Google experimenting with anti-NSA encryption - report
Google is considering encrypting users’ data generated on its Google Drive as a protection from the US government's invasive meta data collection policies revealed just over a month ago, according to a new report.
The privacy protection initiative remains in the experimental
phase, but could comfort customers shaken by the revelation that
the National Security Agency has a policy of indiscriminately
pulling millions of communication records. Google, according to
the CNET report that first revealed the testing, already encrypts
a small percentage of Google Drive files.
The current testing is reportedly examining whether it would be
possible to encrypt data stored in the Google cloud service as
well as Google Drive.
“There are lots of things this could mean: if Google encrypts
the files but retains the keys, it would mean that any government
spying would be more visible within the company, since it would
require the government requesting access to the keys before it
could snoop on users,” wrote technology journalist Cory
Doctorow.
“On the other hand, it might mean that Google would encrypt
its files in a way that even it can't encrypt it - called
'zero-knowledge encryption' - which would be much more robust
against spying.”
The company, like others in Silicon Valley, has come under harsh
public scrutiny for the perception that it not only participated
in the secret government surveillance program PRISM, but profited
off it as well.
An earlier report indicated that Verizon and AT&T each charge
the NSA hundreds of dollars to install a single wiretap and,
while Google’s fees were not disclosed, documents obtained by the
American Civil Liberties Union showed that complete email
transcripts were often sold for as little as $25.
The Foreign Intelligence Surveillance Court authorizes the
disclosures in decisions that are shielded from public oversight.
Companies are forced to provide that data unless its encrypted.
While Google has attempted to protect customers’ privacy in the
past - including a longstanding battle against government
National Security Letters - it may be possible for the NSA to
step in and demand the search giant intercept encrypted messages.
“This is an unanswered legal question,” Jennifer Granick,
the director of civil liberties at Stanford University’s Center
for Internet and Society, told CNET. “I think the answer would
depend in part on whether decryption could be called a current
capability of the provider - or requires a re-engineering of the
service.”