Computerworld - In a development that is already causing alarm among privacy advocates, search engine giant Google Inc. is reported to be enlisting the help of the National Security Agency to investigate recent cyberattacks that Google says originated from China.
The Washington Post, quoting unnamed sources, today said that the NSA and Google are in the process of finalizing an agreement under which the NSA will help Google better defend itself against future attacks. Under the deal, the NSA would not get access to users' search information or e-mail accounts and Google would not share any proprietary data, the source claimed.
Google approached the NSA shortly after the cyberattacks, which it said were launched from China. However, the deal will take time to hammer out because of the sensitive privacy issues involved. If the deal goes through, it will be the first time that Google has entered into a formal information-sharing relationship with the NSA, the Post quoted its source as saying.
In response to a request for comment, a Google spokesman pointed to a blog post dated Jan. 12 and written by David Drummond, Google's senior vice president and chief legal officer. Titled "A new approach to China," it explains Google's concerns over the attacks, which it said also affected at least 20 other companies.
In the post, Drummond said that after the attacks, Google took the "unusual step" of sharing attack information with a "broad audience." This information, Drummond said, "goes to the heart of a much bigger global debate about freedom of speech." Drummond's post did not say with whom the company shared the attack information.
In an e-mailed statement, an NSA spokeswoman said the agency does not comment on specific relationships it may or may not have with U.S. companies. "We can say as a general matter, however, that as part of its longstanding Information Assurance (IA) Mission, NSA works with a broad range of commercial partners and research associates," on cybersecurity related issues, the statement said.
Even so, the prospect of the world's largest search engine company teaming up with the country's largest spy agency is already setting off alarms within the privacy community.
Marc Rotenberg, executive director of the Washington-based Electronic Privacy Information Center, said any relationship between the two would be "very problematic."
"We would like to see Google develop stronger security standards and safeguards for protecting themselves," he said. "But everyone knows the NSA has two missions: One is to ensure security, and the other is to enable surveillance."
Whenever the NSA has entered the private security realm, there have been problems, Rotenberg said. In the 1990s, for instance, the NSA's role in network security resulted in weakened encryption standards all around. "We have had a long-running debate about the impact of NSA's role in the security realm," he said. A partnership with Google raises those questions all over again.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
Richi Jennings: Eolas shakedown -- please don't feed the (patent) trolls