How Secure is Google Drive?

Security steps you can take

The problem with Google's privacy policy and terms of service is not that they are malicious, but that they could be misused easily. Each stipulation is there to help Google provide its users with the Drive service, but there's no language that compels Google to act in a user's interest.

For example, if you were to write a novel and host it on Drive prior to publication, Google's terms of service theoretically permit the company to lift the novel's characters and use them in a marketing campaign. Such an action may not hold up in court, but it's in there. [See also: 13 Security and Privacy Tips for the Truly Paranoid]

The first step toward keeping your Drive data private is to access it through a non-Chrome Web browser, like Firefox or Internet Explorer. You can also encrypt and password-protect your personal files. Although Google and the NSA could break encryptions and passwords, doing so takes time and money, and these organizations are not likely to bother unless they consider you a threat.

(At the time of writing, Google may also be considering encrypting Drive files in order to protect them from government interference, according to a CNET report. Even if this is true, encrypting your own files is still advantageous, as it protects them from both Google and the NSA.)

For files you create via Drive's Google Docs, your options are extremely limited. Since you can neither encrypt nor password-protect these, you should either give them misleading file names or go old-school and write them in a secret code (keep a cipher handy if you do). Your best recourse may be to hope that your documents fly under the radar of Google, the NSA and other data watchers.

Google drive is an incredibly convenient and powerful service, but using it will put your files at a certain risk, however slight. Whether that's a worthwhile tradeoff is up to you.

Follow Marshall Honorof @marshallhonorof. Follow us @tomsguide and on Facebook.

Marshall Honorof

Marshall Honorof is a senior editor for Tom's Guide, overseeing the site's coverage of gaming hardware and software. He comes from a science writing background, having studied paleomammalogy, biological anthropology, and the history of science and technology. After hours, you can find him practicing taekwondo or doing deep dives on classic sci-fi. 

  • TracerR
    If you store your files on someone else's servers, then they can access the files. Either law enforcement can make them do it, or the server admins can steal your data, or just expose it through negligence. The best way to protect files is to use encryption, but it must be done locally, not on the cloud server. There are many tools that will do this: Truecrypt will encrypt entire disk volumes. Syncdocs will encrypt files stored on Google Drive.