Google 's desktop includes a new feature called "Search Across Computers." This feature stores copies of the user's documents and files on Google's own servers to enable the user to search from any of his/her computers, from home, on campus, or elsewhere.
NDSU ITS is concerned over the privacy and disclosure of sensitive/confidential information, particularly through the use of any online third-party service provider such as Google, Yahoo!, Hotmail, GoToMyPC, and other Web-based applications.
Unless Google Desktop is configured very carefully, which very few people will know how to do, Google will have copies of all the information stored on your computer--tax returns, business and financial records, medical files, love/hate letters, and any other text-based documents Google indexes. Essentially, Google would be able to index your personally identifiable information!
By allowing Google to index and store your information, your data will be more vulnerable to subpoena from the government and possibly private litigants, while providing a one-stop-shop for hackers who have obtained a user's Google password.
The Electronic Communications Privacy Act of 1986 gives only limited privacy protection to e-mails and other files that are stored with online service providers, much less privacy than the legal protections for the same information when it is on your computer at work or at home.
To protect the privacy and prevent unauthorized disclosure of data, NDSU ITS recommends users do not download and use any software that allows for computer-to-computer search and storage of information.
Other suggestions for protecting institutional data include not forwarding or setting your e-mail delivery drop to your home, Hotmail, Yahoo!, or other similar e-mail account. All e-mail addressed to an @ndsu.edu address should be delivered to that address.
Use of a third-party online provider such as Google or GoToMyPC to index and store sensitive/confidential information may be in violation of data privacy policies and laws such as FERPA, the Graham Leach Biley Act, HIPPA, NDUS policy and procedure 1901.2, and NDSU policy 158.
For more information, please contact Theresa Semmens, NDSU Chief IT security officer, at Theresa.Semmens@ndsu.edu or 1-5870.