We're looking at adding charts to our webapp. I recommended using a 3rd-party service such as Google Charts; this idea was rejected over fears about client data being passed to Google.
Google's Privacy Policy (which appears to apply to Charts) seems to preclude the abuse of our data, since it states that they require opt-in to share it with anyone. Still, I'm not sure of this.
Is there a legitimate concern here with respect to privacy/security of the data we send to Google?
Is your web app to be used only by your company or also by your company's clients? If there are clients involved, then that would be a strong reason not to use Google Charts. After all, you can't take the decision to send your client's their data to Google, no matter what Google's Privacy Policy states.
My company has the same concerns, here are a couple of things that came up in the discussion:
Google has a good track record thus far in not unilaterally exposing customer data (unlike say, Facebook). Chances are they would not expose your data.
If you're really concerned about the exposure of data, you could always send the Google Charts API erroneous column and row data names, then rename the data to their correct names on the client side. So you could have columns Dept A, Dept B, Dept C, but you could send it to Google as X, Y, Z. That way, even if someone did see your data they'd have to spend a bunch of time making sense of it.
Use a client side library such as Flot (code.google.com/p/flot/). We'll probably use this option since we have some government customers who don't have access to the outside internet.
