Google testing out server-side encryption for Drive files
Web giant looking to make content secure from government agencies.

Google is said to be testing out server-side encryption in a move that would help shield user documents stored on its Drive storage service from government authorities such as the NSA.
Currently, Google Drive files are secured in transition using the HTTPS and TLS protocols, but are not encrypted when stored on the firm's servers. The web giant is now actively trying to address this issue to give users peace of mind, two sources have told CNET.
If server-side encryption is implemented, Google would theoretically be unable to give government agencies, such as the NSA, access to information even if they submitted a legal request.
The move comes as Google was named as one of the global technology firms that provides information to the NSA by whistleblower Edward Snowden.
Encryption of data at its source would help Google differentiate itself from rivals, particularly Microsoft which has been accused in documents released by Snowden of helping the government agency to circumvent its own email encryption.
Microsoft general counsel Brad Smith has denied Redmond bypasses its own encryption. But he did admit that when the firm wants to comply with legal orders, information is pulled from servers where it "sits in an encrypted state".
Even since details of the NSA's Prism project emerged, the major companies implicated in the scandal - including Google, Apple, Microsoft, Facebook and Yahoo - have all denied giving blanket access to the NSA. They maintain that user data is only handed over to authorities when a valid legal request is made through appropriate channels, under the Foreign Intelligence Surveillance Act.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
An alliance of 63 global technology firms and liberty groups has now emerged. They are aiming to lobby President Obama and Congress to allow internet, telephone, and web-based companies to report national security-related requests with greater transparency.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published
-
Hackers are lying low in networks to wage critical infrastructure attacks - here’s how they do it
News Hackers are researching key IT workers in their bid to gain access to vital systems
By Steve Ranger Published
-
ASUS, Cisco, Netgear devices exploited in ongoing Chinese hacking campaign
News Critical national infrastructure is the target of sustained attempts from state-sponsored hackers, according to Five Eyes advisories
By Ross Kelly Published
-
US reveals bespoke tool that took down Russian malware operation
News Snake had been used to steal NATO countries’ data for 20 years
By Rory Bathgate Published
-
Move away from memory-unsafe languages like C and C++, NSA urges
News The US agency advises organisations to begin using languages like Rust, Java, and Swift
By Zach Marzouk Published
-
US gov issues fresh warning over Russian threat to critical infrastructure
News The FBI, NSA and CISA have urged network defenders to be on "heightened alert" for Russian cyber attacks
By Connor Jones Published
-
NSA warns smartphone users of ‘large scale data tracking’
News Common features like Bluetooth and Wi-Fi can reveal sensitive details about users like their daily routines
By Keumars Afifi-Sabet Published
-
NSA hands serious flaw to Microsoft rather than use it
News Patch Windows 10 now, as the NSA has spotted a bug impacting security certificates
By Nicole Kobie Published
-
100GB of secret NSA data found on unsecured AWS S3 bucket
News The data related to a failed NSA cloud collaboration project
By Adam Shepherd Published