When Google Desktop first appeared on the computing scene, it was met with mixed reviews. This new tool offered what Windows didn't -- an easy way to search across your local files, Internet history and e-mail, all in one integrated search. However, it also raised the specter of privacy and security concerns. Where was all that data going? What could/would Google do with the private information they were likely to obtain? Back in November, Mathew Schwartz covered these topics in How to tame Google Desktop. If you weren't creeped out then, now's the time to be full-blown worried about the potential threat posed by this desktop search engine.
Google recently released Google Desktop 3, which includes a nifty new feature called "Search Across Computers." This function has an innocuous-sounding purpose -- it allows you to search any of the computers you own, linked by your Google account. The benefit is that you're able to search for a document on your desktop when you're on the road using your laptop or search your home PC from work, etc.
- Google accounts are owned by individuals, not companies. If one of your employees links a corporate desktop to his or her personal Google account, you're bound to have issues down the road. What happens when that employee leaves the company and still has access to cached data?
- You may have data that you're not entitled to share. Do you have customer data that's subject to privacy laws or policies? If so, does storing this information on Google place you in violation of those policies?
- Do you really trust Google? Their policy says that they will handle desktop search data as "personal information." However, in another policy document, they list acceptable uses of personal information and have some frightening clauses. Those include the ability to use your personal information to display customized content and advertising, and the use of this data for "auditing, research and analysis."
About the author
Mike Chapple, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.