L.A.’s city controller has launched an inquiry into delays over security issues.
Google Inc.’s big push to supply email services to governments around the country is running into headwinds both from federal agencies and its marquee client, Los Angeles City Hall.
More than a year after the city awarded Google a $7.2-million contract to provide email for its 30,000 employees, Google has been unable to meet crucial security requirements, preventing nearly half of city personnel from moving to the new system, according to city officials. The city’s controller has launched
an inquiry, and City Council members have held closed-door meetings to confer with attorneys, raising the possibility of legal action.
The U.S. Justice Department is also raising questions about Google’s claims that its email system had received federal security accreditation, which the Internet search giant has touted as a key feature of its Google Apps for Government product.
The snags come as the Mountain View, Calif., company continues to make an aggressive bid to supply secure email software to federal, state and local governments, a lucrative market long dominated by rival Microsoft Corp. and its widely used Outlook and Exchange email software. That strategy has included
everything from winning over government agencies with discounted prices to suing a federal agency that picked Microsoft’s email software over Google’s.
Google has sought to differentiate itself from its Redmond, Wash., rival by championing Internet-based “cloud computing,” in which users allow Google to store their data in remote computer centers around the nation, where it is accessible through a Web browser. Google says the model is both more cost-effective and more secure for its customers. Google has signed up tens of thousands of businesses, universities and other organizations for its Google Apps software in recent years.
But governments have been more difficult for Google to convert. That’s partly because government information technology is riddled with tricky security issues, not the least of which include securing sensitive data such as criminal histories, confidential policy documents and personnel records.
Google has had difficulty meeting all of the strict federal data standards, and opened itself up to criticism that it was exaggerating its ability to do so.
In an internal memo first obtained by the advocacy group Consumer Watchdog, the city in December said Google and its partner Computer Sciences Corp. repeatedly committed to and then missed deadlines to solve data security issues that were preventing the Los Angeles Police Department from moving onto Google’s system.
“CSC and Google’s behavior goes beyond a mere failure to communicate in a timely manner and instead, on several occasions, has risen to the level of misrepresentation,” the memo from city technology chief Randi Levin said. “These failures are wholly unacceptable to the city of Los Angeles.”
On Monday the city’s budget committee met to discuss the status of the contract, opting to close the session to the public so council members could speak with city attorneys, an option commonly used when the city is considering litigation.
Separately, City Controller Wendy Greuel sent the city technology agency a letter asking it to “explain the circumstances leading to the failed deliverables.”
“The fundamental issue is the security element for the police, the city attorney and general services, which have not been completed,” said City Councilman Bernard Parks, adding, “I think we’ve given them more than enough time.”
Both Google and city technology officials said this week that the company was already at work on a plan outlining how it would meet the federal data guidelines, and would submit it by the end of April.
Google also maintained that the strongly worded document was “inaccurate and out-of-date,” and that the delays were in part due to Google’s efforts to stay in line with still-evolving federal security guidelines.
“The city has asked us to meet new requirements that were not part of the original contract and which required work to implement in a cloud computing environment,” said Google spokesman Andrew Kovacs.
Meanwhile, Google has been in federal court, fighting another battle over its government email system. In October, Google filed a lawsuit against the U.S. Department of the Interior alleging bias by the agency when it selected Microsoft to provide email to its 88,000 employees. The Interior Department had determined that Google’s version of the cloud was too risky for its purposes.
In documents unsealed last week, the Justice Department weighed in on the dispute, questioning Google’s claims that it had obtained a key federal data security credential. Justice attorneys are representing the Interior Department in the case.
Google said that the consumer and business versions of its office software — Google Apps — did receive the federal certification in July, and that its government version is essentially the same product, only with further security enhancements.
Despite the setbacks, Google has won a number of victories by signing up federal, state and local government agencies — many of which are watching the outcome of the company’s dealings in Los Angeles before they move forward.
“We’re learning as we go from their experience,” said Bob von Wolffradt, the chief information officer for Wyoming, which recently agreed to move its 10,000 state employees to Google’s system, but is waiting to move those who deal with sensitive law enforcement data. As L.A. “ticks off the checklist, we’re getting a copy of that checklist.”
Contact the author at: firstname.lastname@example.org