Norwegian energy company Statoil is finding out that even “free” translation services have their price. It seems employees at Statoil had gone to the popular Translate.com website which offers a free machine translation service powered by Microsoft Translator.
Because Translate has a memorable url, it attracts well over 500,000 unique visitors a month. However, thousands, if not hundreds of thousands, of these unsuspecting users of Translate’s free machine translation service have had their confidential data exposed on the internet. Statoil and other companies found this out the hard way when fellow Norwegian website Tekna reported that it had found public Google searches revealing private company passwords, code info, dismissals, and workforce reduction plans that had originally been entered into Translate’s free service tool.
How This Happens
Tekna, the website of the Norwegian Society of Graduate Technical and Scientific Professionals, reports that Translate’s cloud storage of its website data is where this privacy breach occurred. Using Translate’s free tool causes private translated info to pass into the online cloud data storage that becomes easily accessible by Google’s search tool. Once Google indexes this private data, it becomes easily available online to anyone who types in a matching or relevant keyword search on Google’s lookup tool.
It was reported soon after Tekna’s warning went out last month that Translate.com fixed its website and got in touch with Google to delete a large number of indexed pages containing highly sensitive data from companies in the U.S., Europe and around the world. Translation industry news portal Slator reported “an astonishing variety of sensitive information that is freely accessible, ranging from a physician’s email exchange with a global pharmaceutical company on tax matters, late payment notices, a staff performance report of a global investment bank, and termination letters.” Full names, emails, phone numbers, and other private data were publicly visible. Slator called it “a massive privacy breach.”
For its part, Translation.com has responded to news of this security flaw by stating that it has taken measures to change how it stores data. However, Translation.com cautions all visitors to read its terms of service which clearly stated that their free translations were not guaranteed privacy.
For the record, Translation.com stated in SC Magazine UK that those visitor seeking such guarantees should opt for its paid service.
“If a client wishes quality and privacy, we recommend they use our subscription based, commercial grade Enterprise solution. Enterprise submissions are password protected. The translations are saved, and available only to our clients by signing in to their account.
At USA Translations, company policy forbids any of our staff or associates to use free translation tools during the conduct of our client projects. Our global staff works with over 100 languages and includes many native speakers with advanced technical degrees and professional certifications in the fields of law, medicine, travel,
and advertising.