Around 100 people have root @ Google. They get a tshirt with it on.
With months of effort researching tripwires and auditing systems, any of them could read your mail.
There's a pretty good chance they'd get caught by some auditing or alerting system they were unaware of though. Many of those systems are kept secret from employees for obvious reasons.
Any two employees collude to much more easily read your mail. There's probably ~1000 people in that position (not only the gmail team, but anyone who writes any kind of library code used by any of the databases, datastores, or application servers). They would leave audit records though, although they might go unnoticed.
That's cool in that it's such a small number. Netflix shared how they do ephemeral access by publishing bless *[1]. It would be cool to see how Google does it as well. Googling for the usual terms doesn't return anything.
Access controls are actually fairly locked down. I would guess the access control list for Gmail data is only ~10 people. If any of them were to make use of their access permissions, it would automatically trigger a review of their actions.
With months of effort researching tripwires and auditing systems, any of them could read your mail.
There's a pretty good chance they'd get caught by some auditing or alerting system they were unaware of though. Many of those systems are kept secret from employees for obvious reasons.
Any two employees collude to much more easily read your mail. There's probably ~1000 people in that position (not only the gmail team, but anyone who writes any kind of library code used by any of the databases, datastores, or application servers). They would leave audit records though, although they might go unnoticed.