Google Engineer Fired for Accessing Data of Minors



While this may not be a marketing story in the strictest sense, it is very much so because marketing has always been about data. Data collection followed by analysis followed by strategies based on that data then eventually marketing campaigns to do what we all are trying to do: sell something.

As a result we have more data that can be accessed by more people than ever before which means there is a better chance than ever before in history for data to fall into the wrong hands.

Maybe Eric Schmidt made such a fuss about nothing being private anymore because he was aware that even on the Internet’s hallowed ground of the Googleplex that data would fall into the wrong hands.

It happened for a second (known) time as reported by Gawker.

We entrust Google with our most private communications because we assume the company takes every precaution to safeguard our data. It doesn’t. A Google engineer spied on four underage teens for months before the company was notified of the abuses.

David Barksdale, a 27-year-old former Google engineer, repeatedly took advantage of his position as a member of an elite technical group at the company to access users’ accounts, violating the privacy of at least four minors during his employment, we’ve learned. Barksdale met the kids through a technology group in the Seattle area while working as a Site Reliability Engineer at Google’s Kirkland, Wash. office. He was fired in July 2010 after his actions were reported to the company.

The assumption that data is cared for, looked after and protected by ANY company is fantasyland thinking really. People try to be good for the most part but if the news is full of those who don’t want to play by the rules then that will be present in places like Google, Facebook etc.

Heck, some of the biggest and most influential companies in the world (Microsoft and Facebook come to mind immediately) have as part of their legend the basis that the original ideas for their success were stolen. We like to forget these things but that is precisely why our data is always at risk.

People, for the most part, don’t think anything will happen to them. Statistically it is unlikely but that risk increases each day as we learn more about people like a few Google engineers who, while smart people, are social miscreants or deviants and have a virtual playground with which to experiment. It’s just the way it is.

The Gawker article speaks to this cavalier approach that is taken to data. It’s not about people really, it’s about power over people.

It seems part of the reason Barksdale snooped through the teens’ Gmail and Gtalk accounts was to show off the power he had as a member of a group with broad access to company data. A self-described “hacker,” Barksdale seemed to get a kick out of flaunting his position at Google, which was the case when, with a friend’s consent, he pulled up the person’s email account, contact list, chat transcripts, Google Voice call logs—even a list of other Gmail addresses that the friend had registered but didn’t think were linked to their main account—within seconds. The friend wasn’t concerned; Barksdale seemed to him to be a “silly,” good-natured nerd.

Trust me, this is not a call for privacy groups and advocates to try to tighten the screws so hard that we can’t make any progress. It is, however, a call to be cautious and to expect bad things to happen online. For every “good-natured nerd” out there there is someone on the other end of that spectrum that wants to hurt and destroy. We just have to be very aware of this new world reality, that’s all. Putting our head in the sand will only expose our collective butts to getting kicked by digital deviants.

Oh and Google’s response? Read the Gawker article for some of the less official responses by Barksdale’s superiors but the official Google take as a result of this story is

“We dismissed David Barksdale for breaking Google’s strict internal privacy policies. We carefully control the number of employees who have access to our systems, and we regularly upgrade our security controls–for example, we are significantly increasing the amount of time we spend auditing our logs to ensure those controls are effective. That said, a limited number of people will always need to access these systems if we are to operate them properly–which is why we take any breach so seriously.”

— Bill Coughran, Senior Vice President, Engineering, Google

Strict policies or not this is only the beginning because what Barksdale was able to do is not something he discovered first. If you think that then you probably do believe that your data is safe online and that Santa Claus is just a few short months away from dropping by your place for cookies and milk.