Google is strengthening privacy warnings in its Calendar application, amid concerns that users are disclosing more information than they mean to.
The web-based calendar, launched last year, allows users to store event information, contacts and other data. The information is kept online by Google and can be accessed via the internet from anywhere. Users are given the choice of making calendar entries private (the default choice) or allowing public searches of the information.
"The idea is to give users an easy tool for discovering and sharing event information with others," said Greg Badros, engineering director at Google. "We wanted to make it as easy as possible to make a calendar public."
The service is currently used by millions of users worldwide, a company spokeswoman said.
The problem, however, is that people are storing information on Google Calendar that they might not have intended to share with others.
For instance, when PCAdvisor.co.uk sister site Computerworld conducted a quick search for private data using Google Calendar's public search feature on Thursday, the feature returned several usernames and passwords for accessing sites and email accounts. Included in the data were at least one username and password to a bank account, another to a shop credit-card account, and one to a private wedding blog.
The information yielded by such searches is not restricted to personal data. Even a few corporate calendars can be found on Google Calendar, with meeting dates, project codenames and dial-in information for internal conferences.
"By default, information users enter into Google Calendar is marked as private. Such information gets shared only if the users explicitly allow the information to be shared," Badros said.
But a user might disable those defaults and later forget that he or she has done so. Google's aim is to give users a more visible and persistent warning that information stored on Calendar is accessible to anyone if the default privacy settings are disabled by the user.
Badros would not say when Google hopes to make the warnings on Calendar more explicit. "We are working on improving the messaging," he said. "There must be a persistent reminder that the Calendar is public such that other people can find them," he said. "To me the biggest weakness is that we did not make people as aware of that as they could have been.
"We do a great job of telling people as they change settings that they are making the settings public. For example, when a user enables settings to make a calendar public, the entire screen goes grey and the user cannot take further action without first acknowledging that he or she is aware of the change that is being made."
Badros said sometimes people go deep into a setting and then later forget the changes they made. As a result it is worthwhile to make the admonitions more visible and persistent. Google cannot totally prevent users "from shooting themselves in the foot around this", he said, but better warnings should alleviate some of the problems.