"Nej till Google!" - Sweden tells a local council that Google's cloud is a no-go area

Filed Under: Featured, Google, Privacy

Swedish bureaucrats have instructed a town in the Scandinavian country to say "No" to Google.

Salem, a municipality approximately 30km south-west of Stockholm, wanted to ink a deal to use Google Apps, but the Information Commission thought otherwise.

When I first spotted this story, my immediate thought was that it would have something to do with PRISM.

If you haven't been following computer security news lately, that's the USA's controversial programme to conduct widespread network surveillance of foreigners.

You can see why overseas jurisdictions might want to discourage their residents from using cloud services offered by companies which are themselves regulated by US law.

But Sweden's broadside against Google has nothing to do with whether the US government does or doesn't have its digital eyes on the cloud storage of non-US residents.

This is an argument directly with Google over its own privacy provisions.

The Swedish data protection mandarins already disagreed with the Municipality of Salem back in 2011, arguing that Google's contractual land-grab over its customers' data "for the purposes of providing, maintaining and improving the services" was a step too far.

The municipality apparently felt that this was reasonable because it would help to improve Google's IT-related services to everyone - in other words, that the people of Salem could tolerate this clause for the greater good of all.

But the Swedish Datainspektionen ordered Salem to renegotiate with Google, on the grounds that the clause was too open-ended to be safe.

The decision noted, amongst other things, that the contract was too loose about how the data might be handled by subcontractors, or by Google after the contract ended.

Salem did go back to the negotiating table, and came up with a revised deal last month, but it still wasn't enough for the regulators, whose decision is that the earlier shortcomings have not been addressed.

So Salem must negotiate again with Google, or find another way to deliver its IT services.

On the surface, this may sound like Nordic bureaucratic pettiness, but I think we should applaud the Swedish privacy experts here.

It's one thing to outsource your own IT services - personal email, blogging, web site, and so forth - to save time and money. That's your own choice to make.

And it's fair enough if you're a company whose customers can vote with their chequebooks (yes, they still exist, at least in Australia!) if they don't like the service provider you've chosen.

But as a "customer" of a local government, you don't have that liberty, so you are stuck with the privacy-related decisions made by your council.

I suppose, as Google's own Eric Schmidt once famously joked, "you can just move, right?"

But that's the same Eric Schmidt who's on the record as having said that "Google policy is to get right up to the creepy line and not cross it."

Let's see if Salem can win the battle to get Google to back off a bit in the next round of negotiations...

, , , , , ,

You might like

2 Responses to "Nej till Google!" - Sweden tells a local council that Google's cloud is a no-go area

  1. Nigel · 804 days ago

    The article raises a good point: To what extent can anyone actually trust Google with their data? I find myself increasingly questioning Google's sincerity and integrity, despite their "Don't be evil" motto. The additional exposure hazard from the recently outed chicanery by the NSA just increases that uncertainty.

    I run Ghostery and NoScript in my SeaMonkey browser, and it's appalling to see how many websites simply don't work without letting Google run scripts. The amount of data they collect must be enormous.

    Google is becoming increasingly invasive. I have a health care provider that will not give me online access to my account unless I use either a Google or Facebook ID to log in. I won't do it. I absolutely do not trust Facebook, and I'm beginning to have serious doubts about Google.

  2. Google is slowly becoming Skynet... there needs to be more real competition and I don't mean from Microsoft or Apple, and especially not from Facebook.

    Companies should also be required to disclose exactly what they do with our data, and not just have some vague privacy policy. There should be no room for secrets... and failure to follow should result in a law suit where the victims receive a significant amount in damages, and by significant I mean more than the measly $0.13 I received from the last lawsuit against Google I was on.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog