Does Libre Office allow for simultaneous collaborative editing by multiple users and seamless passing of current version by passing a URL around? Does it require correct set up and maintenance of a Linux installation (which has gotten a lot simpler in the past 20-odd-years, but still requires more than its fair share of technical expertise), or can it be used by anyone with a web browser, regardless of operating system or installed software configuration (save, of course, the web browser)?

If not, it's definitely an option but I'd generally anticipate it'll lose out in userbase to the alternative that has those features.

I think most of us can agree that sometimes Google services are extremely practical. I just don't think that the practicality is an argument towards the morality of their business.

I wouldn't make this a morality based argument if we just had transparency. If they were perfectly transparent, their business model would be fine (in terms of morality at least). But I believe, personally, that they have the responsibility to better inform consumers exactly what data they're collecting and exactly where it's going.

If you are a well educated consumer who decides that they are comfortable with the level of surveillance in exchange for that product, than by all means. I just wish it wasn't impossible to be a well educated consumer in this field.

Privacy isn't a morality question for most users. If it were, we would expect to see more people up in arms about demographic surveys instead of willfully participating in them.

privacy isn't the morality question, being misleading about your privacy is the morality question.

Google is collecting surveillance data on it's consumers, that the majority of it's consumers don't even know is being collected.

At what point does it become Google's responsibility to make a reasonable effort to inform people about their surveillance practices? I'd say if polling shows that the majority of your consumers aren't aware of your surveillance practices, you aren't being honest.

> At what point does it become Google's responsibility

The last time we tried to push the responsibility onto individual organizations to inform the public of the basics of how the Internet works, we ended up with "This site uses cookies" dialogs popping up redundantly and annoyingly everywhere.

I think I'd rather see the money spent on a public education campaign, not unlike the US Health and Human Services videos of the 1950s. While hokey and hilarious by modern standards, they provided a real service in helping Americans reconcile with rapid advances in technology and hygiene (including now "common sense" ideas such as "Don't play in construction sites" and "Drinking and driving are dangerous").

so now I'm supposed to pay even more taxes so the government can pay to advertise to me to inform me of an american companies lack of ethics?

With exceptions on the level of sharing recipes or whatever, I find it hard to imagine collaborators using such an insecure platform. Sure, communications are encrypted, but Google has full access to documents.

How do IT security staff sign off on stuff like that?

Perhaps the security staff are convinced that either Google doesn't actually have access to it in any practically-concerning sense (https://www.quora.com/Can-Google-open-and-see-files-in-my-Go...), or the risks associated with that access are negligible?

I think you've hit on a very interesting point. The fact that IT security staff (with careers and reputations on the line) do sign off on companies using Google's platform for business applications that include passing sensitive data around might indicate that our assessment of the risk model is flawed?

Many of us are the people making those risk assessments. What information would these IT security staff have that we don't?

It's no secret that a lot of companies don't have great information security.

I think that the fact that people are signing off on it just emphasizes how little some people care about information security.

> What information would these IT security staff have that we don't?

The cost-benefit analysis of their individual industries and the risk tolerance of their companies.

I'm talking about actual information about what Google does with their data.

The cost-benefit analysis and risk tolerance doesn't tell us about how much Google secures their privacy, it tells us about how much the company cares about their privacy/security.

Google's entire privacy policy is laid out in (by the standards of other documents I've seen) very digestible language. https://policies.google.com/privacy#intro

Beyond that, it's a trust and a penalties-for-violating-policy exercise.

And I agree with you: you can probably tell volumes about how much a company cares about the risk factors based on who they trust. But I don't generally think companies are being ignorant placing their chips on Google---it's a big org with a lot to lose if something goes wrong. That gives it advantages over either smaller competitors or rolling one's own (factoring in that to match the security of a dedicated service's cloud offering while approaching the convenience of such an offering, you basically have to hire your own full-attack-surface-spectrum infosec team, and that's one more line item in a small company's budget).