A leaked internal report has revealed that between 2018 and 2020, Google fired 80 employees for abusing the company’s tools, including obtaining user data.
Google’s main business is based on personalized advertising; And to offer the most attractive, you need as much data as possible from your users. From the beginning, Google has championed this scheme to offer products that would otherwise be paid. However, there is always the question of what would happen if someone had access to such a large amount of personal information.
According to an internal Google document obtained by Motherboard , the company constantly faces this problem, with dozens of employees accessing private data each year. In 2020 alone, Google laid off no less than 36 employees for security-related problems, and 86% of these cases involved the handling of sensitive information.
In some cases, employees tried to steal or leak information from third parties, taking advantage of their position within Google to obtain private data. Others include the misuse of Google’s internal systems to obtain data from specific users , including those of other company employees; There have also been cases of employees who have helped third parties to obtain this data, or who have even modified or deleted it.
A person with access to Google user data would be able, among other things, to see private information related to their daily life, including location, a piece of information that many Android users unknowingly provide . This has resulted in troubling cases in the past, such as in 2010, when Google fired an engineer for accessing the data of four minors, including calls from a 15-year-old boy.
Google has responded to the leak by downplaying the espionage cases, stating that the number of breaches is “consistently low”, and that the majority refer to access to corporate information; To protect user data, it claims to have several safeguards, such as limiting data access to only a few individuals, requiring valid justification, or multi-stage approval to access sensitive data.
The company has not explained provided specific information about the leaked cases; For example, how is it possible that, with so many protections, dozens of people have obtained data in 2020 alone.