Do you use Google Docs? Increasing numbers of people are jumping on aboard, especially among web workers. But how safe is your data?
After some of my coworkers expressed security concerns, I set out on a mission. I’ve waded through pages and pages of info, to provide you with the bottom line on Google Docs security.
The first thing to read is Google’s Terms of Service.
Intellectual property is safe
Surprisingly, Google’s terms provide strong protection for your intellectual property. You can’t abuse other people’s intellectual property rights:
8.2 … You may not modify, rent, lease, loan, sell, distribute or create derivative works based on this Content (either in whole or in part) unless you have been specifically told that you may do so by Google or by the owners of that Content, in a separate agreement.
And Google clearly acknowledges your rights:
9.4 Other than the limited license set forth in Section 11, Google acknowledges and agrees that it obtains no right, title or interest from you (or your licensors) under these Terms in or to any Content that you submit, post, transmit or display on, or through, the Services, including any intellectual property rights which subsist in that Content (whether those rights happen to be registered or not, and wherever in the world those rights may exist). …
Google gets a license to your work, so it can provide services to you, but it affirms your property rights:
11.1 You retain copyright and any other rights you already hold in Content which you submit, post or display on or through, the Services. …
But you CAN’T SUE
After reading those positive statements from Google you’re probably feeling warm and fuzzy inside. But if you keep reading the ToS, you come across this little statement:
15.1 SUBJECT TO OVERALL PROVISION IN PARAGRAPH 14.1 ABOVE, YOU EXPRESSLY UNDERSTAND AND AGREE THAT GOOGLE, ITS SUBSIDIARIES AND AFFILIATES, AND ITS LICENSORS SHALL NOT BE LIABLE TO YOU FOR:
(A) ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL CONSEQUENTIAL OR EXEMPLARY DAMAGES WHICH MAY BE INCURRED BY YOU, HOWEVER CAUSED AND UNDER ANY THEORY OF LIABILITY.. THIS SHALL INCLUDE, BUT NOT BE LIMITED TO, ANY LOSS OF PROFIT (WHETHER INCURRED DIRECTLY OR INDIRECTLY), ANY LOSS OF GOODWILL OR BUSINESS REPUTATION, ANY LOSS OF DATA SUFFERED, COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR OTHER INTANGIBLE LOSS;
This lawyer-speak translates to: “You waive any possible damages we might cause.” That doesn’t sound very promising, does it? According to my simple reading, if Google loses your data or causes the destruction of your entire business, you’re out of luck.
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data.
We restrict access to personal information to Google employees, contractors and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
Since Google’s pages were unsatisfactory, I did some other research. Apparently there were serious cookie theft issues earlier this year, which might be inherent in Google’s architecture. For a great background on some Google holes, check out TechCrunch’s security summary, even though it’s almost a year old.
In the end, caveat emptor (“buyer beware”) captures the best approach to Google Docs. Google makes promises, but there’s not much to back them up.
I’ll probably continue using Docs for mundane information. But if it’s mission-critical, I don’t think Google Docs is the ticket for me.
What do you think of Google’s security? Is it good enough for you? Did I miss a key point? Let’s talk!
Get more legal tips