We’ve seen a recent increase in information being shared outside the company, including the names and details of our employees. Our teams are committed to investigating these issues, and today we’ve dismissed four employees for clear and repeated violations of our data security policies.
There’s been some misinformation circulating about this investigation, both internally and externally. We want to be clear that none of these individuals were fired for simply looking at documents or calendars during the ordinary course of their work.
To the contrary, our thorough investigation found the individuals were involved in systematic searches for other employees’ materials and work. This includes searching for, accessing, and distributing business information outside the scope of their jobs — repeating this conduct even after they were met with and reminded about our data security policies. This information, along with details of internal emails and inaccurate descriptions about Googlers’ work, was subsequently shared externally.
In one case, among other information they accessed and copied, an individual subscribed to the calendars of a wide range of employees outside of their work group. The individual set up notifications so that they received emails detailing the work and whereabouts of those employees, including personal matters such as 1:1s, medical appointments and family activities — all without those employees’ knowledge or consent. When the affected Googlers discovered this, many reported that they felt scared or unsafe, and requested to work from another location. Screenshots of some of their calendars, including their names and details, subsequently made their way outside the company.
We have always taken information security. We have always taken information security very seriously, and will not tolerate efforts to intimidate Googlers or undermine their work, nor actions that lead to the leak of sensitive business or customer information. This is not how Google’s open culture works or was ever intended to work. We expect every member of our community to abide by our data security policies.
Fortunately, these types of activities are rare. Thank you to everyone who does the right thing every day — doing amazing work, while inspiring and maintaining the trust of our users, partners, and each other.
The memo reportedly went from Chris Rackow, Royal Hansen and Heather Adkins; the trio are reportedly part of Google’s security and investigations team. Google confirmed the authenticity of the email to Bloomberg.
