Google’s history of privacy failures revealed in new leak

Over the past few years, Google has been trying to rebrand itself as a privacy champion — at the center of this quest lies Google’s Privacy Sandbox, pitched as a privacy-preserving alternative to cross-site tracking (however, it falls short of this goal, as explained here).

As awareness of privacy issues continues to grow — with a recent study suggesting that nearly 90% Americans are more concerned about their privacy and data security than the state of the US economy, Big Tech finds itself under mounting pressure (both from consumers and regulators) to take action. However, talking about privacy is one thing, but walking the talk is another. The latest leak, revealing six years of previously unknown privacy incidents at Google reported internally by its own employees from 2013 to 2018, throws shade on these efforts.

Addresses, license plates and speech data

The leak was reported by 404 media, which obtained a dataset revealing dozens of privacy-related incidents linked to either Google itself or its third-party vendors, from an anonymous tipster. According to the report, the database contains “thousands of reports” that had been filed by Google employees, and, according to Google, were all acted upon and resolved.

So, here are some of the incidents that Google employees reported and that we found especially disconcerting.

In one instance, Google speech service had mistakenly logged speech data for an hour, which resulted in “estimated 1K child speech utterances” being collected.

In another case, Google’s Street View photographed and transcribed car license plates (when they should have been automatically censored) and then stored this sensitive information. It’s important to note that many of us never gave Google the green light to photograph our homes and vehicles in the first place. In fact, there are numerous complaints on Google community forums where people have raised concerns about StreetView vehicles entering private property without permission and taking 360-degree photos of businesses and residences.

Customers investing in Google’s premium products, sold on the promise of enhanced privacy and security, may want to have second thoughts about entrusting their data to the Big G after hearing the following story. According to the report, a Google Cloud customer using the government-focused product designed to safeguard sensitive data was mistakenly moved to a consumer-level service. This transition resulted in the loss of guaranteed US data location for the affected customer. While this may not be a big deal for a regular user, the assurance that their data will stay in the US and not be moved across the pond is usually pretty critical for government stuff.

In another incident in which Google was also a damaged party, the email addresses of over a million users of Socratic.org, an education technology company acquired by Google in March 2018, were leaked. This information was found right in the code of the website. In addition, there were concerns that the geolocation and IP address data of these users, including children, may also have been compromised. Google addressed the leak after acquiring the company, but the data had been exposed for a year prior to the acquisition, raising suspicions that it may have already been harvested.

Unremovable YouTube history and Google Doc links for all to see

The last trio of incidents we want to highlight involves services that just about everyone uses on a daily basis.

In, perhaps, the most troubling of them all, videos uploaded to YouTube with privacy settings designated as “unlisted” or “private” were made visible to the public for a “short” period of time, creating a potential nightmare for individuals and organizations sharing sensitive information or corporate content on YouTube (which we would not advise doing in the first place).

In another incident that could have potentially affected a lot of people, Google reportedly mishandled Google Drive and Google Docs access controls, inadvertently granting public access to files intended only for those with the shared link. According to the report, Google treated “Anyone with the link” access controls as “Public,” meaning that the files could have been found without a direct link, for instance through a web search. While the likelihood of someone randomly searching for a Google Doc leak is slim, it nonetheless created a vulnerability for potential leaks of sensitive information.

In the third incident that is not directly related to privacy, but nonetheless illustrative of Google’s lax enforcement of its own rules, Google-owned YouTube apparently ignored its own policy when it continued to recommend videos based on those that had been deleted from the watch history. YouTube’s current policy states, “If you notice recommendations on a subject you’re not interested in, try removing a video you previously watched on that topic. It may reduce the chance of similar recommendations in the future.” “May reduce” does not sound like an ironclad guarantee, but it does create some expectations.

Taking control of your data

Google’s history of privacy failures, as revealed in this latest leak, is just one example of the ongoing challenges in safeguarding personal information online. Also, this is by far not the first, nor likely the last, testament to Google’s poor privacy record.

A lot has been written about de-Googling yourself, and some of you may have even attempted this feat, recognizing the risks associated with entrusting so much data to a single entity. If you’re among those users who went for more private options, we applaud your effort and determination. However, for most of us, completely divorcing from Google’s ecosystem may be a daunting task and not necessarily what we need or want.

Instead, we stand for a pragmatic approach which involves scaling back on what you share and get advantage of the tools provided by Google to manage your online footprint. Checking for your personal information online through such tools as “Results about you” and taking steps to remove it, and minimize exposure can help mitigate risks to your personally identifiable information being leaked and potentially mishandled in our increasingly data-driven world.