Reported Google-NSA alliance sets off privacy alarms
Update: Google, NSA may partner on cybersecurity, Washington Post says
Computerworld - In a development that is already causing alarm among privacy advocates, search engine giant Google Inc. is reported to be enlisting the help of the National Security Agency to investigate recent cyberattacks that Google says originated from China.
The Washington Post, quoting unnamed sources, today said that the NSA and Google are in the process of finalizing an agreement under which the NSA will help Google better defend itself against future attacks. Under the deal, the NSA would not get access to users' search information or e-mail accounts and Google would not share any proprietary data, the source claimed.
Google approached the NSA shortly after the cyberattacks, which it said were launched from China. However, the deal will take time to hammer out because of the sensitive privacy issues involved. If the deal goes through, it will be the first time that Google has entered into a formal information-sharing relationship with the NSA, the Post quoted its source as saying.
In response to a request for comment, a Google spokesman pointed to a blog post dated Jan. 12 and written by David Drummond, Google's senior vice president and chief legal officer. Titled "A new approach to China," it explains Google's concerns over the attacks, which it said also affected at least 20 other companies.
In the post, Drummond said that after the attacks, Google took the "unusual step" of sharing attack information with a "broad audience." This information, Drummond said, "goes to the heart of a much bigger global debate about freedom of speech." Drummond's post did not say with whom the company shared the attack information.
In an e-mailed statement, an NSA spokeswoman said the agency does not comment on specific relationships it may or may not have with U.S. companies. "We can say as a general matter, however, that as part of its longstanding Information Assurance (IA) Mission, NSA works with a broad range of commercial partners and research associates," on cybersecurity related issues, the statement said.
Even so, the prospect of the world's largest search engine company teaming up with the country's largest spy agency is already setting off alarms within the privacy community.
Marc Rotenberg, executive director of the Washington-based Electronic Privacy Information Center, said any relationship between the two would be "very problematic."
"We would like to see Google develop stronger security standards and safeguards for protecting themselves," he said. "But everyone knows the NSA has two missions: One is to ensure security, and the other is to enable surveillance."
Whenever the NSA has entered the private security realm, there have been problems, Rotenberg said. In the 1990s, for instance, the NSA's role in network security resulted in weakened encryption standards all around. "We have had a long-running debate about the impact of NSA's role in the security realm," he said. A partnership with Google raises those questions all over again.
Web giants attacked
- White House orders security review in wake of WikiLeaks disclosure
- Leaked U.S. document links China to Google attack
- Update: Researchers track cyber-espionage ring to China
- Google, China now playing cat and mouse?
- McAfee: 'Amateur' malware not used in Google attacks
- Military warns of 'increasingly active' cyber-threat from China
- China: Google 'totally wrong' to stop censoring
- Update: Google stops censoring in China
- Google's China ad partners wait in 'incomparable pain'
- Google may soon leave China, reports say
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!