Google Docs Security Breach Should Encourage People Not to Use Google Health

Mar 9, 2009 • 8:18 am | comments (3) by twitter Google+ | Filed Under Other Google Topics
 

Late last week, I saw dozens and dozens of threads in the Google Docs Help discussion forum, where Googlers were saying that they would contact these individuals directly, via email. Now, I saw a bunch of these, but didn't really look into them, simply because the issue was handled off the public forum.

Over the weekend, Google posted the details of the issue, which seemed to me to be a major security breach. Let me quote it:

We wanted to let you know about a bug (now fixed) that affected a small percentage of users who may have shared permissions between some documents in their account without their knowledge. This inadvertent sharing happened only when the document owner, or a collaborator with sharing rights, selected multiple documents and presentations from the documents list and changed the sharing permissions. (This issue didn't affect spreadsheets.) As part of the fix, we used an automated process to remove collaborators and viewers from the documents that we identified as being affected. We apologize for the inconvenience of having to re-share your docs. We have sent notifications to the owners of impacted docs, informing them of this fix and posted this information to the Apps Status Dashboard: http://www.google.com/appsstatus

Can you imagine if you were sharing financial information or personal medical information with someone and some how, it was shared with strangers? And Google wants you to use Google Health to share your most confidential and personal details with your doctor and family? I am all for sharing in exchange for convenience but what is stopping a security bug like this from happening on Google Health?

Forum discussion at Google Docs Help.

Previous story: URL Case in SEO Matters
 

Comments:

David Miron

03/09/2009 04:25 pm

Check out my CARTOON & Comment on: http://www.pcdisorder.com/2009/03/google-leaking-like-sieve.html

Fred in Oakland

03/11/2009 07:38 am

In general, I think there's far too much fear connected with health information. We have an entire industry of "confidentiality" built around fear of shame, fear of discriminatory treatment, fear of rejection or ridicule. "Confidentiality" has made us prisoners of our own truths, so we collude with those who use shame, discrimination, and rejection to restrict the availability of truth in our own lives. This is perverse. It is the official, normative culture of fear, shame, rejection and discrimination that needs to be rejected. The hateful, bigoted purveyors of the fear culture should have to live their lives in fear of censur --- not you, not me. All this institutionalized paranoia about confidentiality is a profoundly wasteful, misguided version of the role that truth should play in life. It is discrimination that should be seen as contemptible and shameful conduct ... not someone's medical condition.

No Name

03/24/2009 11:25 pm

How I can secure my documents in docs.google.com with HTTPS urls?

blog comments powered by Disqus