Google’s new transparency report reveals that governments across the globe made over 20,000 requests to access Google data in the first six months of 2012.
The report is the sixth one Google has released and shows that government surveillance is on the rise.
CBR takes a look at what the industry has to say about the importance of businesses knowing who has access to their data and how they can best protect it.
Graham Cluley, senior technology consultant at Sophos told CBR:
"If your business is uncomfortable with the idea of others snooping on potentially confidential or sensitive information it has uploaded to the cloud, the answer is simple. Don’t make it easy to be snooped upon. Instead, ensure that your sensitive information is properly and strongly encrypted before being uploaded to the net. Always keep a close eye on what your users are doing with your data, and ensure that security best practice is being followed. IT departments often find that users are adopting consumer file-sharing services in the public cloud without recognising the possible risks."
Danvers Baillieu, COO of Privax told CBR:
"This report highlights the unfortunate fact that there is no unified internet and that it is regulated on a country by country basis. Businesses need to be aware of not only who holds their data, but also which governments are able to make requests for such data. When dealing with big companies this can involve a complex analysis of international law, which is best avoided. Where data has to be sent to a cloud service provided by a third party, it is imperative that it is properly encrypted, so that the security of such data is not at the mercy of the cloud service provider."
Matthew Finnie, CTO of Interoute:
"It’s no surprise that most requests for data come from the US. The Patriot act is a clear indicator of how the US sees data ownership. But for businesses across Europe this should give them cause to think what lessons there are for them. In this era of the cloud, how many businesses really know exactly where and in which country their data is being stored when they outsource it? A key element to protecting data is to know where it is. Businesses need to avoid playing hide and seek with their data if they want to stand the best chance of protecting it completely.
"It’s not a case of locking up your data and throwing away the key. Rather, European businesses should be using European cloud and hosting providers that guarantee complete transparency on where data is at all times. This will also help organisations adhere to the local compliance and governance regulations that ensure secure data protection."
Marc Dautlich, head of information law at Pinsent Masons told CBR:
"Google’s Transparency Report, revealing as it does the assessment of governments around the world as to how rich their data is, is all the more reason to continue to look very closely at Google’s own privacy practices. Google promises transparency in privacy matters. It is being held to account on this promise by the CNIL and all 26 other European Data Protection Commissioners who wrote to Google last month – we need to see their response."
Mark Dunleavy, Managing Director UK at Informatica told CBR:
"Information is the currency of today, so it’s no surprise that demand for Google data has been so high. Both the private and the public sector are realising that data is an invaluable asset. There’s been much talk of late about the potential that big data holds for the public sector. With this in mind, the real value from this kind of data comes when it is combined with other, disparate sources to help establish an accurate, consistent, and comprehensive understanding of what it really means and how it can be used.
"Moreover, pressure is at an all-time high for organisations to ensure that the data they collect and store is adequately protected so it will be interesting to see how these governments worldwide equip themselves to avoid damaging data breaches, and in doing so maintain the trust of their citizens."