by Stephen Bryen
Google is building what it calls a “Privacy Red Team.” The company is rapidly recruiting qualified engineers for the job. In its advertisement for team members, Google says: “Top candidates will have an intimate knowledge of the inner workings of modern web browsers and computer networks, enjoy analyzing software designs and implementations from both a privacy and security perspective, and will be recognized experts at discovering and prioritizing subtle, unusual, and emergent security flaws.”
Google’s Red Team is a good idea –in fact every technology company should consider having security expertise at the engineering level.
But the security issue is bigger than the technical elements.
Today, not only personal privacy but also personal security are at risk because of the security weaknesses of computer and mobile phone operating systems and related software applications.
In thinking about security it is not only the risk of crime or the loss of sensitive information. As we can see in places such as Iran, the risk also is to the lives of those who oppose the Iranian regime. As I wrote recently in the magazine InFocus Quarterly, Iran is buying spy gear from the West and using it against their own people. With this equipment Iran can easily spy on the mobile phones of the regime’s opponents, entrap them, and jail them, sometimes leading to executions.
Companies legally trying to do business in certain countries either tend to look the other way, don’t “officially” want to know where their technology goes or how it is used, or actively cooperate with governments trying to suppress their own people.
So in fact modern technology has created a conundrum for technology-based companies working in the computer and telecommunications fields.
I believe we can expect tougher U.S. laws in future to not only protect privacy but to deal with spy technology sold to rogue regimes.
Many of the big companies have Boards of Directors that should, with management, be addressing such issues. But if one looks at many technology companies one finds a lack of qualified Board Members that can champion privacy and security from the inside.
Today’s world is in upheaval. Modern technology has dramatically changed the game and is redefining the global political landscape. While American companies are, by far, not the only force in the technology space, as companies that live in the world’s greatest democracy U.S. companies have a responsibility to do more to make sure that our technology does not create victims domestically or internationally.
Google is moving in the right direction with its privacy red team. The next step for Google and other high tech companies is for them to enhance their Boards of Directors with security and privacy advocates and create either security committees or Security Advisory Boards.