Google has ousted dozens of employees over misuse of internal data, but the company is insisting it carefully limits access to user data.
The insider threat of employees and researchers misusing tech companies’ systems and data for their personal interests is not a challenge unique to Google, but a problem spanning other industries from home security to social media.
According to Vice, Google has fired dozens of employees since 2018 for security-related issues, including abusing access to the company’s data and tools. The company reportedly terminated 36 employees in 2020 alone, including for the mishandling of confidential information that may mean the transfer of internal-only information to external actors.
Google told The Washington Times that the instances referenced by Vice mostly related to the misuse of Google’s “corporate information” or intellectual property.
“Regarding user data, we tightly restrict employee access through a number of industry-leading safeguards, including: limiting access to user data to necessary individuals, requiring a justification to access such data, multi-stage review before access is granted to sensitive data, and monitoring for access anomalies and violations,” said a Google spokesperson in a statement. “The number of violations, whether deliberate or inadvertent, is consistently low.”
Other companies collecting personal information are dealing with similar problems, as those companies’ tools and data are valuable to criminals, stalkers, and governments around the world, alongside advertisers and reputable businesses.
In June, an ADT home security technician was sentenced to little more than four years in prison after snooping on customers’ video feeds. The technician secretly accessed approximately 200 customer accounts more than 9,600 times without the users’ consent, according to the Justice Department.
Some data is of use to authoritarian regimes hunting down dissenters. For example, the federal government has accused two former Twitter employees, Ahmad Abouammo and Ali Alzabarah, of accessing nonpublic information at Twitter and sharing it with the government of Saudi Arabia.
Google, for its part, indicated that it takes all allegations seriously and is proactive about threats to users’ data.
“Every employee gets training annually, we investigate all allegations, and violations result in corrective action up to and including termination,” said the Google spokesperson. “We are transparent in publicizing the number and outcome of our investigations to our employees and have strict processes in place to secure our customer and user data from any internal or external threats.”