210
Views
1
CrossRef citations to date
0
Altmetric
Original Articles

The use of Google services and tools in academic institutions – A critical review

Pages 17-24 | Published online: 02 Mar 2010
 

Abstract

The US company Google Inc. offers a variety of Internet applications for many areas of everyday life. Whether a detailed search engine, e-mail service, voice over IP, route planner or data search on your own computer – almost every Internet user privately enlists one or more Google services. Academic institutions as well increasingly rely on the use of Google services. From an employer's point of view the use of these services becomes critical when the employees independently decide to use Google products instead of the applications provided by the employer. This procedure – though workable – involves numerous risks and legal problems. Internal data are transmitted unsupervised to an external company which is located outside Europe on top of that. Google's Terms of Service provide for granting extensive rights of utilisation, which, in a academic environment, can lead to problems associated with rights of dissemination. Not least there are infringements of confidentiality of labour-law and of security regulations of the institution.

Notes

http://www.google.com/intl/en/corporate/ (last accessed 22 June 2009).

German translation of ‘google’.

For example, under German law according to Section 50, paragraph 1, in conjunction with Section 8, paragraph 2, No. 2 of the German Trademark Act.

http://www.google.com/privacypolicy.html (last accessed 22 June 2009).

The prevailing controversy whether IP addresses are personal data or not is left out here. In Germany there are two different views: (1) pro personal data: county court Berlin-Mitte, 27 March 2007 – reference 5 C 314/06, maintained by the district court Berlin, 6 September 2007 – reference 23 S 3/07; and (2) contra personal data: county court Munich, 30 September 2008 – reference 133 C 5677/08.

If the provider is located within the EU, a contract for commissioned data processing would be possible. In such a case the controller remains liable for the processing of personal data. The controller must carefully choose a processor providing sufficient guarantees in respect of the technical security measures and organisational measures governing the processing to be carried out. The controller furthermore must ensure compliance of the processor with those measures. The processor just holds a ‘auxiliary function’ in comparison with the controller. Relevant is the detail of the contentual requirements.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.