Google's SSO can't really phone home. You're either using SAML or OAuth; in either scenario, the information flow is Google --> the app you're SSOing into; name, email, and user group information.
If you're SSOing into, say, AWS, Google doesn't get any access or private info out of AWS in the flow.
If you're SSOing into, say, AWS, Google doesn't get any access or private info out of AWS in the flow.