In the last 3 years, Google has fired “dozens” of employees for abusing their access to confidential data hosted by the company, including those of the users themselves, according to an internal document leaked and echoed today by Motherboard.
The document provides concrete figures: 36 were dismissed in 2020 alone, 26 in 2019, and 18 in 2018. These figures – as we can see – are constantly growing, and make us wonder if this growth is due to an increasingly ‘curious’ workforce or to the improvement of internal detection systems. In any case, it would be interesting to have the partial figures for 2021.
In fact, 86% of all accusations against employees related to security issues included that of misuse of confidential information, in some cases apparently by accident (as extra training is cited as another of the measures taken against offenders), but in other cases, the dismissals would be linked to the transmission of such internal information to third parties.
As we have learned from Google sources, who have not denied the existence of the aforementioned internal document.
“The number of violations, whether deliberate or inadvertent, is consistently low. We are transparent in disclosing the number and outcome of our investigations to our employees.”
“With respect to user data, we strictly restrict employee access through a series of industry-leading safeguards.”
Such limitations include restricting the number of employees with such access, requiring justification for accessing such data, and a multi-stage review process before granting it, as well as monitoring for anomalous access.
Not just now, not just Google
But this problem is not something that is limited to recent years; Google has already experienced several high-profile cases, the worst of them 11 years ago, when engineer David Barksdale was fired for taking advantage of his position as a member of a technical group to access the accounts of four minors, consulting the Google Voice call logs, contact lists and chat transcripts of one of them, and self-deleting from the blocked contacts list of another minor.
Illegitimate access to data by employees of tech giants is far from new, but it is dangerous because the amount of data handled by a company like Google makes most of the industry pale in comparison.
However, similar cases in other Silicon Valley giants are equally alarming. And they will continue to occur as long as the power to access such information depends on human decisions.
A case in point is Facebook, owner of three of the greatest communication tools in human history: the eponymous social network, WhatsApp and Instagram.
In 2018, Motherboard echoed several cases of people fired for stalking ex-partners, collecting statements from people linked to the company who highlighted the freedom they enjoyed to access private data from users’ accounts.
In addition, the book “An Ugly Truth: Inside Facebook’s Battle for Domination”, recently published by two New York Times journalists, reports that Facebook fired 52 people between 2014 and mid-2015 for accessing user data for purely personal reasons (such as tracking the location of a partner after an argument).