Slashdot Mirror

← Back to Stories (view on slashdot.org)

Are You OK With Google Reading Your Data? (infoworld.com)

Posted by EditorDavid on from the I'm-feeling-lucky dept.

Remember when Google randomly flagged files in Google Docs for violating its terms of service? An anonymous reader quotes InfoWorld: Many people worried that Google was scanning users' documents in real time to determine if they're being mean or somehow bad. You actually agree to such oversight in Google G Suite's terms of service. Those terms include personal conduct stipulations and copyright protection, as well as adhering to "program policies"... Even though this is spelled out in the terms of service, it's uncomfortably Big Brother-ish, and raises anew questions about how confidential and secure corporate information really is in the cloud.

So, do SaaS, IaaS, and PaaS providers make it their business to go through your data? If you read their privacy policies (as I have), the good news is that most don't seem to. But have you actually read through them to know who, like Google, does have the right to scan and act on your data? Most enterprises do a good legal review for enterprise-level agreements, but much of the use of cloud services is by individuals or departments who don't get such IT or legal review. Enterprises need to be proactive about reading the terms of service for cloud services used in their company, including those set up directly by individuals and departments. It's still your data, after all, and you should know how it is being used and could be used...
The article argues that "Chances are you or your employees have signed similar terms in the many agreements that people accept without reading."

11 of 154 comments (clear)

  1. No by Anonymous Coward · · Score: 3, Funny

    Source: Ian Betteridge

  2. Sure by nospam007 · · Score: 4, Funny

    For my secrets and crimes, I use encryption.

    1. Re:Sure by lucaiaco · · Score: 2

      For my secrets and crimes, I use encryption.

      For everything else ...

  3. No. by QuietLagoon · · Score: 3, Insightful

    That's why I don't use google (and other) cloud services.

  4. It is their business model by 605dave · · Score: 5, Informative

    I have never been a fan of Google starting with gmail. Google's business from day one was to collect as much data on you as possible and either use that data themselves or sell it to others. It boggled my mind why anyone would use gmail because of the privacy issues, but then realized that email was so hard to set up at the time that it was the path of least resistance for the masses. And in the process they gave up more than they realized. All of this goes for Facebook as well.

    --
    Be kind, for everyone you meet is fighting a difficult battle. - Plato
  5. If I use Google, I might like my data back by El+Cubano · · Score: 2

    If I use Google, I expect that I should be able to get my data back at some point. Perhaps when I log in to GMail, and maybe at other times. Providing that service without a few calls to read() seems infeasible.

    Oh, did you mean something else by the headline?

  6. Yes by TechyImmigrant · · Score: 5, Insightful

    When I put unencrypted data on a cloud drive, it doesn't matter what the legal agreement is. The underlying truth is that the data can be read. Act accordingly. Don't put unencrypted data on a cloud service drive that you don't want to be read by someone else, whether the service provider or some other entity (government, hacker, malcontent employee etc.).

    When you are running a business, this is a tradeoff. The costs of hosting it yourself and making sure it's backed up, available and secure are significant. Do you care more about Google reading your stock report than you care about putting in time and money to host it yourself. In many cases it's a slam dunk and the data gets hosted on Google for a reasonable fee. In some cases, the data goes in a secure place in a secure manner, but it's a small fraction of the data.

    --
    I should use this sig to advertise my book ISBN-13 : 978-1501515132.
  7. How to disconnect from Google by Anonymous Coward · · Score: 5, Informative

    Google has done a lot of good for the world, but also a lot of bad. It needs to be put into check, and that can only happen if users hold it to account and hit it in the pocketbook. That means if anyone really cares about this, they need to cut off the ability of Google to monetize them. Of course, that does NOT mean going to Microsoft or some other equally-dubious company. Pick strong, private alternatives.

    1. Get away from Gmail. Use a privacy-friendly alternative e-mail service like Startmail or ProtonMail. Yes, you will probably have to pay. You are either paying cash or paying with your data.

    2. Break off Google search. Use DuckDuckGo to keep your searches private. If you want Google results, use Startpage instead; it will search Google privately on your behalf, preventing it from monetizing you.

    3. Ditch Chrome. If you love the UI, then use the open source Chromium instead. Otherwise use Firefox (which is about to get a LOT better with the new overhaul debuting later this month) or Brave. Use your browser with ad blockers like Disconnect, uBlock Origin, AdBlock Plus and Privacy Badger to stop Google and others from serving you tracking ads.

    4. If you use an Android, consider running CopperheadOS on your phone. It is built on Android code, but hardened for security and free of Google data mining.

    5. Say no to Google cloud storage services. If you want a high security option, use SpiderOak. Otherwise, you can use Boxcryptor to locally encrypt your files before sending them to the cloud so that they cannot be data mined.

    1. Re:How to disconnect from Google by fermion · · Score: 2
      It is naive to think anyone who uses a computer can get away from Google without expending an impractical amount of effort and money. It is also unreasonable to think that Google is the problem, not the structure of the free services on the internet. What is reasonable is to weight the risks and benefits of the services we use. To apply the popular car analogy, not everyone pays for a car that is build for security because the benefits for a particular person may not be that great. For instance, a car that is difficult to steal may also be difficult to modify or even may not start if if one of the checks are faulty.

      There are two things we know. We know that if we are not paying a fee to support the service, then the end user is the product. We know that corporate can get to our data, and profit pressures will promote bad behavior if a corporate entity, for instance Verizon, is facing profit pressures. In the case of google, we know that it's business model is to mine data, and that Documents and Drive were arguably developed to facilitate that collection.

      Take google drive for instance. We have always known that google has access to the data, and that google controls if we have access to the data. For me that means that anything that is secure, anything that is critical, goes on a paid service. However, I use Drive and Documents for certain things because it is a good solution. It does not matter if Google has my data. It does not matter if tomorrow google shuts down the service.

      Gmail is the same thing. For most people the cost of a paid service is not going to be meaningful. I wonder about the people who do business over gmail, a paid hosting and domain name is less than $100 a year, but for them maybe their business is not serious.

      Google makes it money by tracking every move on the web. It does not matter the website, web browser, service used. Ads, ad tracking, click tracking, is everywhere.

      --
      "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
    2. Re: How to disconnect from Google by xenoc_1 · · Score: 2

      For alternative browser, also consider Vivaldi.

      Chromium-based but different UI, very configurable, with option for status bar, separate search box, much of the user-has-control philosophy of old-school Firefox. From the some of the original founders and developers of Opera, with much of its design flexibility but none of the now-Chinese company. No Operas services. Uses the Chrome web store, not the sketchy Opera one.

      Win, Mac, Linux. Unlike Chrome still supports 32-bit as well as 64-bit, so there's a fully-enabled Chrome-compatible production-stable browser for things like repurposed XP machines, netbooks, and other low-end PCs that run Linux 32-bit well but can't run 64-bit, which Chrome abandoned. Unlike Chromium it does have the API license keys and code bits for Chromecast and some other "must be Google" services. But otherwise none of the googlybits.

      No sync at all, so no passwords, history, form-fill nor bookmarks going up to Google (or Microsoft or Mozilla depending on browser) servers at all. But supports extensions for KeePass, LastPass, Xmarks, etc. so you can roll your own private sync or trust a commercial but non-Google service of your choice, at least for passwords, and if Xmarks then bookmarks. I'm using KeePass 2 with chromeIpass extension, with the KeePass database on my ownCloud on my own VPS. But I could put that anywhere.

      Vivaldi is working on their own sync but it's not out yet. Nor is their same-sync-ecosystem proposed Android browser. But with third party sync you can work around that. 3rd-party sync or no sync at all is a privacy upgrade over Chrome (or any browser maker's) built-in sync anyhow.

    3. Re:How to disconnect from Google by thegarbz · · Score: 3, Interesting

      Or I could just stick with Google, and realise that their not only monetizing my data has provided countless improvements in my life in exchange. I give them my words for better translation. I give them my schedule for better predictive alerts. I give them my location in exchange for better navigation systems and more relevant local search results.

      I could just ditch them. I could also go back to living in a cave. I could do a lot of things, but I won't.

      For better or worse I trust Google with my information as I know it is in their best financial interest to keep that information private. If they sell that information they lose the ability to continuously monetize it. Their corporate agenda aligns with my idea that my information should only be shared in a limited way.

      The same can not be said for a company who's primary source of income is a physical product. They don't have much of an incentive to keep my data private.