Adrian Chen writes on Gawker:
… A Google engineer spied on four underage teens for months before the company was notified of the abuses.
David Barksdale, a 27-year-old former Google engineer, repeatedly took advantage of his position as a member of an elite technical group at the company to access users’ accounts, violating the privacy of at least four minors during his employment, we’ve learned. Barksdale met the kids through a technology group in the Seattle area while working as a Site Reliability Engineer at Google’s Kirkland, Wash. office. He was fired in July 2010 after his actions were reported to the company.
It’s unclear how widespread Barksdale’s abuses were, but in at least four cases, Barksdale spied on minors’ Google accounts without their consent, according to a source close to the incidents. In an incident this spring involving a 15-year-old boy who he’d befriended, Barksdale tapped into call logs from Google Voice, Google’s Internet phone service, after the boy refused to tell him the name of his new girlfriend, according to our source. After accessing the kid’s account to retrieve her name and phone number, Barksdale then taunted the boy and threatened to call her.
In other cases involving teens of both sexes, Barksdale exhibited a similar pattern of aggressively violating others’ privacy, according to our source.
Read more on Gawker.
As someone who has repeatedly — nay, ad nauseum — encouraged entities to get ahead of the story and to voluntarily disclose breaches, I think Google made a tremendous error in not disclosing the problem on its own initiative and then telling everyone what they were doing to prevent future problems of this kind. Having it leak out this way does not engender trust, in my opinion.
Update: Jason Kincaid reports that not only has Google confirmed that they fired the employee for privacy violations but that this was the second such incident involving an employee breaching privacy, although the first incident did not involve minors.