Perhaps the title is a bit vague, but the matter is that Google corporation, after a well-known incident with the collection of passwords / logins / other data of car users of the Google Street project, decided to reduce the possibility of repeating this situation to zero. It is clear that even for such a large company (especially for such a large one) the collection of personal data of unsuspecting users, even an accidental one, is a blow to one’s own “karma”. After all, many attribute Google to the "good" companies, opposing it to Microsoft, and such cases make the line between the notorious "corporations of good and evil" all thinner. So, Google has updated the security rules within the company, obliging its employees to stop at the root any methods of work that could cause a repetition of the incident described here
. There will even be training for 23 thousand employees of the company, where the new work rules will be shown by professional trainers.
In addition to updating the security policy, the corporation also introduces a procedure with a larger number of checks than before, which are at least a partial guarantee that the data of others cannot be used by Google employees either by chance or, especially, deliberately.
And again, as an example of such a situation, computer security experts cite the case of a Google engineer who created the most pernicious program that collects data from publicly available wireless networks. If the management of this engineer had been informed about the principles of operation of such software, they say at Google, in its current form such a program would never have been allowed to work. And so, for two years, Google cars went to different cities of different countries, freely collecting other people's data. It is worth recalling that earlier Google claimed that this data includes only the network identifier and the MAC address, but in fact it turned out that there are also passwords / logins belonging to unsuspecting users.
In total, about 600 gigabytes of this kind were collected, according to new data. This is an approximate amount of information from a serious academic library. User data was collected from more than 20 countries, including Austria, Denmark, Hong Kong, the United States and others. Now the collected array of information relating to Austria, Denmark and Hong Kong has already been cleared of user data that has been irretrievably deleted (according to Google management). But data from other countries is still stored on the servers of the corporation, since it takes considerable time to analyze them.
In general, now Google has taken on the "re-education" of its employees, improving the rules of information security within the company. It is clear that user confidence is a critical factor for the company, which is trying to make its own services more and more social, gradually reducing everything to a single social platform.
Well, let's see how security policy improvements will work in the future.