Google sues US gov for picking Microsoft

Feds dodge Google Apps over security


Google has sued the US government, claiming the Department of the Interior didn't give Google a fair shake when it settled on hosted email and collaboration services from Microsoft.

According to Google's suit, first turned up by Santa Clara law professor and tech law blogger Eric Goldman, the Department of the Interior recently floated an RFQ (request for quotation) for a hosted service that will provide email and collaboration tools for roughly 88,000 people across the agency, and it stated that the department would only consider proposals involving the Microsoft Business Productivity Online Suite.

Google claims the DOI's decision is "unduly restrictive of competition." The suit seeks injunctions that will prevent the department from moving ahead with the RFQ.

According to the suit, Google repeatedly tried to engage the Department of the Interior in "substantive discussions," hoping to convince the agency that it should consider Google Apps, Mountain View's suite of online business tools. Google did eventually meet with the department on multiple occasions, but apparently it didn't go well. At one meeting in April, the suit says, the department told Google that a "path forward has already been chosen" and that Google would not be able to compete for the contract because its services didn't meet the department's security needs.

During the meeting, Google claims, the department did not define its security requirements. But during subsequent discussions, the DOI said it had "not finalized its procurement strategy," and there was some back-and-forth over what Google could and could not provide.

Part of the discussions, the suit says, involved Google's ability to meet FISMA (Federal Information Security Management Act) security requirements and to provide a service whose "underlying infrastructure" is operated solely for the DOI. Google eventually received its FISMA certification, but the company doesn't offer private "underlying infrastructure" to Google Apps customers. According to the suit, Google claimed that such was not required by FISMA and that it did not represent "industry best practice," pointing the DOI to other major organizations that use Google Apps.

In the suit, Google claims that by August 11 it had obtained a DOI screenshot that indicated that a department "pilot" project to migrate 5,000 DOI users to Microsoft's platform had been underway for months. And according to the suit, by the end of August the DOI had sent out the RFQ stating that the department had settled on Microsoft's service.

In announcing that it had received FISMA certification, Google also told government agencies that it would segregate Gmail and Google Calendar data into their own US-only portion of Google's back-end infrastructure — a move that goes beyond FISMA. Google freely admitted that this doesn't necessarily mean added security, but clearly, it's struggling to compete with Microsoft in the government market and will go to extreme lengths to win contracts. That includes suing the US government. ®

Similar topics


Other stories you might like

  • Google has more reasons why it doesn't like antitrust law that affects Google
    It'll ruin Gmail, claims web ads giant

    Google has a fresh list of reasons why it opposes tech antitrust legislation making its way through Congress but, like others who've expressed discontent, the ad giant's complaints leave out mention of portions of the proposed law that address said gripes.

    The law bill in question is S.2992, the Senate version of the American Innovation and Choice Online Act (AICOA), which is closer than ever to getting votes in the House and Senate, which could see it advanced to President Biden's desk.

    AICOA prohibits tech companies above a certain size from favoring their own products and services over their competitors. It applies to businesses considered "critical trading partners," meaning the company controls access to a platform through which business users reach their customers. Google, Apple, Amazon, and Meta in one way or another seemingly fall under the scope of this US legislation. 

    Continue reading
  • Makers of ad blockers and browser privacy extensions fear the end is near
    Overhaul of Chrome add-ons set for January, Google says it's for all our own good

    Special report Seven months from now, assuming all goes as planned, Google Chrome will drop support for its legacy extension platform, known as Manifest v2 (Mv2). This is significant if you use a browser extension to, for instance, filter out certain kinds of content and safeguard your privacy.

    Google's Chrome Web Store is supposed to stop accepting Mv2 extension submissions sometime this month. As of January 2023, Chrome will stop running extensions created using Mv2, with limited exceptions for enterprise versions of Chrome operating under corporate policy. And by June 2023, even enterprise versions of Chrome will prevent Mv2 extensions from running.

    The anticipated result will be fewer extensions and less innovation, according to several extension developers.

    Continue reading
  • Azure issues not adequately fixed for months, complain bug hunters
    Redmond kicks off Patch Tuesday with a months-old flaw fix

    Updated Two security vendors – Orca Security and Tenable – have accused Microsoft of unnecessarily putting customers' data and cloud environments at risk by taking far too long to fix critical vulnerabilities in Azure.

    In a blog published today, Orca Security researcher Tzah Pahima claimed it took Microsoft several months to fully resolve a security flaw in Azure's Synapse Analytics that he discovered in January. 

    And in a separate blog published on Monday, Tenable CEO Amit Yoran called out Redmond for its lack of response to – and transparency around – two other vulnerabilities that could be exploited by anyone using Azure Synapse. 

    Continue reading

Biting the hand that feeds IT © 1998–2022