Yesterday a story broke that Google fired an employee for using his position within the company to gain access to private information.

[] tapped into call logs from Google Voice [] accessed contact lists and chat transcripts [] unblocked himself from a Gtalk buddy list []

The fired employee, David Barksdale (27), was a Site Reliability Engineer. SREs have almost complete access to Googles most sensitive user data as they have to be able to troubleshoot problems with the core software that stores this personal information and functions with it.

SREs can access this information on-site or from remote locations. Apart from standard machine logging of when what was accessed for how long, ex-SREs say there is little or no oversight to ensure access is on a need-to-work basis instead of a want-to-know.

Google Knows ALL Of You

Google Knows all of you

What jumped out at my from the Gawker story though is confirmation of something we all suspected:

[] with a friend's consent, he pulled up the person's email account, contact list, chat transcripts, Google Voice call logs"even a list of other Gmail addresses that the friend had registered but didn't think were linked to their main account"within seconds.

* my emphasis

To me this is a huge one, a chunk of information you normally dont get that easily.

After AOL user search logs were leaked in 2006 we quickly learned that, yes, you can take this anonymous information, fold it back on itself and extract identifiable information from it.

In subsequent years we learned that most anonymous information can be de-anonymised.

But this is the first time we have confirmation that, yes, Google can combine information from its various databases in such a way that they know your main account, your fake accounts, your aliases, your

And if you think using Incognito Mode on your browser helps " think again.

See also:

Ruud Hein

My paid passion at Search Engine People sees me applying my passions and knowledge to a wide array of problems, ones I usually experience as challenges. People who know me know I love coffee.

Ruud Hein

You May Also Like

4 Responses to “Google Privacy Security Breach Accidently Discloses What Google Knows About You”

  1. Jon says:

    Given that the source of this is Gawker, they probably embellished quite a bit, and I think they were confusing Google Voice with Google Talk.

    • Ruud Hein says:

      @Jon Several news sources besides Gawker mention Google Voice. He accessed at least one Google Voice account to retrieve the telephone number of someone's girlfriend.

  2. Thos003 says:

    So many have always believed that google has this info and can access it, but does the company as a whole abuse the info? I do find it alarming that at Pubcon last year google showed the audience where they could see "all the data google stores on an individual." The call logs and cross account association was not mentioned. Did the presenter know he was lying or is he that naive? Or can we be sure that this new source is telling the truth?

    • Ruud Hein says:

      @Thos003 "Abuse the info" is open to interpretation. I think Google has no secret, malicious intents. At the same time I think Google's formally *proper* use of information it has may strike some people as misuse — even if, technically, it isn't. Cookie and IP aggregated information exposes more information about surfing and searching habits than people assume they're giving out.
      Meanwhile in our SEO/SEM industry, being aware that Google knows about your various accounts and sites may at times be valuable information — to both parties :)