Google steps up privacy with crypto fairy dust

Beverley Head
Friday, 16 October 2009 03:21

Business IT - Security

Health minister Nicola Roxon may envisage a future where Google hosts Australians’ heath records, but the global search giant isn’t ready to launch Google Health in Australia just yet.

According to Iarla Flynn, the firm’s head of public policy for Australia; “We have no plans to launch it in Australia at this stage.” Nevertheless he was at pains to explain that if the company ever did launch Google Health locally, after its US trials, privacy of health records would be a high priority for the company.

Following the Government’s announcement this week of an overhaul of its privacy legislation, Google would also have to ensure that it remains compliant with the new streamlined Privacy Act which is envisaged. Flynn said that he had as yet not read the 144 page document outlining the planned legislative reforms, but acknowledged that “It is a good thing for the Government to be thinking about that.”

At a briefing in Sydney Google outlined its approach to privacy across its product lines, and also revealed the extra privacy features – including what it describes as crypto fairy dust - that consumers can expect from Google Wave.

Flynn noted that “For us this is an issue of trust. If people don’t trust Google they can easily take their interest elsewhere,” adding that at present Google enjoyed the status of the second most trusted brand in Australia after the Salvation Army.  Google’s approach to privacy is founded on five key principles he added, the pillars of which were transparency, choice and security.

"We take user data security very very seriously indeed. Indeed in a prior conversation someone said Google had a paranoid approach to security and I took that as a compliment," said Flynn
Greg D’Alesandre, product manager for Google Wave, which is being developed in Australia, explained that the real time communications and collaboration platform will have a number of new privacy and security features.  He said that channels connecting participants in a Wave session would automatically be encrypted.

Also it would be harder to spoof electronic communications. Creating spoof emails is not terribly difficult as opposition leader Malcolm Turnbull discovered recently when he was tricked by a spoof email apparently created by ex Treasury official Gordon Grech. Google Wave ‘s fairy dust should help authenticate the source and authenticity of online communications.

“We’ve got crypto fairy dust which we’ve sprinkled into the protocol,” said D’Alesandre. The code effectively serves to authenticate where the communication was generated, and also ensure that it hasn’t been changed during the transmission.

D’Alesandre said that Google also planned to turn on a white-listing feature shortly which will give users more control about who they share Wave communications with.  It is also developing  a series of ‘etiquettes’ which will indicate to users content which is intended to be private and ought not to be widely shared.