[IP] Google Desktop 3 can move restricted data into Google's servers?
do read the url and make safe decisions. djf
-------- Original Message --------
Subject: Google Desktop 3 can move restricted data into Google's servers?
Date: Fri, 03 Mar 2006 13:25:26 -0800
From: Joseph Lorenzo Hall <joehall@xxxxxxxxx>
Reply-To: joehall@xxxxxxxxx
To: Dave Farber <dave@xxxxxxxxxx>
The below alert claims that Google Desktop 3 copies files from your
computer to Google's servers. I hope that this is incorrect, although
even copying an index of some sort of the contents of a computer with
sensitive information seems like a bad idea. -Joe
---------- Forwarded message ----------
From: Steve Chan <...@xxxxxxxxx>
Date: Mar 3, 2006 11:10 AM
Subject: [fun@sims] Google Desktop 3 can move restricted data into
Google's servers
Just FYI, if you have sensitive data on your computer (such as
data related to research projects subject to HIPPA, FERPA, GLBA) then
Google Desktop may put you in violatation:
http://istpub.berkeley.edu:4201/bcc/Fall2006/905.html
The Berkeley announcement doesn't lay out the sorts of things that
may be violated, but this message to the UCSD community is quite
clear:
UCSD
CAMPUS NOTICE
University of California, San Diego
OFFICE OF THE SENIOR VICE CHANCELLOR -
ACADEMIC AFFAIRS
OFFICE OF THE VICE CHANCELLOR -
BUSINESS AFFAIRS
February 22, 2006
ALL ACADEMICS AND STAFF AT UCSD (Including UCSD Healthcare)
SUBJECT: Google Desktop Security Exposure
Google Desktop V.3 contains certain features that raise serious
security and privacy concerns. Specifically, the "share across
computers" feature that introduces the ability to search content from
desktop to desktop greatly increases the risk to users' privacy. If
Google Desktop V.3 is set to allow "Search Across Computers" files on
an indexed computer are copied to Google's servers. We recommend that
individuals seriously consider the potential for information stored on
their computers to be accessed by others if they enable this feature
of Google Desktop V. 3 on their computers.
Employees of the University (whether student, regular staff or
faculty) who have confidential data on their work or home computers
should not enable this feature. There are both privacy laws and
university policies that could be violated through the installation of
this feature, specifically, SB 1386, HIPPA, FERPA and GLBA.
While some of the features of Google Desktop V.3 are enticing to
faculty, students, and staff, it is important to understand how
information is collected, stored, and shared through this application,
and the potential privacy risk to individuals.
Please review and share this information widely.
Helpful References:
Google Source:
http://desktop.google.com/features.html#searchremote
Policies about Protecting Data:
http://blink.ucsd.edu/Blink/External/Topics/Policy/0,1162,1861,00.html
For a good summary of the privacy concerns related to Google Desktop
V.3, see:
Electronic Frontier Foundation:
http://www.eff.org/news/archives/2006_02.php#004400
Technical Paper from University of Michigan's IT Security group:
http://safecomputing.umich.edu/tools/download/gd_security.pdf
For questions regarding this message, contact Charlotte Klock,
Director ACT Data Center, at cklock@xxxxxxxx or (858) 822-1223 or Tony
Wood, Director of Academic Computing Services, at twood@xxxxxxxx or
(858) 534-4050.
Marsha A. Chandler
Senior Vice Chancellor -
Academic Affairs
Steven W. Relyea
Vice Chancellor -
Business Affairs
--
Joseph Lorenzo Hall
PhD Student
UC Berkeley, School of Information
<http://josephhall.org/>
blog: <http://josephhall.org/nqb2/>
This email is written in [markdown] - an easily-readable and parseable
text format.
[markdown]: http://daringfireball.net/projects/markdown/
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/