Beijing time on November 26th it was reported that four Google employees were notified monday that they had been fired for “repeated and clear violations” of the company’s data security policies. Based on a copy of the document, Google explained the decision in an e-mail to employees titled “Protecting Our Data.” The company later confirmed the memo but declined to comment further.
On Friday, more than 200 people marched outside Google’s San Francisco office in support of a protest organized by the company’s employees. Protesters are demanding that the company resume the work of two employees on administrative leave: Rebecca Rivers and Laurence Berland. Rivers tweeted Monday that she had been fired. But she did not respond to further messages.
Here’s the full memo from Google’s security and investigation team:
We have seen an increase in recent information shared outside the company, including employee names and details. Our team is dedicated to investigating these issues, and today we have fired four employees for repeated and apparent violations of our data security policies.
There are some misinformations about this investigation both inside and outside the company. Let’s be clear: none of these people have been fired for simply viewing documents or calendars in their daily work.
Instead, our thorough investigation found that these people were involved in a systematic search for materials and work of other employees. This includes searching, accessing, and distributing business information outside of their work , even after we meet with them and alert them to our data security policies. The information, along with details of internal emails and incorrect descriptions of the work of Google employees, was then shared externally.
In addition to other information accessed and copied, one person subscribes to the calendars of many employees outside the team. The person has set up a notice to receive e-mail details of the employee’s work and whereabouts, including one-on-one personal affairs, medical appointments, and family activities, all of which were conducted without the employee’s knowledge or consent. When affected Google employees found this, many reported that they were scared or unsafe and asked to change their place of work. Screenshots of some of their calendars, including names and details, were then taken outside the company.
We have always taken information security very seriously and will not tolerate threats or breaches of Google employees’ work, or actions that lead to the disclosure of sensitive business or customer information. This is not in line with the way Google’s open culture works, nor is it what it once planned to do. We want every member of our community to comply with our data security policy.
Fortunately, such activities are rare. Thank you to all the people who follow the rules – they do a great job while inspiring and maintaining the trust of users, partners, and each other. (Siyuan)