There’s two sides to protecting your personal data stored at Google: defending abuse from the outside, and defending abuse from the inside. Google’s Douglas Merrill recently gave some remarks on how Google tries defend from outside abuse. In a bit of a follow-up to Seth Finkelstein’s recent column in The Guardian (where Seth said it’s likely there are intelligence agency moles working at Google), I asked Google how they internally restrict access to data, so that e.g. a member of the Gmail team can’t access user data connected to Google Analytics, and so on. Here’s Google’s reply (note: as usual, privacy claims can’t be verified from the outside):
We restrict access internally in a number of ways. For example, product managers for Google Maps are not able to see the data collected for the Google Book Search team. For sensitive information, such as credit card info and email content, the access is more strictly limited and includes additional security measures such as tracking who accesses which data and when. This group of people is limited in their access to this data for specific purposes, such as debugging or abuse detection. Oftentimes, access to such data is automated so that there is no need for an individual to access the data. All of our employees are also bound by confidentiality agreements to protect against the misuse of data.
Source:→ BlogoscopedGoogle, Google-Internal, Google-inside, Data Restrictions, Data Protection, Security