Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

Google Desktop 3 can move restricted data into Google's servers?

From: Dave Farber <dave () farber net>
Date: Fri, 03 Mar 2006 16:41:54 -0500
do read the url and make safe decisions. djf

-------- Original Message --------
Subject: Google Desktop 3 can move restricted data into Google's servers?
Date: Fri, 03 Mar 2006 13:25:26 -0800
From: Joseph Lorenzo Hall <joehall () gmail com>
Reply-To: joehall () pobox com
To: Dave Farber <dave () farber net>

The below alert claims that Google Desktop 3 copies files from your
computer to Google's servers.  I hope that this is incorrect, although
even copying an index of some sort of the contents of a computer with
sensitive information seems like a bad idea. -Joe

---------- Forwarded message ----------
From: Steve Chan <...@gmail.com>
Date: Mar 3, 2006 11:10 AM
Subject: [fun@sims] Google Desktop 3 can move restricted data into
Google's servers


    Just FYI, if you have sensitive data on your computer (such as
data related to research projects subject to HIPPA, FERPA, GLBA) then
Google Desktop may put you in violatation:

http://istpub.berkeley.edu:4201/bcc/Fall2006/905.html

   The Berkeley announcement doesn't lay out the sorts of things that
may be violated, but this message to the UCSD community is quite
clear:

UCSD
CAMPUS NOTICE
University of California, San Diego


             OFFICE OF THE SENIOR VICE CHANCELLOR -
                                   ACADEMIC AFFAIRS

               OFFICE OF THE VICE CHANCELLOR -
                                    BUSINESS AFFAIRS

                                       February 22, 2006


ALL ACADEMICS AND STAFF AT UCSD (Including UCSD Healthcare)

SUBJECT: Google Desktop Security Exposure

Google Desktop V.3 contains certain features that raise serious
security and privacy concerns. Specifically, the "share across
computers" feature that introduces the ability to search content from
desktop to desktop greatly increases the risk to users' privacy. If
Google Desktop V.3 is set to allow "Search Across Computers" files on
an indexed computer are copied to Google's servers. We recommend that
individuals seriously consider the potential for information stored on
their computers to be accessed by others if they enable this feature
of Google Desktop V. 3 on their computers.

Employees of the University (whether student, regular staff or
faculty) who have confidential data on their work or home computers
should not enable this feature. There are both privacy laws and
university policies that could be violated through the installation of
this feature, specifically, SB 1386, HIPPA, FERPA and GLBA.

While some of the features of Google Desktop V.3 are enticing to
faculty, students, and staff, it is important to understand how
information is collected, stored, and shared through this application,
and the potential privacy risk to individuals.

Please review and share this information widely.

Helpful References:

Google Source:
http://desktop.google.com/features.html#searchremote

Policies about Protecting Data:
http://blink.ucsd.edu/Blink/External/Topics/Policy/0,1162,1861,00.html

For a good summary of the privacy concerns related to Google Desktop
V.3, see:

Electronic Frontier Foundation:
http://www.eff.org/news/archives/2006_02.php#004400

Technical Paper from University of Michigan's IT Security group:
http://safecomputing.umich.edu/tools/download/gd_security.pdf

For questions regarding this message, contact Charlotte Klock,
Director ACT Data Center, at cklock () ucsd edu or (858) 822-1223 or Tony
Wood, Director of Academic Computing Services, at twood () ucsd edu or
(858) 534-4050.



                         Marsha A. Chandler
                         Senior Vice Chancellor -
                         Academic Affairs

                         Steven W. Relyea
                         Vice Chancellor -
                         Business Affairs

--
Joseph Lorenzo Hall
PhD Student
UC Berkeley, School of Information
<http://josephhall.org/>
blog: <http://josephhall.org/nqb2/>

This email is written in [markdown] - an easily-readable and parseable
text format.
[markdown]: http://daringfireball.net/projects/markdown/

-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: