The glitch that shared some Google Docs without owner knowledge earlier this month is still having repercussions. The Electronic Privacy Information Center is asking the Federal Trade Commission to investigate all Google services that involve cloud media storage - Google Docs, Picasa, GMail and Calendar among others. While a positive movement towards accountability should encourage improvement, the trouble involves more than just Mountain View-based Google. Cloud computing trends have accidental sharing due to poor server security as only one of its weaknesses. As GMail outages have shown, server failures have a critical impact on all users of the service. Widespread adoption of Web mail and other server-based applications are not the problem of just Google. Smaller and less reliable services surely suffer the same weaknesses, but the smaller user base naturally receives less coverage.
The EPIC petition cites virtualization dependence as a potential security problem for the multitude of American businesses, federal agencies and individuals who use the services. In the document, the wide user base (69 percent of Americans) and majority that experience concern over the privacy of their remotely-stored information makes the case for action.
Because of the previous FTC opinion of required service provisions to ensure security, the formal complaint includes several requests:
investigation to determine the adequacy of safeguards
assessment of representations made by Google to determine whether unfair/deceptive trade practices were engaged
necessary measures to restrict Google from making these services available until acceptable safeguards are in place
Such restrictions are unlikely, according to Venkat Balasubramani, a Seattle-based cyberlaw expert referenced in MediaPost on Thursday. The recent breach resulted in an unintentional glitch and had limited scope.
The FTC is already investigating the potential security risk of software-as-service practices.