Technology
Information Security

Written By ESR News Blog Editor Thomas Ahearn

A leaked internal document claims technology company Google fired 36 employees in 2020 for incidents related to information security with some allegations involving accessing Google user or employee data, according to an article from Motherboard Tech by Vice.com that obtained the leaked internal Google document.

The individual who provided the leaked internal document and was granted anonymity to speak candidly about Google issues told Motherboard that Google terminated 26 people in 2019 and 18 people in 2018 for information security incidents. Google’s Wikipedia page states the company has 139,995 employees as of August 2021.

“Ten percent of all allegations in 2020 concerned misuse of systems, which can include accessing user or employee data in violation of Google’s own policies, helping others to access that data, or modifying or deleting user or employee data, according to the document,” Motherboard reported. The figure was 13 percent in 2019.

The majority of information security allegations against employees in 2020 – 86 percent – included mishandling confidential internal information. “The instances referred to mostly relate to inappropriate access to, or misuse of, proprietary and sensitive corporate information or IP,” a Google spokesperson told Motherboard in a statement.

“We tightly restrict employee access through a number of industry leading safeguards, including limiting access to user data to necessary individuals, requiring a justification to access such data, multi-stage review before access is granted to sensitive data, and monitoring for access anomalies and violations,” the statement added.

Having information security safeguards in place to protect sensitive personal data against internal threats, unauthorized users, and unwanted intrusions is crucial for Consumer Reporting Agencies (CRAs) that perform background checks and seek accreditation by the Professional Background Screening Association (PBSA).

The PBSA – a non-profit trade association representing the background screening industry founded in 2003 – offers accreditation to CRAs in the United States through its Background Screening Agency Accreditation Program (BSAAP), which has become a recognized seal of professionalism for background screening firms.

Accredited CRAs must comply with 68 BSAAP Clauses in six sections: 1) “Information Security,” 2) “Legal and Compliance,” 3) “Client Education,” 4) “Researcher and Data Standards,” 5) “Verification Services Standards,” and 6) “Business Practices.” “Information Security” has 12 Clauses, including 1.10 Unauthorized Browsing.

Clause 1.10 Unauthorized Browsing reads: “CRA must have and follow a policy that prohibits CRA workers from searching files and databases unless they have a bona fide business necessity.” CRAs must have a written policy that instructs CRA workers on appropriate and/or inappropriate access and use of consumer information.

Employment Screening Resources® (ESR) – which was ranked the number one screening firm by HRO Today in 2020 – is a founding member of the PBSA and is accredited by the PBSA for demonstrating compliance with the BSAAP, which includes no “Unauthorized Browsing.” To learn more about ESR, visit www.esrcheck.com.

NOTE: Employment Screening Resources® (ESR) does not provide or offer legal services or legal advice of any kind or nature. Any information on this website is for educational purposes only.

© 2021 Employment Screening Resources® (ESR) – Making copies of or using any part of the ESR News Blog or ESR website for any purpose other than your own personal use is prohibited unless written authorization is first obtained from ESR.