February 24, 2006
To:
UCOP Community
From: Michael Shannon, Manager, IR&C Communication Services
Earlier this month, Google raised privacy and security concerns among
consumers, business groups, and privacy advocates with the release
of a new version of its desktop search application, which allows people
who use multiple computers to search for documents and Web pages across
those computers. When the free Google Desktop 3 software is installed
on computers and the Search Across Computers function is enabled,
copies of the computers’ files are transferred to and stored
on Google servers for up to a month.
The feature poses a security risk in that confidential or personal
data can be sent to and stored on Google’s servers, unless the
function to omit certain files from the transfer is accurately configured.
Under University policy, employees who have confidential or personal
data--or information vital to the interests of the University--on
their computers must ensure that only authorized individuals can access
that information. See Business and Finance Bulletin, IS-3,
Electronic Information Security, Section IV, Risk Assessment,
Sensitivity, and Criticality.
Before using Google’s Search Across Computers function, University
employees should carefully consider their responsibility to protect
confidential and personal information and the potential for that information
to be accessed by others when transmitted to and stored on Google’s
servers.
Please contact your departmental PC coordinator if you have questions
or want to have Google Desktop 3 disabled.
For More Information