The privacy group Electronic Privacy Information Center (EPIC) has asked the Federal Trade Commission (FTC) to investigate Google for alleged privacy breaches.

 

Relating to a recent incident with Google Docs, it has called on the FTC to ban Google from offering any cloud services, including Gmail, Google Docs and others, until the company can prove it is capable of safeguarding people's privacy.

 

It also claimed that the security breach was far from isolated, and that it was part of an ongoing pattern at Google as its security is inadequate, and that it misleads people into believing that data stored with Google is secure.

 

The FTC has been asked to investigate whether Google's security is adequate, and until that is determined, requested that any cloud-relating Google service be shut down.

 

The document provided by EPIC claimed that: ‘Google also explicitly assures consumers that “Google Docs saves to a secure online storage facility . . . without the need to save to your local hard drive”;' ‘Google encourages users to “add personal information to their documents and spreadsheets”;' and [it] represents to consumers that ‘this information is safely stored on Google's secure servers'. Google states that ‘your data is private, unless you grant access to others and/or publish your information'.

 

It also claimed that ‘Google represents to consumers, “Rest assured that your documents, spreadsheets and presentations will remain private unless you publish them to the web or invite collaborators and/or viewers”.'

 

Under a section named ‘Google's inadequate security is an unfair business practice', it further claimed that ‘prior to the Google Docs data breach, Google knew that cloud computing services are susceptible to data breaches' and ‘Google knew that disclosure of personal user data could cause substantial injury to customers, without any countervailing benefits'.

 

It also claimed that ‘Google knew that a data breach could expose sensitive user data stored on Google Cloud Computing Services. But the company created an unnecessary risk to users' data by employing unreasonable security practises, including the storage and transmission of personal information on its computer network in clear text'.

 

In conclusion, EPIC called on the FTC to ‘hold accountable the purveyors of cloud computing services, particularly when service providers make repeated, unequivocal promises to consumers regarding information security.'