Google Fires Engineer For Spying On Users

Staffer accused of accessing four minors' private Gmail and GTalk accounts.

Mathew J. Schwartz, Contributor

September 15, 2010

3 Min Read
InformationWeek logo in a gray background | InformationWeek

Google on Tuesday said that it had fired an engineer for breaking the company's internal privacy policies.

The company's statement did not contradict a report published earlier that day by Gawker that David Barksdale, a 27-year-old former engineer at Google and part of an elite technical group at Google, had been dismissed for using his position "to access users' accounts, violating the privacy of at least four minors during his employment."

In the statement, Bill Coughran, senior VP of engineering for Google, confirmed Barksdale's dismissal "for breaking Google's strict internal privacy policies."

Gawker reported that Barksdale used his access credentials to spy on people's private Gmail and GTalk accounts, as well as contact lists and transcripts of chats, and that the victims of his spying included four minors. Furthermore, while his actions reportedly did not extend to sexual harassment, there was at least one incident involving taunting.

According to Gawker, "in an incident this spring involving a 15-year-old boy who he'd befriended, Barksdale tapped into call logs from Google Voice, Google's Internet phone service, after the boy refused to tell him the name of his new girlfriend, according to our source. After accessing the kid's account to retrieve her name and phone number, Barksdale then taunted the boy and threatened to call her."

According to Techcrunch, a Google spokesperson on Tuesday also disclosed that a similar incident involving a privacy breach by a Google insider had occurred once before, but that it didn't involve a minor. The employee involved was dismissed.

In the wake of this privacy breach, Google's Coughran said that the company will be increasing its access control monitoring. "We carefully control the number of employees who have access to our systems, and we regularly upgrade our security controls -- for example, we are significantly increasing the amount of time we spend auditing our logs to ensure those controls are effective," he said. "That said, a limited number of people will always need to access these systems if we are to operate them properly -- which is why we take any breach so seriously."

When it comes to insiders abusing their access privileges, Google is far from alone. Earlier this year, for example, the government charged Bradley Manning with releasing to Wikileaks.org a video of a U.S. helicopter strike in Iraq that killed two Reuters employees and wounded two children.

As a result, the Defense Advanced Research Projects Agency (DARPA) recently launched a new program aimed at stopping insiders from abusing their access to sensitive Department of Defense computer networks.

Read more about:

20102010

About the Author

Mathew J. Schwartz

Contributor

Mathew Schwartz served as the InformationWeek information security reporter from 2010 until mid-2014.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights