Google has apparently gone to the super secret National Security Agency seeking help in preventing cyber attacks.
According to Washington Post's Ellen Nakashima, who broke the story:
"Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google -- and its users -- from future attack."
NSA, of course, is the agency that taps all sorts of electronic communications around the globe. They're also the outfit that broke the law and engaged in warrant-less interception of Americans' phone calls and emails after the 9/11 terrorist attack.
Cyber security is a huge issue that is downplayed by the online industry. Google was right to go public when it was attacked, but the proposed Google-NSA deal raises huge concerns.
Undoubtedly Googlers can learn something from NSA's master-spy eavesdroppers, but how much of consumers' data will Google share with the spy agency?
So far Google and NSA aren't commenting on the details of what's under consideration.
It's incumbent on both parties to be completely transparent about what kind of information is being shared. Sadly, NSA has already demonstrated a willingness to flout the law. If Google wants to maintain any shred of trust from consumers it needs to do more that pledge, "privacy is important" and fall back on the "Don't be evil" mantra. Tell us exactly what you're doing with NSA's cyber spies.
Something that would focus on the threat of cyber attacks and ultimately result in better security for the online industry, would be mandatory quarterly reporting about cyber attack attempts, successes and other data breaches.
We can't fix it if we don't know about it.