> Royce, my concern is, simply, how aware will Google be of goings on at
> ACS because of the Google services and appliances ACS is adding to the
> ACS network. I can stop using ACS mail services and I try to limit my
> use of Google services. That said I am concerned because ACS, at my
> home anyway, is the only way for me to access The Internet. No doubt
> ACS had to sign an NDA for both gmail and GGC (Google values its
> privacy). I am aware of the issues regarding "Three letter agencies"
> but my concern is Google.
>
> Regarding Google's use of NDAs see for example:
> http://blogs.berkeley.edu/2013/03/06/the-good-not-so-good-and-long-view-on-google-mail/
Regarding CDN devices, they are not in the network path or aware of your
traffic unless you are explicitly consuming services from the CDN
provider. In Netflix' case, that's pretty easy to discern. With the
Google GGC, the eligible products are enumerated at
https://peering.google.com/about/faq.html and again, the list is fairly
intuitive. With Akamai, things get a little murky because they cache
content for a wide variety of companies so you'll likely see "Akamized"
DNS returns when pulling Apple or Microsoft updates, large and popular
ads and all kinds of things.
Having been involved (usually as an instigator) in implementing CDN
services, I've been privy to NDA agreements as well as the deployment
architecture. The NDAs don't cover themselves, nor have they mentioned
customer traffic. Really they are quite generic and basically cover
anything either company notifies the other is confidential (which isn't
much). Usually it boils down to traffic levels, don't hack the machines
or sniff their traffic beyond normal diagnostics and that's about it.
As emphasized in the Ladar Levison NANOG interview, ANY entity with
equipment, people, legal standing or network connections residing in or
transiting the US is subject to scrutiny by the US government. In
theory that scrutiny is governed by US law, rather than the whim of the
agency. That's the agreement between citizens and the government in the
US. If presented with an appropriate warrant, it should be expected
that a company will assist law enforcement by supplying the requested
data. That being said, it is our duty and network and systems operators
to preserve our customers trust and only disclose specifically requested
and targeted information. If the warrant it overly broad, we need to
work with the agency to refine what they are asking for.
However, privacy agreements between companies and individuals are a
different matter. I'm not a lawyer or privacy expert, but in my
experience the privacy agreements between private parties are
individually negotiated, usually by way of a quickly flashed agreement
that very few people read and that generally offers much less protection
than US law. As a wise friend commented with respect to free services,
if you are not paying for the product or service, you are the product.
--
Tom
======================================================================
"Z80 system stack overflow. Shut 'er down Scotty, she's
sucking mud again!" - Error message on XENIX v3.0
Tom Simes simestd@netexpress.com
======================================================================
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Oct 14 07:39:57 2013
This archive was generated by hypermail 2.1.8 : Mon Oct 14 2013 - 07:39:57 AKDT