Data Backup Digest

Do-It-Yourself Windows File Recovery Software: A Comparison

results »

Your Google Backup May Have Been Sent to a Stranger

Many of us put our trust in big technology companies to look after our data. It’s easy to go with the convenient solution, which means letting our phones track our locations, back up our text messages, or keep a record of the videos we watch.

We also expect these companies to have good security measures. We can protect ourselves using strong passwords and two factor authentication, but it’s fair to assume that our data is encrypted and inaccessible from the other side too.

What you might not expect is for those companies to accidentally leak your data. Except that’s precisely what Google did, then let users know with a nonchalant email. This is the story that Google accidentally shared archives of some people’s videos with other people, which came to public attention when someone tweeted about an email they’d received from Google.

Google Takeout is a service that lets you download all your data from Google apps. It’s a very useful service to use if you want a backup of your data for redundancy, if you want to move it to another service, or if you just want to see what Google hold about you.

Google alerted some users via email that there had been a “technical issue” with Takeout. Apparently users who requested backups between November 21 – 25 could have had their videos incorrectly included in someone else’s archive.

According to Google, less than 0.01% of users requesting archives were affected and none of their other services were faulty. That percentage may seem slim, but if you consider that Photos has one billion users on Android alone, the actual number isn’t so insignificant. Google recommend that anyone who requested an archive during those November days delete what they received and request a new copy.

In a statement to 9to5Google, the search giant said that they have “conducted an in-depth analysis to prevent this from ever happening again” and expressed sorrow at the incident.

Frustratingly, Google’s email to users about the incident was blasé and didn’t effectively highlight the problem. Rather than leading with the news, the second bullet point of the email read:

“Unfortunately … some of the videos in Google Photos were incorrectly exported to unrelated users’ archives. One or more videos in your Google Photos account was affected by this issue.”

Google only sent this email in February 2020, which is even more baffling. It took the company three months to identify the issue. Or, at least, it took them three months to communicate about it. That’s not good enough.

This just goes to show that the only way your data is truly safe from falling into the wrong hands is to store it offline – physical theft aside, that is.

That said, this internal breach of Google’s is unlikely to stop anyone using the service. These kinds of technical hitches are increasingly commonplace, often taken as an acceptable risk of storing your data on such services. Plus, many are so deep into the Google ecosystem that the effort of separating from it isn’t worthwhile.


No comments yet. Sign in to add the first!