Published in News

Google fires internal engineer for accessing private data

by on15 September 2010

google_logo_new

Elite technical member harasses minors, violates privacy

In the web economy of 2010, the amount of Google accessing personal data amounts to just over 180 million people per month. As the second most trusted brand in the United States in 2010 next to Walmart, Google has garnered the trust of hundreds of millions of users to safeguard personal data and to keep private communications under high-grade security mechanisms.

Earlier today, Gawker Media published an alarming report regarding an inside breach from company headquarters, where former 27-year old Google engineer David Barksdale allegedly used his internal clearances to access private Gmail data and Gtalk communication logs so that "he could spy on and harass people." Nevertheless, Barksdale's contraventions included violating the privacy of four minors during his employment, whom he met through a technology group in the Seattle area while working as a Site Reliability Engineer at Google's Kirkland, Washington office.

According to sources close to TechCrunch, one privacy breach involved a 15-year old boy who he had befriended. Barksdale tapped into call logs from Google Voice after the boy refused to state the name of his new girlfriend. After accessing the boy's account to retrieve her name and phone number, Barksdale taunted the boy and threatened to call her.

In other cases involving minors of both genders, Barksdale accessed Google account contact lists and chat transcripts, and in one case had even quoted from a girl's IM chatlog that he had accessed behind her back. According to Gawker, he had also unblocked himself from a Gtalk contact list even though the minor in question had taken steps to end communications with the Google engineer.

david_barksdale_google_engineer

David Barksdale, former Google engineer

Google has responded to press inquiries and has confirmed the security breach. Barksdale was fired in July 2010 after his clearance violations were reported to the company.

“We dismissed David Barksdale for breaking Google’s strict internal privacy policies. We carefully control the number of employees who have access to our systems, and we regularly upgrade our security controls–for example, we are significantly increasing the amount of time we spend auditing our logs to ensure those controls are effective. That said, a limited number of people will always need to access these systems if we are to operate them properly–which is why we take any breach so seriously.”

Bill Coughran, Senior Vice President, Engineering, Google

Sources close to the situation have concluded that Barksdale's interactions with Google account holders, including the minors in question, were not motivated by any sexual harassment or predatory behavior, but rather "just a lot of violating people's personal privacy," as one source explained.

Nevertheless, the incident repeatedly serves as a reminder of how sensitive data entrusted to Google under the company's stringent internal security policies may not be enough to prevent server-side privacy breaches from exploitative employees. Barksdale declined to speak with Gawker by phone, but he confirmed via email that he had been fired by Google. TechCrunch asked Google for more information as to how many times such breach incidences have occurred in the past. A Google spokesperson responded and said that a similar security violation has happened once before and that the employee was also dismissed.

Nevertheless, investigators remain skeptical as to whether or not Google has truthfully only experienced two such cases in the company's 12-year history. While the previous case did not have any minors involved, Barksdale tells Gawker that the media outlet "must have heard some pretty wild things if you think me getting fired is newsworthy."

Last modified on 15 September 2010
Rate this item
(0 votes)

Read more about: