Reported Google-NSA alliance sets off privacy alarms

Google, NSA may partner on cybersecurity, Washington Post says

In a development that is already causing alarm among privacy advocates, search engine giant Google Inc. is reported to be enlisting the help of the National Security Agency to investigate recent cyberattacks that Google says originated from China.

The Washington Post , quoting unnamed sources, today said that the NSA and Google are in the process of finalizing an agreement under which the NSA will help Google better defend itself against future attacks. Under the deal, the NSA would not get access to users' search information or e-mail accounts and Google would not share any proprietary data, the source claimed.

Google approached the NSA shortly after the cyberattacks which it said were launched from China. However, the deal will take time to hammer out because of the privacy sensitivities involved. If the deal go through, it will be the first time that Google has entered into a formal information-sharing relationship with the NSA, the Post quoted the source as saying.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

In a development that is already causing alarm among privacy advocates, search engine giant Google Inc. is reported to be enlisting the help of the National Security Agency to investigate recent cyberattacks that Google says originated from China.

The Washington Post , quoting unnamed sources, today said that the NSA and Google are in the process of finalizing an agreement under which the NSA will help Google better defend itself against future attacks. Under the deal, the NSA would not get access to users' search information or e-mail accounts and Google would not share any proprietary data, the source claimed.

Google approached the NSA shortly after the cyberattacks which it said were launched from China. However, the deal will take time to hammer out because of the privacy sensitivities involved. If the deal go through, it will be the first time that Google has entered into a formal information-sharing relationship with the NSA, the Post quoted the source as saying.

In response to a request for comment, a Google spokesman pointed to a Jan 12 blog post by David Drummond, Google's senior vice president and chief legal office. The blog post, titled "A new approach to China," explains Google's concerns over the attacks, which it said also involved attacks against at least 20 other companies.

In the post, Drummond said that after the attacks, Google took the "unusual step" of sharing attack information with a "broad audience." This information, Drummond said, "goes to the heart of a much bigger global debate about freedom of speech," the company said. Drummond's post did not say with whom the company shared the attack information.

The NSA did not immediately respond to a request for comment. Neither Google nor the NSA would confirm or deny the reported partnership with the Post either.

Even so, the prospect of the world's largest search engine company teaming up with the country's largest spy agency is already sounding alarm bells within the privacy community.

Marc Rotenberg, executive director of the Washington-based Electronic Privacy Information Center (EPIC), said any relationship between the two would be "very problematic.

"We would like to see Google develop stronger security standards and safeguards for protecting themselves," he said. "But everyone knows the NSA has two missions. One is to ensure security and the other is to enable surveillance," Rotenberg said.

When the NSA has entered the private security realm, there have always been problems, Rotenberg said. In the 1990s, for instance, the NSA's role in network security resulted in weakened encryption standards all around, he said. "We have had a long running debate about the impact of NSA's role in the security realm," he said. A partnership with Google raises those questions all over again, he said.

"We definitely need more information" whether the rumored partnership will go through or not, said Ari Schwartz, deputy director of the Center for Democracy and Technology (CDT), a Washington-based think tank and advocacy group.