ULG's Language Services Blog

Machine Translation Breach Highlights Risks Associated With Online Tools

The dangers of using free, online Machine Translation (MT) tools recently became a painful reality for Statoil, the Norwegian oil manufacturer.

Employees there found that internal memos and correspondences that had been translated via Translate.com could be accessed online by anyone with a quick Google search.

NRK reports that the data was translated and stored in the cloud, making it universally available. The news site goes on to say that passwords, code information and other sensitive data was leaked. According to NRK, Translate.com said Statoil translations were removed on Aug. 31.

However, when searching using Google, you can still find what look to be translated email messages related to Statoil. One appears to be a communication that informs an applicant they were not selected for a position at the company.

This massive breach highlights the fact that the risks far outweigh the benefits when it comes to using online translation portals.

Terms of Service

On Translate.com’s website, it states “Although we will use reasonable means to safeguard your information, we cannot and do not provide any guarantees regarding the effectiveness of the security we employ or our ability to prevent third parties, acting unlawfully, from obtaining information that you provide to us.”

Its legal page adds that users “should appreciate that all information submitted on the website might potentially be publicly accessible.”

These warnings are buried in Translate.com’s terms of service, and it’s unlikely everyone reads them before using the site for a quick translation. Users run the risk of exposing personal information every time they use free online translation tools, including Google Translate.


Data Protection Law

The relationship between MT security and data protection law gets murky, too. In particular, the upcoming General Data Protection Regulation (GDPR) comes to mind.

Translate.com does state that users grant the site “license to copy, display, upload, perform, distribute, store, modify and otherwise use…” data after it’s input into the site’s system. But does that explanation adequately address the GDPR’s requirement that companies explain to users what information they’re processing and why? It seems unclear.

Ambiguous language shrouded in legalese and contractual jargon has made it hard to know how and when it’s viable to use online translation tools.

High Risk, Low Quality

As eye-opening as the Translate.com breach is, it shouldn’t come as a surprise. Whenever you hand over your data online there’s always a chance it could be breached. Anyone who has used Translate.com should check to see if their information is safe. 

In the meantime, those in need of translation services should realize the benefits that come from professional, secure MT.