Analysts have urged businesses using Google's
on-demand office applications to ask for
clarification of the supplier's privacy policy regarding the
data held on its systems.
"Google's privacy policy is vague and IT directors using its
applications should ask it to clarify the extent to which it shares
and handles information," said Graham Titterington, principal
analyst at Ovum.
Titterington said Google sets out the conditions under which it
is obliged to share information with governments, but it does not
say what the limits of this sharing is.
The warnings follow calls from data protection group
Article 29 for Google to explain why it holds the data it does
and for the time it does.
Google said its privacy policy was straightforward and it would
respond to the Article 29 group in the coming weeks.
Jay Heiser, research VP at Gartner, said "Google are not yet in a position
where they are able to offer a commercial customer even levels of
service such as ISO 27001 certification - a security management
standard. Google's privacy policy seems extremely ambiguous today,"
said Heiser.
A Google spokesman said it takes internal reviews of its data
collection storage and processing practices and restrict access to
personal information to Google employees, contractors and agents
who need to develop its services. "These individuals are bound by
confidentiality obligations and may be subject criminal prosecution
if they fail to meet these obligations."
Google woos enterprises with Apps>>
Google boosts security, but storage glut
continues>>
Comment on this story:
computer.weekly@rbi.co.uk