I would hope not, but in fact there seems to be no effective mechanism in place to keep in check a not insignificant number of Google engineers who have full access to everyone’s gMail contents and other private information. And, there is always David Barksdale.
David Barksdale was one such engineer. He fell in with a group of teenagers via a technology group, and used his powers to access pretty much anything he wanted to taunt and play with them like some kind of eight grade bully might taunt and play with “The Sevvies.” Although there is a certain sexual overtone to what Barksdale did on occasion, this does not appear to be a case of sexual predation. Creepy, strange, and utterly out of line, yes.
Even more disturbing is the outcome of the case. Barksdale was quietly dismissed by Google. Do we actually live in a world where major corporations can promise a certain degree of privacy, but when they violate that privacy, there is no legal ramifications whatsoever? Do we actually live in a world where a major “too big to fail” company like Google gets the same pass as, say, the Catholic Church, when one of their own does something like this? Here is Google’s statement after the fact:
“We dismissed David Barksdale for breaking Google’s strict internal privacy policies. We carefully control the number of employees who have access to our systems, and we regularly upgrade our security controls-for example, we are significantly increasing the amount of time we spend auditing our logs to ensure those controls are effective. That said, a limited number of people will always need to access these systems if we are to operate them properly-which is why we take any breach so seriously.”
Sorry Google, we are not impressed. We’d like to see an independent investigation, possible prosecution, and who knows, maybe some new laws and regulations.
Because, you know, the cockroach theory may apply here. If you can see one, there are a thousand more you can’t see.
This entire story is covered in gruesome detail at Gawker. I urge you to read it.
If the people I know who work at google are any example, google hires mostly good, responsible people.
And besides, google’s position is hardly unique in this regard. Any laws you apply to google need to apply to anyone who runs a mail server. If you’re really concerned about your privacy, get your pgp on.
There’s no reason a SRE (Site Reliability Engineer) needs to actually see the data. A customer service rep maybe. Not an engineer.
Personally I consider anything sent to a free mail service (gmail, hotmail etc) to be public knowledge.
I would love for Google to step up and develop a slick, easy to use encryption system for messaging. The average user isn’t capable of installing, using, and maintaining a system like GnuPG. The idea of new laws and regulations, however, scares me.
Congress would probably set unrealistic expectations on service providers making it difficult or impossible to roll out new systems without some horrific regulatory hurdle. Or they would set government standards for back door access to everyone’s information making it illegal to use a system that can’t be read by the FBI.
I also wonder how many people really want all of their messages to be secure. It’s been years since I sent any message using PGP of any kind. I know my messages can be read by admins, but just don’t care. (Can I even find my PGP private key? I’ll have to check…)
I still think it would be neat to have security integrated into Gmail in an easy to use fashion, but don’t really have a feel for how much demand there is for such a system.
A good first step would be to remind more people that they are still sending digital post cards. Then we would need to see what additional complexity they are willing to add to their messaging experience (such as maintaining key pairs) to gain more security.
@NoAstronomer
(Fixed that for ya.)
GMail has a pretty serious incompatibility with any sort of encryption. They have to read your mail (well their computers have to read it) to generate those more or less relevant ads which pay for the service.
They could easily incorporate digital signatures (which would be a very good thing), but actual encryption would break the business model.
A half-way approach would be for them to have access to your private key, but only use it for keyword/relevance scoring. This would be nice since it would make your email pretty much secure against third-party snooping, but it wouldn’t be any real barrier against google employees breaking the rules and reading your mail. Actually, I take that back a bit, access to the key repository could be monitored/audited pretty damn well… you’d still have to trust Google, but Google wouldn’t have to rely so much on trusting their employees.
All that said, there is no good reason that a live person at Google should routinely be accessing anyone’s email. Some system engineers / admins certainly need access privileges which would allow them to access emails, but they don’t have any reason to actually read any of the content (from their job POV, it is just data they have to be able to move around and manipulate.)
One final caveat… there are algorithm folks at Google who do need access to a corpus of email content. The relevance stuff and spam filtering both depend on using such a corpus in development. So again, Google’s business model has to include legal rights to access the contents of emails. But they should always be trying to do a better job making sure that access is not misused.
Yes.
Next stupid question?
There are further issues with who really owns the data stored on their servers systems anyway. And Google wants to provide me Cloud Apps – NOT!
This is true in my experience as well, but really beside the point. A good, responsible hire can easily become a bad apple, for any number of reasons. That’s just human nature. There should be some checks to make sure the ones that go bad are properly dealt with.