Give Me Convenience or Give Me Death
Posted by Brian Wong
Google Vice President Marissa Mayer: "With everything, you trade privacy for a value-add."
This has long been true, and sometimes the only surprise is how little some people ask in return for their private information.
Google has released a new beta version of Google Desktop 3, a free program that indexes and searches files on personal computers, and which adds a feature to allow users to search across multiple computers. Desktop search has become competitive over the last few years, with most search engines offering free software. Desktop search has always raised privacy concerns for enterprises when employees load the software without permission, but the newest version of Google's desktop search tool raises broader privacy concerns.
Google Desktop 3 allows users to search for information across two or more computers. Once each computer has the software installed, the program tracks data from multiple PCs by copying files to Google servers, which eventually route them back to the PCs. The user selects the files to be found on all the computers, and Google copies the full text of those files to each computer; as part of that process, the files are temporarily stored on Google servers. The Google page says the company only keeps that data for 30 days and will delete the files if they are not accessed, and that the data is never accessible via a Google search.
Google Desktop 3 works with many but not all file types, but the range of file types should make some users pause: web history, Microsoft Word documents, Microsoft Excel spreadsheets, Microsoft PowerPoint presentations, PDF files in My Documents, and text files in My Documents.
Electronic Frontier Foundation (EFF) attorney Fred von Lohmann called this Google feature "an enormous privacy risk for users who choose to utilize it." In a press release, EFF Staff Attorney Kevin Bankston noted that "[u]nless you configure Google Desktop very carefully, and few people will, Google will have copies of your tax returns, love letters, business records, financial and medical files, and whatever other text-based documents the Desktop software can index. The government could then demand these personal files with only a subpoena rather than the search warrant it would need to seize the same things from your home or business, and in many cases you wouldn't even be notified in time to challenge it. Other litigants—your spouse, your business partners or rivals, whoever—could also try to cut out the middleman (you) and subpoena Google for your files."
The EFF press release noted that privacy problem arises because the Electronic Communication Privacy Act of 1986 provides limited privacy protection to e-mails and other files that are stored with online service providers, and less privacy than the legal protections for the same information stored on a home or work computer.
The enterprise version of Google Desktop remains at version 2 and does not have the search across computer features.