As a member of the IEEE (Institute of Electrical and Electronics Engineers), I have an ieee.org email that has been set up for me. I personally make little use of it, but no doubt others do. Recently, the IEEE “upgraded” their service by turning it over to Google. In doing so, have they (and other organizations that may have similarly switched to Google) placed sensitive corporate, government and individual technical data at risk?
Everything Gmail and perhaps everything Google, as we have just learned, is now on file with the NSA. One AP news article noted that altogether 4.9 million government workers, including more than 1 million contractors, have access to the data the NSA is storing. It's impossible to protect the IEEE emails under these circumstances.
With potentially 4.9 million pairs of eye able to look at this data, no one can say for certain or calculate the odds that some of it has already been compromised and perhaps sold for personal gain.
According to their website:
IEEE.org serves technical professionals and students who are looking to both foster working relationships and gain access to the latest technical research…Imagine that Company A is conducting research at an undisclosed laboratory, and an engineer communicates via this Gmail-based system with Company B, also part of the project, that a certain patent for (say) a drone guidance system has been approved. Soon, on a computer monitor in a darkened, air-conditioned room someplace in Honolulu, the message is flagged because it contains the word “drone.” At that point, one is relying entirely on the honesty of that person (and who knows how many others) not to jump on and profit from the information revealed. Since location data may be included, the secret laboratory is secret no longer.
At the time the change to Gmail was announced, I had reservations about giving up the security of the prior system, and determined never to send anything critical via the IEEE mail system. But the new revelations mean that technical data on which corporate profits or national security depend may in fact be compromised simply because it is, practically speaking, impossible to police 4.9 million workers each of whom could be a potential leaker.
All professionals should be concerned.