Thursday, February 4, 2010

Google Partners with NSA

According to the Washington Post,

The world's largest Internet search company and the world's most powerful electronic surveillance organization are teaming up in the name of cybersecurity.

p>Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google -- and its users -- from future attack.

Google and the NSA declined to comment on the partnership. But sources with knowledge of the arrangement, speaking on the condition of anonymity, said the alliance is being designed to allow the two organizations to share critical information without violating Google's policies or laws that protect the privacy of Americans' online communications. The sources said the deal does not mean the NSA will be viewing users' searches or e-mail accounts or that Google will be sharing proprietary data.

The partnership strikes at the core of one of the most sensitive issues for the government and private industry in the evolving world of cybersecurity: how to balance privacy and national security interests. On Tuesday, Director of National Intelligence Dennis C. Blair called the Google attacks, which the company acknowledged in January, a "wake-up call." Cyberspace cannot be protected, he said, without a "collaborative effort that incorporates both the U.S. private sector and our international partners."

I recommend reading the entire article.

What are your opinions on this partnership? Is Google trading the privacy of its users for increased security with this partnership?

1 comment:

Andy M said...

I feel like Google's partnership with the NSA became a foregone conclusion once they were violated by the (allegedly) Chinese hackers. They began a confrontation that in the big picture was untenable for them as a corporation working against a network with the infrastructure available that these Chinese intelligence services possess. Google made a moral decision to stand up to the privacy intrusions, and it would not be fair of the government to allow them to stand alone given our stated stance to protect net neutrality and freedom of speech. Concerns over what the NSA will do with the information Google makes available to them should be tempered by the reported conditions of the deal, saying that “the alliance is being designed to allow the two organizations to share critical information without violating Google's policies or laws that protect the privacy of Americans' online communications. The sources said the deal does not mean the NSA will be viewing users' searches or e-mail accounts or that Google will be sharing proprietary data.” Personally, I feel like I can trust the NSA to stay true to their word and stick to their job of securing the site without compromising the information they are supposedly protecting. I don’t think it is naïve to believe they will not access any of our information in the process, despite the strong temptation present. The backlash from the public if they did get caught peeking would be magnified by their stated purpose of protecting users from intrusion. Additionally, privacy watchdog groups like EPIC (Electronic Privacy Information Center), who have already filed a Freedom of Information Act request to elucidate the exact nature of the Google-NSA relationship, promise to keep a close watch on the NSA’s activities throughout the process. In fact, according to this article http://epic.org/2010/02/epic-seeks-records-on-google-n.html EPIC has been concerned about the efficacy of the security measures Google uses since March 2009, and is currently seeking, through legal action, a uniform security code that can be enforced by the NSA and National Security Council. While it may feel to these agencies that their hands are being tied, it is certainly in the best interest of our citizens to have proper protection from unwarranted internal scrutiny. I am all for observation of individuals showing questionable behavior, but without any display of probable cause I have trouble justifying the Government compromising their relative anonymity in the name of data mining. I will even leave the definition of “probable cause” vague, such that the security agency may operate effectively so long as they can reasonably and publicly justify their actions based on something more than a profile.