Modernizing Authentication — What It Takes to Transform Secure Access
According to a recent job posting, Google is assembling a "red team" focused on protecting user privacy.
"As a Data Privacy Engineer at Google you will help ensure that our products are designed to the highest standards and are operated in a manner that protects the privacy of our users," the job posting states. "Specifically, you will work as member of our Privacy Red Team to independently identify, research, and help resolve potential privacy risks across all of our products, services, and business processes in place today."
"The concept of a red team is one that's been used in security for decades, with small teams of experts trying to break a given software application, get into a network or circumvent a security system as part of a penetration test or a similar engagement. ... But Google's concept of building an internal team to look critically at engineering and other decisions in the company's products and services that could involve user privacy risks is perhaps a unique one," notes Threatpost's Dennis Fisher.
"Google has been at the center of privacy rows for a number of years now," writes TechWeekEurope's Tom Jowitt. "Perhaps its most serious privacy blunder came in May 2010 when Google admitted its Street View cars had unwittingly collected personal information from citizens’ Wi-Fi networks. The so-called 'WiSpy' incident has dogged Google for years now, and in July it admitted it had still not deleted all the data it had collected, prompting fresh privacy watchdog investigations."
"Google also agreed to pay a $22.5m fine to settle charges that the company misled users about the company's use of behaviour-tracking cookies in August," writes V3.co.uk's Alastair Stevenson. "The fine was issued by the FTC, which claimed Safari web browser users were served with cookies when visiting Google sites, circumventing the browser's privacy settings."
"As privacy policies and legislation becomes more intertwined and complex, the onus falls on the company providing the service rather than the user just accepting a lengthy, unread terms and conditions," writes ZDNet's Zack Whittaker.