easily cross-match the data.

Plus, the exact technical details about that request aren't known, so it's you who's too complacent.

Re:LeftDot FUD alert!

to repeatedly assert that 'Bush was trying to find out our personal information' is by this time just repeating a lie

Because this is so out of character [google.com] for the Bush administration?

There never was any "request by the Bush administration for personal information." All the Justice Department asked for was a list of all search terms from a given time period.

And what if the search terms themselves ARE personal?