Google to automatically encrypt Cloud Storage data, but this shouldn't ease NSA fears

Google to automatically encrypt Cloud Storage data, but this shouldn't ease NSA fears
Ever since the news first broke about the U.S. National Security Agency (NSA) using the PRISM program to monitor metadata on communication, and subpoena further data from various companies there has been widespread fear of (and jokes about) the NSA tracking everything we do online. In an effort to help quell those fears, Google has announced that it will automatically encrypt Google Cloud Storage data, but we're not sure that will actually fix the problem.

To be clear: encryption is definitely a good thing, and it can help guard against information getting out if a server is hacked or otherwise compromised. But, it's unclear how Google's new system would guard against the NSA's legal (albeit disturbingly Orwellian) tactics for obtaining data. And, most importantly, this new method only applies to Google Cloud Storage data, which is designed more for developers and enterprise. This new policy doesn't change how consumer data is handled in Gmail, Drive, or Google+. 

Encryption and keys

Google's new automatic encryption would use the 128-bit Advanced Encryption Standard (AES); and, data would be encrypted on Google's end "before it's written to disk." The encryption takes on three phases: first, user data and metadata would be encrypted using a unique key, that key is then encrypted using a second key associated with the data owner, that is finally encrypted using a "regularly rotated" master key.

This means that data would be sent to Google, encrypted, then saved, which means Google won't save copies of the unencrypted data. But, that data will still be processed as usual for keywords, and relevant data that is used in various Google services. 

The trouble with this method is that Google still holds the keys to the data, which means that when the NSA comes calling for data with legal authority, Google can still hand over the data after removing the encryption from it. Google says that the master encryption keys will be changed “regularly” and that they will be stored in the same way that Google stores encryption keys for its own data.

Why Google can't go all the way

The problem is that Google is caught in a bit of a bind when it comes to delivering a similar system for user data in Gmail or Drive. As a comparison, the safest way to handle user data is how Apple does with FaceTime and iMessage. Apple encrypts FaceTime and iMessage data on the device before sending it through Apple servers, so Apple can't even access the data. But, this method has it's drawbacks. 

It is much easier for Apple to build a system like that for specific products when the software only runs on Apple hardware and the ecosystem is tightly controlled. For example, FaceTime and iMessage data is the only Apple data included in this extra-safe encryption, and doesn't extend to mail, SMS, or anything else on your device. Google can't do that because it is platform agnostic. Google software always starts in the browser, and moves out to native apps on various platforms. But, the data essentially always lives on Google servers and rarely even originates from local storage.

Plus, if Google were to do that, all of the products that are so useful from Google like Google Now, personal search, etc. would all cease to exist, because Google wouldn't be able to access your data. If Google has no way to decrypt data, then it can't scan your Gmail for flight info and package tracking info, or your Calendar for appointments. As we have talked about before, there is value in being more open, and the corollary to that is that there is a cost to being more private. 

And, of course, while there is a cost/benefit comparison to be made for what would happen to you if Google adopted a stricter encryption policy, there is also cost/benefit for Google itself. If Google were to somehow start encrypting data before it gets to its servers, Google it would not only lose out on offering the products that make it stand out from the competition, but it would lose big because it wouldn't be able to learn about you, or find keywords to serve up better (and more profitable) ads. 


Ultimately, this is a good step forward for Google and definitely a much needed addition to its Cloud Storage platform. The addition of extra encryption will help to beef up security, but it is dangerous if anyone takes this as proof that Google is adding protection against the NSA. Unfortunately, the only protection Google could add in that regard would also lead to a huge hit in both Google's profits, and Google's ability to offer innovative new products that attract users. 



1. PK1983

Posts: 215; Member since: Aug 08, 2012

What the NSA does might be legal under the letter of the law, it is certainly not under the spirit of the law. The people who supervise this intrusion are the ones writing the laws, the people who are under them truly have very little to no say. When a govt. is more concerned with say someone selling unpasteurized milk on their farm then the illegal immigrants and drug cartels that pass freely across our borders daily, that govt. needs to go asap.

2. Droid_X_Doug

Posts: 5993; Member since: Dec 22, 2010

As long as any product (including Apple's iCloud mail) does the encryption at the server level, it will not be secure. The exploit is called man-in-the-middle. NSA (through its national security letters) tells the server owner (Google, Apple, MS, etc.) to give it the data it wants, and the server owner complies. There is no more 4th amendment to the U.S. Constitution! The legislative (Congress) branch has passed a law (USA Patriot Act), the executive (POTUS) branch actively uses and abuses the law, while the judiciary (FISA court, whose judges are all appointed by John Roberts the Chief Judge of the Supreme Court) rubber stamps the abuses. All 3 branches of the U.S. 'democracy' have been perverted. At least Snowden decided to expose the perversion. As a contractor, he has NONE of the protections that would be afforded a whistleblower (to claim whistleblower protection, you have to be an employee of the U.S. govt.).

3. Napalm_3nema

Posts: 2236; Member since: Jun 14, 2013

True, even iCloud mail is compromised, but at least the messaging systems are not. FaceTime and iMessage encryption is a good thing. All of the mobile OSes should strive for as much protection from prying eyes as possible.

4. Droid_X_Doug

Posts: 5993; Member since: Dec 22, 2010

iMessage is only encrypted for iMessage to iMessage sessions. SMS to iMessage is not encrypted. Not making an issue; just clarifying.

5. CipherCloud

Posts: 1; Member since: Aug 18, 2013

Everyone knows that that server side encryption cannot protect your date from any threats i.e. an account hijacker can still download all your info, a disgruntled sysadmin at Google can still access your keys and your data etc. Also, in the case of a business their compliance for HIPAA, PCI, etc. remain unsolved as Google is not taking any legal liability, in the event of a data breach. As a result the business will end up paying for all legal liability including breach notifications. The ever important Data residency issue is also not solved with Google’s approach as your data and keys to encrypt/decrypt are both in the Google cloud. And last but definitely least – especially in the spotlight of government disclosures i.e. NSA Prism is also not addressed by Google’s approach.

6. MyJobSux

Posts: 106; Member since: Apr 01, 2012

Rule of thumb is this, if its accessible to the internet its not secure. You could run your own mail, storage, etc server on your own personal network and even then your still vulnerable if not more so depending on your knowledge of networking, security and administraion. The best way to protect your personal info and data is to simply not put it out there anywhere. Maybe you can get a computer stripped of network abilities and store data there. Of course you would want to lock it up in a safe, then inside a secured room, which is alarmed, under camera surveilance but would that be enough? You would want to watch it and make sure no one tried to access the room so your life would be watching a sealed door wondering if someone is tunneling under the floor and into the safe to get your data. Paranoia is a virtue, because the enormous growth in vulnerability reports really does show that attackers are out to get you!

7. Jonathan41

Posts: 532; Member since: Mar 22, 2012

I have no NSA fears.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.