A former employee of Google has claimed that user data stored in Google Docs and certain other Google products can be accessed by the internet giant, and law enforcement agencies.
Google Docs is used by millions of people today to write, edit, collaborate and archive their documents.
Martin Shelton, an ex-Google employee, published a blog post on Wednesday, revealing all the ways in which Google, as well as law enforcement agencies, can access the data stored on users' G Suite accounts.
Shelton, a principal researcher at the Freedom of the Press Foundation, says that any organisation using Google's paid G Suite products is likely to have complete access to everything that its employees do on those services.
The volume of information which can be accessed by the organisation depends on the version of G Suite being used, he claims.
Currently, there are three core versions of G Suite available: G Suite Enterprise, G Suite Business, and G Suite Basic. Normally, G Suite Enterprise version offers the greatest monitoring capabilities to administrators into users' Google activities.
So, a G Suite administrator using Enterprise edition can easily find out which files an employee opened in a shared Google Drive, according to Shelton.
Admins can also monitor Gmail, Drive, Slides, Sheets, Calendar, and more, using mobile and desktop devices, he adds.
Shelton also stated that the documents within the G Suite domains are not end-to-end encrypted, which means Google can also read users data on G Suite. Google can scan user data for a variety of purposes, such as filtering data for spam or malware detection, for spellcheck or searching for content, which is in violation of Google's policies.
Google may also be asked by the law enforcement agencies to hand over relevant user data, including email exchanges between two (or more) individuals, to aid in their investigations. Such requests usually come in the form of a court order, a subpoena or search warrant, compelling Google to share data with the requesting agency.
Google says it received 43,683 US government requests for user data from 124,991 accounts in 2018, and provided the data in in 81 per cent of those requests.
NCSC head Ciaran Martin points the finger of blame for the wave of cyber attacks targeting the UK at Russia, China, North Korea and Iran
The 'modus operandi' of Magecart 5 is very different from other, similar threat groups, according to Malwarebytes
Micrososft's Secured-Core PCs intended to put a stop to UEFI rootkit shenanigans
Samsung Galaxy S10 smartphone allows anyone to unlock devices when covered in third-party screen protectors
Lackadaisical security around apps for Amazon and Google personal assistants could enable malicious attackers to v-phish for passwords or eavesdrop on households