On Wednesday, I broke the news that California is weighing a plan to hand off the hosting of e-mails--to, from, and between state workers--to either Google or Microsoft. Is everybody comfortable with that?Here's the background. The California state government has formed a working group to study hosted e-mail offerings from Google and Microsoft.
The task force, comprised of technology officials from various state agencies, is evaluating the cost and feasibility of moving e-mail services for as many as 250,000 state workers off of internally maintained systems and onto Web-based platforms operated by one of the two tech giants.
In a conversation Wednesday, John Ellison, technology officer for the California Resources Agency, told me that the Google Apps system for e-mail is cheaper "by an order of magnitude" than that offered by California's own Department of Technology Services.
He also noted that the state would have access to software and storage that's superior to what it's currently got if it chooses Microsoft Exchange Online.
It all sounds good so far, especially when you consider that it's expected California will operate with a $10 billion budget deficit next year.
But there are other issues to consider--like privacy and security.
Imagine this scenario: You're a California resident interested in applying for a job at Google. You're also an AIDs patient within the state's medical system. Would you be comfortable knowing that correspondence related to your condition is residing in servers operated by the very company to which you're applying for a position?
Or, imagine you run a small software business in Sacramento that offers a product that competes with, say, Microsoft Office. Would you be okay with the fact that Microsoft is hosting all of your communications with the state?
Now, I'm not suggesting that Microsoft or Google operate their e-mail hosting services with anything less than the utmost propriety. I've not seen any reports that suggest that either company makes it a practice to spy on private citizens (you know, like Hewlett-Packard).
Still, these are issues that need to be fully vetted--if and when California decides to go forward with the plan. Ellison himself said the state would have to ensure that appropriate measures were in place "to protect state content in a third party system" before anything could proceed.
It's worth pointing out that the idea has not progressed beyond the study phase--and might never get off the ground. California state CIO Clark Kelso has yet to sign off on the proposal. If he does, he needs to ensure that privacy and security are locked down.