One of the biggest companies in the world just had its dirty laundry aired out, with a new leak showing that Google has been engaged in some seriously problematic security and privacy practices over the years.
Let’s be honest, we know that most companies aren’t taking user privacy seriously enough. Still, because most of the infrastructure is behind the scenes, we never know exactly how protected our data actually is.
Well, an internal leak from Google has revealed that the company clearly didn’t make privacy a priority when it came to sensitive user data.
Internal Leak Reveals Google Security Lapses
In an internal leak from Google employees that was acquired by 404 Media, there are six years world of privacy and security lapses from the tech giant that could warrant further investigation.
As for what Google actually did, there are plenty of examples that are cause for concern, but one instance of Google Street View tracking and storing license plate numbers is definitely a good place to start.
🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get a huge 86% off Surfshark with this special tech.co offer.
“Unfortunately, the contents of license plates are also text and, apparently, have been transcribed in many cases. As a result, our database of objects detected from Street View now inadvertently contains a database of geolocated license plate numbers and license plate number fragments.” – a Google employee in the report
On top of that, Google was found to be recording and storing children’s voices, failing to secure home addresses on carpooling systems, and accessing private videos on user YouTube accounts.
How Bad Is This Really?
Obviously, this is not a good look for Google. All companies should be making an effort to protect user data and prioritize privacy across the board. However, from a security standpoint, what’s the actual damage to users?
Fortunately, as 404 Media found in their investigation, the majority, if not all, security issues raised by the internal leak have been mitigated or resolved. The license plate issue, for example, was paired with a caveat that at least somewhat alleviates Google of any malicious accusations.
“I want to emphasize that this was an accident. The system that transcribes these pieces of text should have been avoiding imagery identified by our license plate detectors but, for reasons as-yet unknown, was not.” – a Google employee in the report
Google is a massive company with a lot of plates in the air, and obviously some things are going to slip through the cracks. The key is in how you respond to those mistakes, and Google has done well in righting those wrongs. Yes, covering it up and only admitting to it after an internal leak is a similarly bad look, but hey, they got rid of that whole “Don’t be evil” slogan a long time ago, right?
Protecting User Data
You may think that these kinds of security issues only impact big businesses like Google, but the reality is that protecting user data is an issue for companies of all sizes, particularly with cybercriminals evolving more and more every year.
Protecting user data not only builds trust with your customers, but also prevents you from getting any fines for non-compliance. Plus, with security breaches costing the average business millions, it’s safe to say prioritizing privacy can go a long way in helping your company.
Suffice to say, be proactive about user data rather than reactive, so that you don’t end up in the news for six years’ worth of security failures like Google.
