Brian Bloom is a staff writer at ComputerWorld Canada. You can find him on Google+. He covers enterprise hardware and software, information architecture and security topics.
There’s no shortage of worries about corporations having loose security around the personal data they collect from customers. But two Canadian experts say users are more willing than ever to expose their private lives online.
The way Google Inc. stores private information its gleans from Gmail should presumably be of concern to its users, says Prof. Alfred Menezes, a mathematics professor at the University of Waterloo and a member of its Centre for Applied Cryptographic Research. But for the most part, they aren’t worried.
“When I send the e-mail through Gmail,” says Menezes, “through transmission it’s secure. But in the end, Google stores all my e-mail in the clear. So, they have all my e-mail. We consumers have to somehow trust Google to protect the privacy of our data. And for some strange reason, human beings are willing to do this.”
Menezes says in the past few years, a new generation has emerged “who seem to feel more private on the internet, even though they really shouldn’t have a sense of privacy.”
He says these young people have lived and breathed Internet for so long that they’re almost indifferent to what happens to the information they e-mail and post online. Perhaps one of the most breathtaking displays of this phenomenon occured soon after the 2011 Vancouver Stanley Cup riots, when scores of people posted images and videos of themselves committing crimes on their Facebook pages.
Prof. Charles Rackoff of the
University of Toronto, another cryptography expert, says there can be a certain irony in the way we perceive security threats. For instance, some of us get skittish at the prospect of handing Google the keys to our computing, yet we’re more than happy to use their e-mail service.
“Worry is a funny thing,” says Rackoff. “You hear these people talk and they say…we have to worry about cloud computing. These are the same people who send their e-mails not encrypted — I don’t, you probably don’t — the same people use Google mail, who know that Google is reading all of their mail.”
Google [Nasdaq: GOOG] has gone to some lengths to describe to its users exactly what it wants to do with their personal data. Rackoff says if we accept these explanations at face value, we’ve already given the company a powerful vote of confidence.
“Supposedly, they’re just stripping keywords for advertising from it and ‘nothing to worry about here, just move along.’ But the trust we give to Google is just enormous. So, as long as we trust Google with all our emails, knowing that they’re reading them, then I suppose we might as well trust them with our cloud computing, too.”
[For more on what they think of corporate encryption,
click here.]