Google user data cloud: Do you trust it?

Google takes user data and privacy very seriously, it intones repeatedly.  Why then, does it supposedly not know where its users’ data is in its massively encroaching world wide cloud?
Written by Donna Bogatin, Contributor
Google takes user data and privacy very seriously, it intones repeatedly. 

Why then, does it supposedly not know where its users’ data is in its massively encroaching world wide cloud? 

In Google Gmail: Privacy Policy vs. Help Center last December, I dissected Google’s non-position on what happens when it looses user data entrusted to the Google cloud, in light of Gmail user pleas for personal data restoration by Google.


Both “ps101” and “pronk” underscore they want Google to “restore the account” and “restore our data from backups.”

Google Group members point to a Gmail Help Center FAQ, however, suggesting that Google will not restore the messages that are reported having been deleted from Gmail users accounts unbekownst to them.

I concluded:

Google’s “Residual copies of deleted messages and accounts may take up to 60 days to be deleted from our active servers and may remain in our offline backup systems” pronouncement does not support its “Unfortunately, we're unable to recover messages or Contact entries that have been deleted from your account.”

Google is not forthcoming with its Gmail users.

I now know what is behind this case of Googley inconsistency in its privacy and data practices: Google really does NOT readily know where its users’ data is in the Google cloud.

Peter Fleischer knows that Google doesn’t automatically know where user data is. So what? He nevertheless suggests.

Fleischer is Global Privacy Counsel for Google and, as Google proudly announced this month, sits on the Board of the International Association of Privacy Professionals.

It is surprising then that he cavalierly declares “Your data is in the cloud,” somewhere.

“If your data is in the cloud, where exactly is that?” He asks,

and answers:

“It’s actually very hard to answer the apparently simple question: “where’s my data?”

REALLY? How can the world entrust Google to “organize” ALL of its information, including all the private data of individuals and organizations, if Google can not find such information or data on behalf of the world and its users?

I have been uncovering and analyzing Google’s “top-secret” cloud growth plans, as I reported yesterday in “Google plots server farm land grab in Europe

Fleischer, also on Google’s cloud build-out:

Some companies like Google have very large data centers in multiple locations. A data center is simply a warehouse building with stacks of server computers. Companies try to pick places that are near cheap, reliable sources of electricity. They tend to prefer not to specify publicly the exact locations of these data centers.

As a user of a Web 2.0 service, you expect your service provider not to lose your data and to respond to your queries quickly. Data centers therefore usually replicate users’ data in more than one place. Google users would not be happy if they lost all their data just because the power goes out in Oregon. And the geographical location of data centers can be optimized to enhance the speed of a service, e.g., serving European users from a European data center can be faster than having the data cross the Atlantic.

Finally, having data centers in different locations allows companies to optimize computing power, automatically shifting work from one location to another, depending on how busy the machines are.

Such is Fleischer’s rationale for why Google users ought not ask “Where’s my data?”

You can’t pin-point the location of the clouds.

Fleischer has no problem with the image of users’ personal, private data floating directionless throughout the global Google cloud. Get with the cloud times, the top Google privacy officer underscores:

Data protection law was largely written in an era when data did indeed have an easily-identifiable location.

In the Google era, however, all the world needs to know is that the Google cloud is the only place to be, the world’s safe haven, so suggests Fleischer:

“Now, if you want to know how your data is being protected, the important question is not “where is my data?”, but rather “who holds my data?”

Fleischer’s bottom-line: 

“You can’t pin-point the location of the clouds, but you can still talk to them.”

But no, such is not the Googley case. Not for Gmail users “ps101” and “pronk,” or for any other user of any Google service.

The true Google bottom-line? Beware: Google cloud platform exposed I analyzed last week.

As use of the Google platform grows, along with Google’s ambitions, so do the data and privacy risks inherent to reliance on the Google cloud. 

Google’s Privacy Policy pages reinforce that while Google may tout data “portability,” the Google user data Cloud remains, for all practical purposes, impenetrable for users. Google may allow users to manipulate their data offline, but it does not put forth any absolute guarantee that users are able to modify, correct and/or permanently delete their data from the Google systems. 

Of course, if Google wants to find its users’ data, for whatever reason, that is roaming for perpetuity within the Google cloud, Fleischer can undoubtedly Google (cloud) Map the quickest route to suit its own purposes.

ALSO: Google demands more tax breaks for server farm rule and
Google pressures power companies for data center exemptions and
Google vs. Google on privacy, or not and
Google, YouTube double down on user tracking: DoubleClick next up and
Google to tag users across Web: Privacy Boomerang?

Editorial standards