Google is accelerating efforts to toughen its data encryption, the company has revealed, aiming to curtail unofficial snooping on user information in the aftermath of NSA PRISM controversy. “It’s an arms race” Eric Grosse, vice president for security engineering at Google, told the Washington Post, describing government-mandated hackers as “the most skilled players in this game” and insisting that as “a point of personal honor” the search giant would not do anything to ease NSA intrusion into its servers.
The news that Google will boost its security provisions comes following allegations earlier in the year that the company, among other big names like Microsoft, had secretly agreed to back-door access to its servers. Google swiftly responded in the negative, though confirmed that, should the NSA or others come with legally approved FISA (Foreign Intelligence Surveillance Act) requests, it would be obligated to hand over the data.
Even with that requirement in place, Google has been arguing for greater transparency on the user end of the equation. The company – along with Microsoft – is currently suing the US government for permission to give more detailed disclosures on exactly how many FISA orders were received each year.
The lawsuit, filed several months ago alongside negotiations and US government, represents the best chance for approval, Google and Microsoft argue, after talks failed to produce the desired results. The Government announced that it would begin publishing the total number of national security requests for customer data for the past 12 months and do so going forward once a year,” Brad Smith, Microsoft’s general counsel and executive vice president of legal and corporate affairs, said back in August. “The Government’s decision represents a good start. But the public deserves and the Constitution guarantees more than this first step”
Google declined to comment on how exactly its upgraded encryption system will work, but it has been described as “end-to-end” with “very strong” security throughout the data transmission process. The company is apparently “months ahead” of its original deployment schedule, and due to be completed soon.
Nonetheless, security experts suggest that users should be realistic in their expectations, even when Google’s new system comes into operation. The measures would merely delay – not prevent – NSA intrusion, they argue, and of course Google would still be required to respond to any official FISA requests.