Privacy advocates voiced strong concerns today over how data stored on Google Drive may be used during and after customers are actively engaged in using the cloud service.
"The terms of service are bad, but even worse is that Google has made clear it will change its terms of service whenever it wishes," said Marc Rotenberg, executive director of the Electronic Privacy Information Center (EPIC).
On March 1, Google "ignored the views of users" and consolidated all of its terms of service, Rotenberg said, so that it could "do more data profiling."
"After the unilateral changes on March 1, I don't understand why users would trust Google to stand by its terms of service," he said.
Rotenberg is not alone in his concerns.
Users commenting in online forums said privacy was the reason they would not use Google Drive.
On Dropbox's online forum a user by name of Chen S. wrote, "My big concern with Google Drive is that they already have all my emails, web analytics, and search terms. Do I really want to give them even more data?"
Another user, Christopher H., said this in the Dropbox forum: "Like many other users, I'm not excited about Google having more data points on my life via the files I will be storing in their cloud."
Still another Dropbox user, -- Mark Mc., noted that while Google might not sell or disclose data without a user's permission, "they can, however, use that data in anyway shape or form the like internally - and if that includes selling personalised [sic] ad's based on data farming of the files that I've uploaded I'm out of there!"
But a Google spokesman said Drive's terms of service make it clear, "what belongs to you stays yours" and the company's policies are no more onerous than other service providers.
"You own your files and control their sharing, plain and simple. Our Terms of Service enable us to give you the services you want -- so if you decide to share a document with someone, or open it on a different device, you can," he said. "Many who have covered this simply ignored that paragraph and quoted only the one immediately following it, which grants us the license required by copyright law to display or transmit content on a user's behalf. Other companies use very similar language."
According to Microsoft's policy, a user controls who may access their content. However, if you share content in public areas of the service or in shared areas available to others you've chosen, then you agree that anyone you've shared content with may use that content.
"If you don't want others to have those rights, don't use the service to share your content," the policy states. "You understand that Microsoft may need, and you hereby grant Microsoft the right, to use, modify, adapt, reproduce, distribute, and display content posted on the service solely to the extent necessary to provide the service."
"I don't know of any legislation on this subject," said John Webster, a senior partner with Evaluator Group, a market research firm that specializes in data storage issues. "You have to ask yourself, what's the business model. If the business model is to make money from a service or money from advertising, that's one thing. If it's trying to make money off the sale of data, that's another thing."
While older Internet users tend to be wary of how their data is used and protected, younger users rarely consider the consequences of where they store personal information, Webster said. "They may not be reading the fine print."
The other issue to consider is what happens to your data when you leave a cloud service behind, he said.
Google's terms also state that when a user discontinues use of its service, it continues to retain the right to use customer information.
Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and health care IT for Computerworld. Follow Lucas on Twitter at @lucasmearian or subscribe to Lucas's RSS feed. His e-mail address is firstname.lastname@example.org.
Read more about cloud computing in Computerworld's Cloud Computing Topic Center.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.