Skip to main content

Google Docs Drama Reminds Us How Vulnerable We Are In The Cloud (Updated)

Image 1 of 2

Image 2 of 2

Update, 11/2/17, 10:17am PT: Google published a blog post addressing the problems discussed below. You can read the full text of the post at the bottom of this article.

Original article, 10/31/17, 9pm PT:

Earlier today, the official Twitter account of Google Docs began receiving tweets from users who had suddenly lost access to some of their documents. The affected users reported that when they tried to access their document(s), they were met with a notice that their document violated Google’s terms of service.

One user even reported seeing that their file had been deleted, but it’s not known whether that has anything related to this issue.

From trawling through the tweets, it’s clear that a fair number of users have actually experienced the issue personally and that it’s not just people retweeting what they’ve heard. Some may speculate that the ToS violations have something to do with the content of the documents, but we have no reason at this time to believe that’s the case. Without a clear statement of cause from Google, it’s easy to jump to conclusions. The issue was fixed some hours after it came to light and Google issued the following statement:

This morning, we made a code push that incorrectly flagged a small percentage of Google Docs as abusive, which caused those documents to be automatically blocked. A fix is in place and all users should have full access to their docs. Protecting users from viruses, malware, and other abusive content is central to user safety. We apologize for the disruption and will put processes in place to prevent this from happening again.

Regardless of the real cause of the issue, this incident is another reminder of how exposed our data in the cloud really is. It’s probably even a surprise to some that docs in Google Docs can violate terms of service and be removed at all. It might be common knowledge that Google scans emails in Gmail, logs browsing behavior in Chrome, and tracks location in Google Maps, but it might not be obvious that these behaviors can also extend to Google’s products and services that are less social in nature.

According to Google’s terms of service, content of any type on any of its services can be blocked for obvious reasons such as copyright infringement and impersonation, but also for more gray reasons, like hate speech and violence.

Even for those who only use Google services for backup and aren’t worried about data mining practices, this can still be a reminder that even cloud storage isn’t foolproof. One cannot concentrate only on data preservation while forgetting to consider data access. The sudden shuttering of CrashPlan’s home service, once a popular cloud backup solution, earlier this year was another stark reminder that cloud services are not guaranteed.

Google's official response, via its blog:

Protecting all Google users from viruses, malware, and other abusive content is central to user cyber-safety and sometimes we remove access to certain files in order to provide these protections. On Tuesday, October 31, we mistakenly blocked access to some of our users’ files, including Google Docs. This was due to a short-lived bug that incorrectly flagged some files as violating our terms of service (TOS). The blocking raised questions in the community and we would like to address those questions here.The Google Docs and Drive products have unparalleled automatic, preventive security precautions in place to protect our users from malware, phishing and spam, using both static and dynamic antivirus techniques. Virus and malware scanning is an industry best practice that performs automated comparisons against known samples and indicators; the process does not involve human intervention. Tuesday’s bug caused the Google Docs and Drive services to misinterpret the response from these protection systems and erroneously mark some files as TOS violations, thus causing access denials for users of those files. As soon as our teams identified the problem, we removed the bug and worked to restore access to all affected files.We apologize to our users for any inconvenience this incident caused and remain committed to offering high-quality systems that keep their content safe while fully securing their files.

  • luke_johnson
    My respected industry blog of over 7 years was spontaneously removed by Google, never to be seen again. I was never able to find out why or speak to anyone at Google about the issue. Read the story https://productforums.google.com/forum/#!msg/blogger/AvQeCS94iJI/kVpehlDhCAAJ
    And beware of Google hosted services...
    Reply
  • beayn
    Why is the content of your document of any relevance to the service? I don't care if they scan your shit for targeted advertising, but if they start censoring you, that's a whole different ball game. Google is a monopoly with a political agenda who contributes millions to particular presidential campaigns. This should be a red flag that it's basically an extension of the government using a "private company" loophole to get around the constitution.
    Reply
  • Icehearted
    Among the many MANY reason why I do not use the cloud or services dependent on that without local storage. My one exception being Steam. My creative work is all kept locally, backed up regularly, and all online access is blocked via firewall. This isn't just a Google issue, and this is why I prefer Windows 7 and programs like OpenOffice and GIMP over subscription software with heavy cloud dependency. Surrendering any of my material to them to exchange personal control and privacy for convenience is asking for trouble.
    Reply
  • procc
    I wanted to buy more google drive space, but now, no way...
    Reply
  • manleysteele
    "This morning, we made a code push that incorrectly flagged a small percentage of Google Docs as abusive, which caused those documents to be automatically blocked. A fix is in place and all users should have full access to their docs. Protecting users from viruses, malware, and other abusive content is central to user safety. We apologize for the disruption and will put processes in place to prevent this from happening again."

    Translation: We floated a new filter in our scanning software and it worked as designed. We didn't actually expect you to go on social media and complain. How rude. We'll back off for now, but this is the future Google wants. Get used to it.
    Reply
  • jackt
    Google spy whenever it can. And anyway spy the whole world with android.
    Reply
  • randomizer
    But all the unit tests were passing!
    Reply
  • devil.demente
    20329898 said:
    Why is the content of your document of any relevance to the service? I don't care if they scan your shit for targeted advertising, but if they start censoring you, that's a whole different ball game. Google is a monopoly with a political agenda who contributes millions to particular presidential campaigns. This should be a red flag that it's basically an extension of the government using a "private company" loophole to get around the constitution.

    If you'll remove the tinfoil hat for a second, it's simple. Drive is used to host malicious content as well, so there have to be mechanisms to flag documents as malicious and not serve them to visitors.
    Reply
  • thesaucymugwump
    Google forced my somewhat non-PC blog off Blogger -- I'm now on Weebly -- yet I was never informed of any policy violations (I was locked out of my Gmail account too). Google, Facebook, Twitter, and other social media corporations should be regulated as the monopolies they have become, but neither Democrats nor Republicans will do so, albeit for completely different reasons.
    Reply
  • LORD_ORION
    I do not understand why anyone anywhere uses any US based cloud service.
    You SHOULD know the NSA / CIA / FBI has complete access to any thing you put there, and you SHOULD know the US has no problem spying on businesses for political friends.
    Reply