The recent essay from Paul Graham, “Don’t Talk to Corp Dev,” reminded me of a question I’ve wondered from time to time over the years: what would stop Google from accessing a startup’s Gmail (or Google Apps) if it were advantageous to their business negotiations? A part of me always cringes at this thought; it’s too paranoid. It goes against their culture. Still, given how bad an internal breach could be, I was curious to see what language Google would use to assure its users that their Gmail was in safer hands than, say, an Uber itinerary.
My problem with the answer? It’s not from Google. Dropbox is explicit about how employees access data; I find their policies well-thought out and comprehensive. Evernote’s security is moderately explicit  that it has more lax policies . Either way, I can evaluate the security of my accounts from an internal employee who might be bored some Wednesday night.
Meanwhile, Google itself is mum on who internally can read my Gmail, and for what purposes. “Gmail security”-related queries yield results ranging from how to secure your account against external entities to how Google keeps us safe from open wifi. They also assure us that they aren’t manually reading every one of our emails to serve us ads (Really?? So do they contract hamsters to pick all those ads? ). But nothing in my Googling can locate a Google-authored document that describes their internal Gmail security policy at all.
I think their policies are probably as good or better than Dropbox, but at this point they are forcing me to assign an awful lot of credibility to that guy on Quora.
 Christopher Nguyen says he worked at Google between 2003 and 2008.
 See the “Customer Account Access” section
 “This [admin access] tool allows our customer service and platform administration teams to resolve customer issues.” Which customer support personnel are accessing? What do they access?
 Blog sarcasm
2 Replies to “Is Gmail secure from its employees?”
This was an interesting article, but I’m surprised you didn’t mention the fact that there is at least one known, major internal security breach at Google, http://gawker.com/5637234/gcreep-google-engineer-stalked-teens-spied-on-chats
Yes, this is a risk. But I don’t know if any other provided is safer than Google/Gmail. The other provided could snoop your data as well.