We entrust Google with our most private communications because we assume the company takes every precaution to safeguard our data. It doesn't. A Google engineer spied on four underage teens for months before the company was notified of the abuses.
David Barksdale, a 27-year-old former Google engineer, repeatedly took advantage of his position as a member of an elite technical group at the company to access users' accounts, violating the privacy of at least four minors during his employment, we've learned. Barksdale met the kids through a technology group in the Seattle area while working as a Site Reliability Engineer at Google's Kirkland, Wash. office. He was fired in July 2010 after his actions were reported to the company. [Update: Google has confirmed the security breach. An update appears below.]
It's unclear how widespread Barksdale's abuses were, but in at least four cases, Barksdale spied on minors' Google accounts without their consent, according to a source close to the incidents. In an incident this spring involving a 15-year-old boy who he'd befriended, Barksdale tapped into call logs from Google Voice, Google's Internet phone service, after the boy refused to tell him the name of his new girlfriend, according to our source. After accessing the kid's account to retrieve her name and phone number, Barksdale then taunted the boy and threatened to call her.
In other cases involving teens of both sexes, Barksdale exhibited a similar pattern of aggressively violating others' privacy, according to our source. He accessed contact lists and chat transcripts, and in one case quoted from an IM that he'd looked up behind the person's back. (He later apologized to one for retrieving the information without her knowledge.) In another incident, Barksdale unblocked himself from a Gtalk buddy list even though the teen in question had taken steps to cut communications with the Google engineer.
What motivated Barksdale to snoop on these teens is not entirely clear. Our source said Barksdale's harassment did not appear to be sexual in nature, although his online communication with the minors (such as inviting underage kids to go to the movies with him) demonstrated extraordinarily questionable judgment on Barksdale's part. "My gut read on the situation was that there wasn't any strong sexual predatory behavior, just a lot of violating people's personal privacy," our source explained.
Barksdale declined to speak with us by phone. Via email, however, he confirmed that he'd been fired by Google, although he refused to elaborate on the circumstances behind his departure or the specific allegations made against him. "You must have heard some pretty wild things if you think me getting fired is newsworthy," he responded by email.
It seems part of the reason Barksdale snooped through the teens' Gmail and Gtalk accounts was to show off the power he had as a member of a group with broad access to company data. A self-described "hacker," Barksdale seemed to get a kick out of flaunting his position at Google, which was the case when, with a friend's consent, he pulled up the person's email account, contact list, chat transcripts, Google Voice call logs—even a list of other Gmail addresses that the friend had registered but didn't think were linked to their main account—within seconds. The friend wasn't concerned; Barksdale seemed to him to be a "silly," good-natured nerd.
The parents of the teens whose Google accounts were violated by Barksdale were hardly amused, however. Several attempted to cut off Barksdale's access to their children and withdrew them from the technology group where they'd first encountered the Google engineer. (Barksdale was kicked out of the group after his abuses came to light.) In July, officials at Google were notified of Barksdale's actions. We've obtained an email exchange between one person who complained about Barksdale to Google and Eric Grosse, an Engineer Director in Google's security group at the company's Mountain View, Calif. headquarters. Grosse quickly responded to the complaint with a curt email: "Thank you very much for reporting; we'll investigate quietly and get back to you if we need anything more."
If Google was already aware of Barksdale's privacy violations, Grosse didn't mention it. But while Google seemed initially helpful and friendly when dealing with those who'd notified Google of his conduct, they became increasingly tight-lipped as company officials realized the seriousness of the problem.
Later, when asked if Google had taken steps to deal with Barksdale, Grosse would only say, "I am personally satisfied that we've taken decisive steps to limit any additional risk." When emailed again several weeks later about whether Barksdale was still employed by Google, or if the company had determined the extent of his privacy violations, Grosse refused to get into any specifics: "Google has taken the appropriate actions, I can't say more."
Right around the same time, Barksdale was quietly fired by the company.
It's no surprise that Google execs were skittish about discussing the case in detail. Site Reliability Engineers (or SREs) have access to the company's most sensitive data. Responsible for a variety of tasks including responding to technical difficulties across Google's ever-expanding portfolio of products, SREs are given unfettered access to users' accounts for the services they oversee, according to a former SRE who left the company in 2007.
"If you're an SRE, for instance, on Gmail, you will have access to mailboxes because you may have to look into the databases," the former Google SRE—who did not work with Barksdale—explained to us by phone. "You'll need access to the storage mechanisms," he explained, pointing out that in order to determine the cause of a technical issue with Gmail, an SRE might have to access emails stored on Google's servers to see if data is corrupted.
Barksdale's intrustion into Gmail and Gtalk accounts may have escaped notice, since SREs are responsible for troubleshooting issues on a constant basis, which means they access Google's servers remotely many times a day, often at odd hours. "I was looking at that stuff [information stored on Google's servers] every hour I was awake," says the former Google employee. And the company does not closely monitor SREs to detect improper access to customers' accounts because SREs are generally considered highly-experienced engineers who can be trusted, the former Google staffer said.
"There's a whole bunch of trust involved. There's a lot of data inside Google, and I'm willing to bet some of it is really valuable. But for me and the people I worked with, it was never worth looking at."
It's unclear how many accounts Barksdale inappropriately accessed while employed by Google, or if the company has conducted a thorough investigation into possible privacy abuses by other employees. (Calls to Google for comment were not returned.) It's also not clear what measures are in place to prevent Google staffers from snooping on users.
The Barksdale case comes as Google has attempted to address concerns about privacy by encrypting Gmail to protect messages from hackers, and by simplifying its privacy policies to make them more comprehensible to users. Ironically, just last week Google launched its Family Safety Center, dedicated to helping parents keep their children safe on the Internet. But as this disturbing incident suggests, the biggest threat to kids' privacy might be Google employees themselves.
Additional reporting by Sergio Hernandez.
"We dismissed David Barksdale for breaking Google's strict internal privacy policies. We carefully control the number of employees who have access to our systems, and we regularly upgrade our security controls–for example, we are significantly increasing the amount of time we spend auditing our logs to ensure those controls are effective. That said, a limited number of people will always need to access these systems if we are to operate them properly–which is why we take any breach so seriously."
— Bill Coughran, Senior Vice President, Engineering, Google