A former employee of Google has claimed that user data stored in Google Docs and certain other Google products can be accessed by the internet giant, and law enforcement agencies.
Google Docs is used by millions of people today to write, edit, collaborate and archive their documents.
Martin Shelton, an ex-Google employee, published a blog post on Wednesday, revealing all the ways in which Google, as well as law enforcement agencies, can access the data stored on users' G Suite accounts.
Shelton, a principal researcher at the Freedom of the Press Foundation, says that any organisation using Google's paid G Suite products is likely to have complete access to everything that its employees do on those services.
The volume of information which can be accessed by the organisation depends on the version of G Suite being used, he claims.
Currently, there are three core versions of G Suite available: G Suite Enterprise, G Suite Business, and G Suite Basic. Normally, G Suite Enterprise version offers the greatest monitoring capabilities to administrators into users' Google activities.
So, a G Suite administrator using Enterprise edition can easily find out which files an employee opened in a shared Google Drive, according to Shelton.
Admins can also monitor Gmail, Drive, Slides, Sheets, Calendar, and more, using mobile and desktop devices, he adds.
Shelton also stated that the documents within the G Suite domains are not end-to-end encrypted, which means Google can also read users data on G Suite. Google can scan user data for a variety of purposes, such as filtering data for spam or malware detection, for spellcheck or searching for content, which is in violation of Google's policies.
Google may also be asked by the law enforcement agencies to hand over relevant user data, including email exchanges between two (or more) individuals, to aid in their investigations. Such requests usually come in the form of a court order, a subpoena or search warrant, compelling Google to share data with the requesting agency.
Google says it received 43,683 US government requests for user data from 124,991 accounts in 2018, and provided the data in in 81 per cent of those requests.
More than 100,000 bug hunters have made hacking a full-time career, while for others it's the route into a lucrative IT role
Improperly secured AWS ElasticSearch database contained ‘treasure trove’ of employee data, which may include UK staff
Ecommerce platform compromised by eight different skimmers hosted accounts for a number of high-profile organisations
State-backed cyber warfare is intended to sow confusion and disillusion people across the democratic world, writes Professor Peter Cochrane
WhatsApp's private links aren't so private any more