57 comments

[ 3.5 ms ] story [ 150 ms ] thread
Spokesperson quoted in the article as saying that this mostly relates to corporate IP and things like that. No confirmation that any of the cases were related to stalking users or other misuse of user data. Cases like the dismissal of Margaret Mitchell would probably be counted among this number. Other probable examples would be if someone gets dismissed for leaking data about upcoming products.
Or maybe internal forum posts to magazines like Vice
10% (4) of last year's cases were in the "misuse of systems" not "confidential info" bucket.

But "misuse of systems" could be mining Bitcoin or whatever, I guess.

“Insider abuse is a problem across the tech industry”

Rarely do I think we need more laws and regulations, but that these are not disclosed to the public and impacted users as data breaches strikes me as terrifyingly unjust. When cops misuse power to do this they are criminally prosecuted. Seems appropriate.

> When cops misuse power to do this they are criminally prosecuted.

I don't disagree that this is completely unjust, but cops are also completely under-prosecuted for basically anything (in the US, at least).

And in most cases are in fact legally immune from any personal liability.
This is correct. Qualified immunity is something that not many people understand. Cops can say or do anything about you for as long as they want and you have no recourse.
colorado has ended it, has the feared wave of unfounded civilsuits appeared?
US isn’t really representative for a proper law enforcement regulation, just like it isn’t a good example of working health insurance. Or the judicial system.
There’s literally nothing in this article about user data, except innuendo. Every time they say user data it is at the end of “company secrets or user data”. They can construct the same misleading sentence out of “company secrets or the location of the holy grail” and it would be just as true.
My read is the leaked doc itself used this construction. If so, it's Google doing the obfuscating, not TFA.
I think it's impossible to understand without knowing more about the document whether it was obfuscation or just categorization. There are all kinds of legitimate reasons a document might not include a detailed breakdown of "employees fired for security violation".
This is why end-to-end encryption is so important. Only a matter of time before some employee dumps a database of highly sensitive chats, emails, etc on the internet. With e2ee that just wouldn’t matter as much.
why would anyone want to basically not only throw himself into the jail, but also lose $300k career? I guess juniors do not have access to prod dbs
Not all of these people would have been engineers, some may have been support people or account managers.
Why would someone shoot up a movie theater?

Humans do not always act in their rational self interest.

I've worked in infosec at a FAANG and large corporate environment, and the amount of eye watering stupidity I've seen from brand new employees is difficult to reconcile with the prevailing theories about the level of intelligence they hire. It's like they spawned into a whole new universe and don't have any understanding of what is expected of them.
I guess people would spy on those they know and the answer is curiosity.

Most people would think they won't get caught and there is probably a large number of unreported cases.

Uh, yeah, one of those project veritas stunts:

> Using Google's own internal search engine, Zach discovered their six-part plan for complete information dominance and released 950 pages of these documents to the world in June 2019 with an appearance with James O'Keefe on Project Veritas, which quickly became one of their most popular stories.

Of course he's into QAnon and thinks that Covid-19 was planned: https://www.vice.com/en/article/k7qqyn/an-ex-google-employee...

What a great source.

End-to-end encryption doesn't really matter when the insider has access to the keys.

Encryption doesn't really change the problem. It moves the problem from access control over the data to access control over the keys.

If the insider can have access to the keys it's not end-to-end encryption.
I think we have to be honest that the state of the art for end to end encryption doesn't work well yet for many types of usescases beyond 2 way communications.

How could you make an e2ee calendaring service? E2ee google sites like page with groups based access control? Realtime group collaborative editors?

Any one of these features is distinctive and novel enough that if you had something that worked even in a moderate scale you could turn it into a company.

Imagine working on your countries tax return backend and having access to a staging database that's just the prod database 1 year behind. That would be wild.

Wherever normal people have the access to gain an information advantage, they will.

In Sweden, Norway, Finland, the government leaks this info for like 30 Euro. You can know anyone's taxable income.
Just to be clear, "leak" isn't the correct verb to use here given that it's not "private" information. It's an official state-sponsored database and searches are non-anonymous (you find out the names of who has been searching you).
Surely you would expect a firm like that to have access logs, and scan them periodically? You'd be caught if you tried to look at stuff you weren't supposed to, without a doubt? Why would someone even try?
(comment deleted)
Even "super smart" people like Anthony Levandowski think they can outsmart fully managed company laptops and audit systems while bulk downloading/copying code and other IP to hand it over to another company.
I love that the evidence of data misuse is from "leaked" documents. Perfect.
I think leaking documents is very different than data misuse. Data misuse is harming to the individual, while leaking documents is harming to the company. As a matter of fact, leaking this document may even have positive effects in the long run on the behavior of the company.
The article specifically says that some portion of those terminated employees were caught sharing internal documents externally (leaking).
They both rely on the same mechanism though, just different impact and intent.
Vice figured out Larry Bri11iant now ?!?
Has anyone ever publicly talked about controls on user data access at Google? There’s several folks defending Google here, but employees’ goodwill above sont number of people who have access will almost necessarily fail at some point.
Why is this news? I’d expect in large organizations there to be occasional abuses, and it’s great that they’re caught and fired. To me it’d be newsworthy if they were not fired.
If your org handles user data and never fires anyone for abusing access to that data, it's probably only because you have no effective process to detect it.
Wait a second, I never hear about police officers being fired for abusing license plate/id lookups....
I don’t know how that’s relevant to Google and tech companies.

But a quick google reveals this AP story [1]:

“But the AP, through records requests to state agencies and big-city police departments, found law enforcement officers and employees who misused databases were fired, suspended or resigned more than 325 times between 2013 and 2015. They received reprimands, counseling or lesser discipline in more than 250 instances, the review found.”

[1] https://apnews.com/article/699236946e3140659fff8a2362e16f43

I would be more concerned if this wasn't the case.

Google is enormous with thousands of employees and a lot of data. There will always be an edge case where an idiot employee decides to do unethical things, looking at data they shouldn't.

If no one had been fired for this, I would presume that means Google either isn't paying attention to who looks at what, or that they aren't firing people when they find out they've done this.

I'm still concerned because once you have data, humans will be humans and chances are that those which really thought that through were not caught.

That's why I practice data avoidance and data economy.

Agree with your point.

It reminds me though, that are some industries that frankly know more about you than they should (e.g., mortgage loans). I don't think the politicians have found the right balance of not creating another housing crisis, and requiring your neighbor to know virtually everything about you just to get the keys.

Yes, but... should employees be able to access data that they'd get fired for accessing to begin with?
It's yet another indication that what they're doing is fundamentally a terrible idea and should be outlawed.

Another is that private companies holding massive databases of info about everyone is barely better than the government doing the same, if you're more worried about government abuse than private abuse of data. Many companies can and do sell access to governments, and of course warrants & other orders exist.

(yes, this also applies to the "credit bureaus", banks, and all sorts of other companies that hoard and sell all kinds of creepy stalker data about people)

Maybe Google's data trove is blackmail-profitable?

If someone evil working for Google looks at a millionaire's private data, will they be able to blackmail them for more money than what they lose if Google fires and potentially sues them?

I'd be really interested in the answer, because if it is yes, then Google is surely collecting way too much information and it is actually somewhat reasonable for people to "game the system" and take advantage of it. Of course, I fully agree that it is illegal and unethical, but so are shoplifting and robbing people at gunpoint, and both of it sadly still happens quite regularly.

Also, I remember a while ago reading about some sort of professional insurance and broker that celebrities use to pay off what is effectively journalists attempting to blackmail them.

"Schmidt has a reputation for contacting celebrities in advance of trying to publicly sell private photos or videos to see if they want to purchase them back."

https://www.dailymail.co.uk/tvshowbiz/article-471218/Sultan-...

https://www.businessinsider.com/10-victims-of-celebrity-blac...

> I'd be really interested in the answer, because if it is yes, then Google is surely collecting way too much information

An example from the article has an employee listening to children's voicemail. Google operates a voicemail service. It is not clear to me how you would operate a voicemail service without storing that data somewhere. (Yes e2e encryption, however let's acknowledge that is very uncommon).

Google operates a number of services (docs, Gmail, photos, etc) that require the storage of sensitive data and I am actually happy they have programs that seem to be catching internal abuses.

Governments and corporations that have access to private and/or protected information have dealt with this problem for decades. I would be surprised had Google not years ago established policies to deal with misuse or improper/illegal access to information.

Information systems are very open to snooping by programmers and tech staff, however. Ultimately some (usually small) group of employees must be trusted more (but never completely) b/c they have access to the network, programming or databases. Audit trails, logs, encryption and yes, "internal affairs departments" all play a role in maintaining a secure system so that even the god-like programmers must be careful not to overreach.

I've never heard of a reference to "Google IAD" but I certainly hope one exists.

This is a problem for any product that stores and retrieves user data. It is not just a Google problem. It is not just a 'devs shouldn't have db access' problem.

If you're working on a system that doesn't have data usage policy, one where there is no auditing or monitoring mechanism and no visible enforcement being done against abusers you don't deserve your customers trust because you're not protecting their privacy.

There are dozens of us... DOZENS
As a Google employee I would expect very few cases of unauthorized user data access. There are lot of security checks around access to user data. I would guess that almost nobody has raw untracked access to sensitive data. Some engineers may have direct access to storage layer, but wouldn't be able to read the data because it is encrypted. Some others could read the data, but can't do it without all of their operations being logged and potentially audited.