Reported Google-NSA alliance sets off privacy alarms
Update: Google, NSA may partner on cybersecurity, Washington Post says
Computerworld - In a development that is already causing alarm among privacy advocates, search engine giant Google Inc. is reported to be enlisting the help of the National Security Agency to investigate recent cyberattacks that Google says originated from China.
The Washington Post, quoting unnamed sources, today said that the NSA and Google are in the process of finalizing an agreement under which the NSA will help Google better defend itself against future attacks. Under the deal, the NSA would not get access to users' search information or e-mail accounts and Google would not share any proprietary data, the source claimed.
Google approached the NSA shortly after the cyberattacks, which it said were launched from China. However, the deal will take time to hammer out because of the sensitive privacy issues involved. If the deal goes through, it will be the first time that Google has entered into a formal information-sharing relationship with the NSA, the Post quoted its source as saying.
In response to a request for comment, a Google spokesman pointed to a blog post dated Jan. 12 and written by David Drummond, Google's senior vice president and chief legal officer. Titled "A new approach to China," it explains Google's concerns over the attacks, which it said also affected at least 20 other companies.
In the post, Drummond said that after the attacks, Google took the "unusual step" of sharing attack information with a "broad audience." This information, Drummond said, "goes to the heart of a much bigger global debate about freedom of speech." Drummond's post did not say with whom the company shared the attack information.
In an e-mailed statement, an NSA spokeswoman said the agency does not comment on specific relationships it may or may not have with U.S. companies. "We can say as a general matter, however, that as part of its longstanding Information Assurance (IA) Mission, NSA works with a broad range of commercial partners and research associates," on cybersecurity related issues, the statement said.
Even so, the prospect of the world's largest search engine company teaming up with the country's largest spy agency is already setting off alarms within the privacy community.
Marc Rotenberg, executive director of the Washington-based Electronic Privacy Information Center, said any relationship between the two would be "very problematic."
"We would like to see Google develop stronger security standards and safeguards for protecting themselves," he said. "But everyone knows the NSA has two missions: One is to ensure security, and the other is to enable surveillance."
Whenever the NSA has entered the private security realm, there have been problems, Rotenberg said. In the 1990s, for instance, the NSA's role in network security resulted in weakened encryption standards all around. "We have had a long-running debate about the impact of NSA's role in the security realm," he said. A partnership with Google raises those questions all over again.
Web giants attacked
- White House orders security review in wake of WikiLeaks disclosure
- Leaked U.S. document links China to Google attack
- Update: Researchers track cyber-espionage ring to China
- Google, China now playing cat and mouse?
- McAfee: 'Amateur' malware not used in Google attacks
- Military warns of 'increasingly active' cyber-threat from China
- China: Google 'totally wrong' to stop censoring
- Update: Google stops censoring in China
- Google's China ad partners wait in 'incomparable pain'
- Google may soon leave China, reports say
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts