That's great, but if it's only true until it isn't. The moments when that idea is false (however rare) are the life altering, permanent moments that result in irrevocable ruin for whomsoever might dare trust the promises and honor of [faceless corporation].
The truth is twofold.
One: if the barrier can be melted according to magic rules, then it is no real barrier. It is a sweet candy coating that melts in your mouth, not in your hands.
Two: if a corporation is made of many incidental strangers who happen to share an employer for overlapping moments in time, and the system has at least one authorization bypass, then so does the audit trail.
If you don't think corporations implode, suffer from disgruntled criminal employees, sell out to rivals, go completely bankrupt, or land themselves in jail, then bet all of your secrets on the idea that what they tell you is 100% truth.
Yep, a solution exists through. Here's how you get there:
* Strong identity: employees must be strongly identified before acting.
* Multi-party authz: nobody ever acts alone. One person can't be trusted, two people might be, M of N effectively represents the company.
* Noisy security: making a change to security parameters notifies all relevant parties in a way that intentionally avoids notification fatigue. You can't sneak a change through.
* Full auditability: even after the fact you can readily unravel what was done, seeing what the old state was, what was changed, who made the change, and who approved it.
Get those points, and a few other minor details, and this larger problem actually becomes tractible.
You know, we, working at Google, are people, right? We have moral and ethical standards just like everyone else. Many (but not all) of us also aren't locked in to Google and can find employment elsewhere easily but choose not to.
The following isn't about Google as such: Thing with a disgruntled criminal employee is that they don't usually come in bunches and don't collude because they can't easily identify each other. Which means they can't generally commit such acts and then also corrupt a whole 'nother department to cover it up.
Trusting your privacy on the moral and ethical compass of every individual at giant corporations is incredibly foolish. If this is a wide-spread belief at Google, it only further erodes my trust in the company.
It's not every employee, but rather something like any. As in: any employee with access to user data can check that their actions are logged correctly.
This doesn't protect against government action, and not at Google leadership specifically targetting you. But it does prevent the (rather common) abuse of such access by regular employees.
> You know, we, working at Google, are people, right? We have moral and ethical standards just like everyone else.
Could’ve fooled me. Or maybe your standards are just particularly low. Do you mind explaining where surveillance capitalism fits into your principled worldview?
The truth is twofold.
One: if the barrier can be melted according to magic rules, then it is no real barrier. It is a sweet candy coating that melts in your mouth, not in your hands.
Two: if a corporation is made of many incidental strangers who happen to share an employer for overlapping moments in time, and the system has at least one authorization bypass, then so does the audit trail.
If you don't think corporations implode, suffer from disgruntled criminal employees, sell out to rivals, go completely bankrupt, or land themselves in jail, then bet all of your secrets on the idea that what they tell you is 100% truth.