Google Engineer Spied On Teen Users

bonch writes "Former Google employee David Barksdale accessed user accounts to spy on call logs, chat transcripts, contact lists. As a Site Reliability Engineer, Barksdale had access to the company's most sensitive information and even unblocked himself from a teen's buddy list. He met the minors through a Seattle technology group. Angry parents cut off contact with him and complained to Google, who quietly fired him."

Always a concern

[Pojut]

You never know who is watching or listening in. People don't realize that every single thing they do online can, at some point along the pipe, be potentially seen by someone.

Duh

[ebonum]

Young single male admins at companies like Google and Yahoo are golden contacts. If you are looking to research something, they can help. For a price.

Re:Not just online

[piffey]

Not just line men. We used to do that all the time as kids, just cause we figured out we could.

Re:Do No Evil

[xouumalperxe]

And the quietly letting him go rather than warning others about this persons actions is ... whose policy?

I expect that quietly means "no media coverage". I guess that, internally, word spread pretty quickly why he was being let go.

Re:Always a concern

[sjs132]

An old friend of mine used to work for a high clearance group out in Colorado someplace. This is going back to 1995'sh... He has since gone silent (No contacts) , but I remember one conversation that we had had where he warned:

"If you want it to be a secret you better keep it in your head. Don't write it down, don't email it, don't call on the phone... Because if they want, they can know." (Paraphrased from so long ago...) But you get the point.

It was true then and even more so now. Who are "They"? Well, that's the problem... in 1995 I presumed it was the Federal Government that could disseminate the information to state/local. And under Homeland Security we do have "FUSION CENTERS" so you know that happens. But also it seems corporations of large magnitude can fall into it. If it is for "research, Statistics & Administration" then big whoop, but obviously it is a big temptation for people to abuse it once they are on the "inside."

Case in point would be Crystal Bowersox. She had her privacy violated multiple times in Ohio. Probably by people paid to dig up dirt for tabloids or something, but just like Google, Creepy.

http://www.dispatchpolitics.com/live/content/local_news/stories/2010/09/09/copy/ohio-apologized-to-idol-star-for-illegal-snooping.html?adsec=politics&sid=101 [dispatchpolitics.com]

http://content.usatoday.com/communities/idolchatter/post/2010/09/crystal-bowersoxs-privacy-breached-by-ohio-officials/1 [usatoday.com]

http://marquee.blogs.cnn.com/2010/09/09/ohio-apologizes-to-crystal-bowersox-for-security-breach/ [cnn.com]

http://www.google.com/hostednews/ap/article/ALeqM5i_29YKZdSnooBzedGCwrNGaqfyDgD9I4IR7G1 [google.com]

http://au.eonline.com/uberblog/b199540_why_were_cops_snooping_on_idols_crystal.html [eonline.com]

 

That's why ...

[Anonymous Coward]

...any sane person should be skeptical about moving everything to the fucking Cloud.

Surprise!

[nomad-9]

Hardly surprising, since Google CEO Eric Schmidt's notorious "if you want privacy, you have something to hide" remark.

The problem with this guy power-tripping on some kids, was not that he didn't give importance to people's privacy - which is apparently along the lines of the company's general mindset - but that he got caught for being stupid.

Re:More than enough reason for no business

[Runaway1956]

Hell, I'm not even an admin worthy of the position - and I can do as you say. Crap - some ditzy female was playing one of the kids for a fool - I knew she was a worthless tramp, but you don't just tell your kids that, because they will HATE YOU FOREVER for interfering in their personal love lives. Well - she used a computer at my house to read some personal emails and such stuff. Dad just forwarded all the dirt, complete with account passwords, to the son via a "proxy". The female disappeared from the son's life faster than pizza on football night. No, I don't condone spying on people - but bitches don't count, LOL

Re:Did Google do enough?

[cervo]

They might. A lot of companies have huge disclaimers on all their systems. Something about people unauthorized to use a system or using it in excess of their authority will be prosecuted. They also typically include a blurp about information being intended for you as well....Also typically some type of consent to being monitored.

I would think that it is similar to an EULA and maybe could be enforced. Also most companies have an acceptable use policy and people who violate it can be subject to civil penalties as well as disciplinary action.

Also a lot of companies sue you if you say something the slightest bit bad about them. This guy just shit on Google's reputation, that probably will cause some economic damage (no matter how small....since most people won't care, but I would bet at least one person might be put off from trying Google for that violation). I would think a civil suit could proceed on that merit....

But now the guy is popular in the news and has probably just lost any chance of being hired by any big company in this day of web searching potential employees... Unless Google changes their ranking algorithm to bury this case....

iso certification

[StripedCow]

Isn't there some ISO 9000 rule (or other standard) that says that admins cannot look at user data? And why isn't google adhering to this standard?

Re:Happens on every website.

[buck-yar]

Many people have gotten fines from evidence collected on google earth. Specifically swimming pools that don't meet zoning, that would not be visible from public view (only satellite or airplane).

http://www.switched.com/2010/08/02/long-island-town-uses-google-earth-to-find-rogue-swimming-pools/ [switched.com]

Re:This just in!

[Dhalka226]

And what company do you think exists where nobody has access to this sort of information?

If your logic is "anything than[sic] can happen, will happen" then it is happening everywhere. You're out of luck.

Re:Do No Evil

[ultranova]

Not to mention, the people he spied on weren't threatened with Hell if they ever spoke of it.

Google screwed up

[Coward Anonymous]

Evidently, Google does not have a process controlling the access of user accounts by employees of the company. Google needs to stop ignoring the fact that it is dealing with increasingly more private information on individuals and that like other organizations with such information (think banks) it needs to develop a full fledged process (with well defined protocols, auditing, etc.) to ensure that any access to a user's private information is authorized and accounted for.
Google wants to think of itself as a technology company where process is a hindrance. Google is too big to continue thinking and acting like that.
I'm guessing Google will not deal with this particular problem until it gets sued.

Re:Do No Evil

[epine]

Stupid or bad people sometimes get into positions of responsibility.

Speaking of which, Newt recently cleared the bar at 18 feet, elevating "Luo tribesman" into the neo-conservative N-word lexicon in a single bound.

These people hate Michael Moore with a passion, so why do they expend so much energy making him sound like an intelligent man? As Mr Moore pointed out, it is obvious to anyone who has ever cracked open an American history book, American was founded on the sentiment of anti-colonialism (only when done by the British--it's increasingly OK when we do it).

The other thread of American history which comes to mind is the Salem witch hunts. One forgets how deep certain threads in American history run.

There's plenty of abuse of children far more severe than reported in this story. He's a man among millions if you include drunken frat boys, men of the cloth, and morally destitute fathers. There seems to be this weird pseudo-Christian ideology in America that one witch in a fire purifies society of a million nervous glances of suspicious-looking old hags.

It's the adult version of "who farted?" Reminds me of the book Everything I need to know I learned in kindergarten. (Obviously written by a guy without much ambition in the knowing dept.)

Here's how I first learned that I'm a geek at heart. In my introduction to how the fart game was played it turned that *I* farted without having realized it prior to lightening-fire social deliberations. I sensed immediately that there was another kind of logic to the lifeforms around me. Stupid me, I decided that adulthood was the process of growing out of this behaviour, not growing into it.

Re:More than enough reason for no business

[Altrag]

And yet here I see you on Slashdot. As an unsubscribed plain old user, I can find:
- Your last few comments
- The last few stories you've submitted
- Your Slashdot friends / fans / foes
- Their comments / stories / etc

I'm not trying very hard, and I'm certainly not a data miner, but I'd guess even that amount of data would be enough to put something together about you -- at least a vague sense of your interests and disinterests. And how much more information would the Slashdot admins have about you? All they have to do is miss a single creep in their hiring process and all of that information is free reign. It might not be as sensitive as your emails, but its still an invasion of your privacy. And the chances for creeps to slip through the cracks grows with the size of your company (I'd imagine sub-linearly as screening procedures typically would get better as the company grows, but its still not a DECREASING chance).