In an interview with The Washington Post, Gould said it is encouraging that Google issued a statement that addressed his concerns about the policy’s potential implications for government clients. But, he said, he would still like to see all consumer technology companies with government cloud offerings — including Google, IBM and Microsoft — introduce separate privacy policies for government clients in addition to the private terms laid in out contracts. This, he said, would draw a clear line between their consumer and public sector products.
Gould would also like these cloud service providers to strip out any sort of data collection tools they may have in their consumer products from their public sector products as a precaution. With Google Apps for enterprise and government clients, for example, administrators have the option to enable apps such as Google Calendar.
These companies, he said, “should have a blanket policy specifically for their public sector clients saying that we will not use our consumer data-mining technology. What they do in the consumer space is very powerful, but not it’s appropriate to have this mining built into the government cloud, even if it’s turned off.”
“We have issued a public call for [Google] — and we address it to other integrators playing in the government space — to categorically say we will turn off all advertising and data mining in a government cloud scenario,” Gould said.
Google Apps for Government is certified by the U.S. government as being in compliance with the Federal Information Security Management Act (FISMA), and today the General Service Administration issued a statement saying that it is not concerned about the policy change.
“The recent changes announced by Google pertain only to their free, publicly available services,” the GSA said in a statement. “These changes do not apply to Google Apps for Government, which is the version used by GSA. Our usage of the Google Apps solution is governed by contractual agreement with Google and our prime contractor, Unisys. The solution is compliant with all federal regulations and requirements, including those regarding privacy and data protection.”