Production account privacy standards at Amazon, Google or Facebook

Chase blahBumbu
Apr 5 13 Comments

I have many friends working at these companies. Do they have access to view all my account info if needed? For example, my google maps / search data or amazon account or Facebook activity?

comments

Want to comment? LOG IN or SIGN UP
TOP 13 Comments
  • Google read Iris
    Although technically you can, but all your lookups will get audited. You need to justify all the lookups that do not look normal.
    Apr 5 7
    • Microsoft / Eng ty3scv2z
      Is every lookup (say for gmail) audited or there are too many lookups that its humanly impossible and random audits are the norm?
      Apr 5
    • Google read Iris
      Every lookup gets audited by either machine or human.
      Apr 5
    • Chase blahBumbu
      OP
      “All lookups that do not look normal.” How do you test / audit that? How is a human / machine at google able to identify my friends/relationships and trigger what otherwise would be a false positive?
      Apr 6
    • Google read Iris
      There are internal guidelines on what normal lookups are. I cannot probably reveal those. Not many need manual intervention, but some do.

      As we deploy more automation, I think we might need minimal manual review.
      Apr 6
    • Microsoft / Eng ty3scv2z
      Interesting space to be working. Just curious, Is one allowed to lookup his/her own personal account?
      Apr 6
    • Google read Iris
      Yes. But it needs lot fewer approvals.
      Apr 6
    • Microsoft / Eng ty3scv2z
      Thanks Mate!
      Apr 8
  • Google dCyj41
    No. There is an auth chain per service for customer data. (With auditing). It is highly unlikely you're friends can access any of it and impossible your friends can access all of it.
    Apr 5 0
  • Facebook ¿
    Sounds very similar to the Google answer, except we also enforce through policy and checks that you cannot access data for people you know, even with a legitimate business need. It’s audited, but we also attempt to block it in advance. The policy is zero tolerance, even accidental, no matter what your job title.

    During onboarding you’re reminded multiple times that you’ll not only be fired instantly but now may face criminal charges due to various privacy laws.
    Apr 6 2
    • Facebook gEKd54
      Yep - that's the one sure way to lose your job within a day, regardless of role and level
      Apr 6
    • Chase blahBumbu
      OP
      Who is the authoritative source to confirm you don’t know a given person? How is that verified?
      Apr 6
  • Amazon / Eng
    onMyWay

    Amazon Eng

    BIO
    AWS
    onMyWaymore
    Generally no. Metadata (is an account enterprise, is it internal, etc) associated with accounts may be accessible to teams specifically working on a service, but no one has access to core account data like search history, order history, financial data, etc.
    Apr 6 0

Join verified employees in our anonymous social network! Download the app!

close