A former employee of Google has claimed that user data stored in Google Docs and certain other Google products can be accessed by the internet giant, and law enforcement agencies.
Google Docs is used by millions of people today to write, edit, collaborate and archive their documents.
Martin Shelton, an ex-Google employee, published a blog post on Wednesday, revealing all the ways in which Google, as well as law enforcement agencies, can access the data stored on users' G Suite accounts.
Shelton, a principal researcher at the Freedom of the Press Foundation, says that any organisation using Google's paid G Suite products is likely to have complete access to everything that its employees do on those services.
The volume of information which can be accessed by the organisation depends on the version of G Suite being used, he claims.
Currently, there are three core versions of G Suite available: G Suite Enterprise, G Suite Business, and G Suite Basic. Normally, G Suite Enterprise version offers the greatest monitoring capabilities to administrators into users' Google activities.
So, a G Suite administrator using Enterprise edition can easily find out which files an employee opened in a shared Google Drive, according to Shelton.
Admins can also monitor Gmail, Drive, Slides, Sheets, Calendar, and more, using mobile and desktop devices, he adds.
Shelton also stated that the documents within the G Suite domains are not end-to-end encrypted, which means Google can also read users data on G Suite. Google can scan user data for a variety of purposes, such as filtering data for spam or malware detection, for spellcheck or searching for content, which is in violation of Google's policies.
Google may also be asked by the law enforcement agencies to hand over relevant user data, including email exchanges between two (or more) individuals, to aid in their investigations. Such requests usually come in the form of a court order, a subpoena or search warrant, compelling Google to share data with the requesting agency.
Google says it received 43,683 US government requests for user data from 124,991 accounts in 2018, and provided the data in in 81 per cent of those requests.
Security is always one of CIOs' top headaches, and the global pandemic hasn't improved matters. So what do organisations need to do in order to better protect themselves during the COVID-19 crisis?
HCP is analogous to MongoDB Atlas in that it will provide a cloud-based service offering ‘push-button' access to the company's products via a single control plane, CTO says
Huawei may be a risk but the West should compete with Chinese firms rather than banning, says ex-Google CEO Eric Schmidt
'The Chinese are just as good, and maybe better, in key areas of research and innovation' Schmidt says
CIA discovered the breach only after classified information was published by WikiLeaks