Yesterday, Ellen Nakashima of The Washington Post reported that:
The world’s largest Internet search company and the world’s most powerful electronic surveillance organization are teaming up in the name of cybersecurity.
Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google — and its users — from future attack.
Read more in The Washington Post.
By the end of the day, EPIC reported that it had
filed a Freedom of Information Act request with the National Security Agency, seeking records regarding the relationship between Google and the NSA. … The EPIC FOIA request also seeks NSA communications with Google regarding Google’s failure to encrypt Gmail and cloud computing services. In March 2009, EPIC filed a complaint with the Federal Trade Commission urging it to investigate the adequacy of Google’s cloud computing privacy and security safeguards. Today EPIC also filed a lawsuit against the National Security Agency and the National Security Council, seeking a key document governing national cybersecurity policy.
Jaikumar Vijayan has more on the developments and privacy concerns on Computerworld, including comments by James Lewis, director and senior fellow at the Center for Strategic and International Studies (CSIS), who
said that although not all details are available, it is unlikely that a Google-NSA partnership on cybersecurity will involve the sharing of personal data.
Google is more likely to only be interested in having the NSA take a look at its networks and help it identify potential weaknesses, he said. Any information sharing that happens will have nothing to do with intelligence gathering by the NSA, he said.
“I don’t have any direct knowledge, but that is my assumption in this case,” Lewis said.