As someone who works for a tech giant I'd like to provide some input here.
1. Absolutely yes for ad hoc queries and there's a wealth of logging and privacy features built into all of our tools.
2. Absolutely yes and those queries are audited. For any query that matches some heuristics it'll warn us with a big scary message to make sure the query is legitimate work.
For the query linked above about checking who was around a location at a given time I'd probably be fired before the query completed. It's a pretty comfortable job but they don't mess around with user data, it's zero tolerance if it's abused and even if there was never a warning message your ass is still out the door when they catch you.
For all the flak tech giants get around PII I think it's horrifying that smaller players can still get hordes of sensitive data and yet have basically no safeguards to prevent misuse like querying whatever some internal engineer wants to look at.
1. Absolutely yes for ad hoc queries and there's a wealth of logging and privacy features built into all of our tools.
2. Absolutely yes and those queries are audited. For any query that matches some heuristics it'll warn us with a big scary message to make sure the query is legitimate work.
For the query linked above about checking who was around a location at a given time I'd probably be fired before the query completed. It's a pretty comfortable job but they don't mess around with user data, it's zero tolerance if it's abused and even if there was never a warning message your ass is still out the door when they catch you.
For all the flak tech giants get around PII I think it's horrifying that smaller players can still get hordes of sensitive data and yet have basically no safeguards to prevent misuse like querying whatever some internal engineer wants to look at.