Google guy "invaded teen users' privacy": David Barksdale

By Richi Jennings. September 15, 2010.

It's alleged that a Google employee, David Barksdale, has been discovered snooping on the data of underage Google users. This supposed invasion of minors' privacy was apparently what got him fired. It also resurrects the debate about trusting cloud computing with so much of our personal and corporate data. In IT Blogwatch, bloggers weigh up the pros and cons.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention Nintendo Papercraft...


Adrian Chen and Sergio Hernandez allege an allegation:

David Barksdale, a 27-year-old former Google engineer, repeatedly took advantage of his position ... to access users' accounts, violating the privacy of at least four minors. ... [He] met the kids through a technology group in the Seattle area. ... Barksdale exhibited a ... pattern of aggressively violating others' privacy.


Barksdale's harassment did not appear to be sexual in nature, although ... [he] demonstrated extraordinarily questionable judgment. ... It seems part of the reason ... was to show off the power he had. ... A self-described "hacker," Barksdale seemed to get a kick out of flaunting his position. ... The parents of the teens whose Google accounts were violated by Barksdale were hardly amused, however.

Cade Metz addz:

Though Google says it's committed to protecting the epic amounts of user data stored on its systems, the concern has long been the data would be compromised by a hack or by a rogue internal employee.

Jason Kincaid got hold of a Google spokesgeek:

Google ... doesn’t deny anything Gawker reported: “We dismissed David Barksdale for breaking Google’s strict internal privacy policies. ... We are significantly increasing the amount of time we spend auditing our logs to ensure [our] controls are effective. ... A limited number of people will always need to access these systems if we are to operate them properly.”


We’ve asked Google for more information as to how many times such breaches have occurred in the past. ... A Google spokesperson says that a similar security breach has happened once before. ... The previous incident didn’t have any minors involved.

But Jon Worrel wonders if there's an iceberg under this tip:

Investigators remain skeptical as to whether or not Google has truthfully only experienced two such cases in the company's 12-year history.


The incident repeatedly serves as a reminder of how ... the company's stringent internal security policies may not be enough to prevent server-side privacy breaches from exploitative employees.

So Dissent Doe feels like she's blogging a dead horse:

As someone who has repeatedly — nay, ad nauseum — encouraged entities to get ahead of the story and to voluntarily disclose breaches, I think Google made a tremendous error in not disclosing the problem on its own initiative.


Having it leak out this way does not engender trust.

Riding up on his Harley, Lauren Weinstein has this apologia:

Google is not the first Internet firm to be faced with such a situation. Nor should cases of individual rogue employees be used to spew forth accusations of Google being evil, not caring about user privacy, or some of the other unfounded claims I'm already seeing popping up.


Given the possibilities of litigation related to the current case, it is perhaps understandable that Google has ... not been volunteering many specific details. ... [It's] certainly disconcerting, but no system is 100% secure. ... By definition, cloud computing resources are not under our individual direct control. ... As far as I'm concerned, transparency wins.

Meanwhile, Helen A.S. Popkin is always going "blah blah blah" about online privacy:

Privacy complaints about Google and ... Facebook are so common now, it's starting to feel like a "dog bites man" sort of story. ... The problem is with people, and until Skynet, there's no getting past that reality.

And Finally...

Nintendo Papercraft [hat tip: Benj Edwards]

Don't miss out on IT Blogwatch:

Richi Jennings, your humble blogwatcher
  Richi Jennings is an independent analyst/consultant, specializing in blogging, email, and security. A cross-functional IT geek since 1985, you can follow him as @richi on Twitter, pretend to be richij's friend on Facebook, or just use good old email:

You can also read Richi's full profile and disclosure of his industry affiliations.

Copyright © 2010 IDG Communications, Inc.

Shop Tech Products at Amazon