Search the web at least once every two years or risk losing your Google account Google has announced an update to its "inactivity policy" that will see the search and ads giant delete accounts – and their data – if users don't use them to search the web at least once in two years. The web biz has justified the change on the grounds that holders of accounts that haven't been touched for two years are less …
The phone number is the gateway drug.
Your cellphone, your wallet, your time, your ideas
No bar-code, no party, no ID, no beers
Your bankcard, your license, your thoughts, your fears
No SIM card, no disco, no photo, not here
Your blood, your sweat, your passions, your regrets
Your profits, your time off, your fashions, your sex
Your pills, your grass, your tits, your ass
Your laughs, your balls, we want it all (we want your soul)
I'm still getting occasional "reminders" from Google for issues relating to a *really* old account (c. 15 years) I haven't used for years. I tried logging in solely to shut it down.
They want my phone number, even just to shut it down. Even though the account was set up *without* a phone number in the first place.
Strongly suspect that'd likely be deemed illegal if I was actually inclined (and resourced) enough to push the matter in court.
Regardless, they're not getting my phone number.
It'd be ironic if they now went ahead and did what I wanted them to do in the first place. I've no idea why they hadn't already shut it down years ago.
I have several throwaway gmail accounts with no phone number whatsoever and have never had a problem using any of those, so although I have no doubt they want my phone number, they're at least not as bad as Meta, who insist on flagging "suspicious" activity if you dare to use any of their services and apps without registering your phone number (although it's OK if you just use the web version on a computer)
If you have just one account registered with a phone number, and you use them on the same system, even if you clear your cookies, and sandbox the use, they will probably still find a way of linking them together. They're devious like that.
It still amazes me that Firefox manages to link together my work and personal systems, so that even though I don't log in to Firefox, and disable syncing between devices, it still manages to mingle the page history in Firefox between the different systems.
Have to be done while you're logged in.
And people are dreaming if they think Google will delete your data. They'll just make it inaccessible, but they'll never delete it. They've already said they wouldn't be deleting Youtube videos uploaded by accounts that are deleted, which I imagine will make it impossible for you to remove from public view in the future if you wish to do so - so potential aspiring politicians who might have their chances hurt if stuff they said when they were 17 comes to light during a future campaign might want to act fast!
Having spent a bit of time working for Google in the past and specifically being involved in the significant engineering work they put into making sure "deleted" data actually does get deleted, including various bits of data that are indirectly derived from user data, I will actually say that quite the opposite to what is implied here, Google is probably trying to limit their liability with respect to storing data about users who may have forgotten that they had accounts.
That doesn't mean they will forget about what they know about your IP address and device fingerprints. But your account data will be deleted; to do otherwise would be a very clear gpdr violation, and while Google likes to stretch the law there, they're careful not to break it so obviously.
"Our internal analysis shows abandoned accounts are at least 10x less likely than active accounts to have 2-step-verification set p. Meaning, these accounts are often vulnerable"
So just mandate 2FA then, Shirley.
However, please make the option to simply use TOTP codes easy to find, like it used to be.
And don't bollocks up the process like Facebook seems to have done for a couple of my colleagues (of course, we can all think of a different solution to that particular problem...).
I've had 2FA on my account for a while now. Finding the totp option is easy once you make it crystal clear to them that you're never going to give them your phone number.
I also have a couple of cheap fido u2f keys for convenience and additional security, of course. They work with most of my "important" accounts, except of course my bank which of course doesn't support any kind of 2FA at all.
That said, getting my parents to adopt 2FA has been a challenge which I've so far failed.
The big problem with Google's 2FA, for us, is that in addition to our personal accounts we have a shared "house" account we use for email that we both need regular access to – things like bills and other account information, online purchases for the home, medical appointments and information. The last I looked, Google's 2FA had no good solution for multiple users, particularly ones with heterogeneous devices and differing opinions on what software is sensible.
Maybe it's become more convenient to retrieve a Google TOTP secret for multiple clients; it's been a while since I looked into that. Of course then I'd have to convince my wife to use it. I'm sure she'd see it as an unnecessary annoyance.
And, of course, there's the problem that smartphones are terrible, terrible authenticators, so I'd have to back the TOTP secret up to at least a third device, and there's the ever-present danger of the phone failing sometime when you don't have ready access to the backup device...
2FA is a complete mess for many use cases and failure modes, frankly. It's a massive industry failure.
Yeah, as much as I'm sure they'd love that additional 2FA info, and will encourage people to use 2FA for security reasons, I can't imagine they'll ever force people to adopt it. At least not while there's nothing preventing a user searching Google or viewing Youtube without actually logging in with their Google credentials, as many would just put up with the less customised UI of both when not logged in, and Google would likely end up losing more juicy user data than they gained.
I have a google account that I can't get back into, no matter what I try. Part of the reason is the recovery account was a previous work email, and I no longer have access to that account. My ex-boss was even nice enough to re-enable my account for a hour to try to recover that google account, no dice.
Will be nice to know that they will delete it all? Hmm...
Even better than that.
Me too I have a gmail account that I can no longer get into. The recovery address is working fine and each time I try to request a password reset for this account, I get an email notification that someone is trying to reset my password. However, Google still refuses to let me access the account because they say they're not sure the recovery email belongs to me. Aren't they brilliant or what ?
I tried a lot of things, I would get messages like, you seem to be in a different region since your last login, try logging in from that location?!! WFT!! I moved two countries away. Just hop in the car and drive 14 hours to get back to where you think I should be? Then it cried about the device I was now trying to use... Please use the last device... Of course, the last device used was a work provided device 14 hours away! Good thing that addy only received tech bulletins and newsletters, but still, google knows I like technology!
> you seem to be in a different region since your last login
You mean, whatever random place geolocation places my IP? Which is currently Bangor (I wish, easy shipping from the EU) but it has been on the South Coast of England, sometimes Greater London, or in the Reading area; even, IIRC, Bradford as well (that one is getting closer).
Always good when I get those emails from the likes of Ebay: someone logged into your account from this approximate location, was that you? No idea! Tell me the IP they used, that'd be of more use! Though it was me, I just viciously have more than one browser installed.
BTW, I'm very happy with this peripatetic life, so no need to offer any advice on how to "improve" it!
I just had something similar with eBay. I did set up an eBay account years ago, it was probably before moving to the Scottish Highlands seventeen years ago and when I had a different credit card. I wanted to ask a question about a second hand PC so tried to log in - to start with I was told that the password was wrong. OK, recovery email, enter new password and then was told I last logged in on a different computer (no shit Shirley) and please phone number in the US. Everything I tried led back to the same "please phone this number in the US".
Itsn a good job I only buy something from eBay using a guest account about once every five years.
Once this starts, they'll increase the amount of use you've got to make of google services before they'll nix your account, to the point where you've got to use google search once a week. When that happens you might as well default your search back to google because it'll be too much hassle. They'll force people into a black and white decision in the end, and I'm willing to bet that if they push people that hard, they'll get an unpleasant surprise at just how many people jump ship.
We're already seeing this with the forced adverts on youtube to push people to take up a red subscription. I don't think that's working out quite as well as they'd hoped.
We're already seeing this with the forced adverts on youtube to push people to take up a red subscription. I don't think that's working out quite as well as they'd hoped.
Something strange happened yesterday. Opened YT in Firefox, and all my extensions got disabled. So I saw a pop-up wanting me to 'try red' and it telling me I had 1:31s of ads for my viewing pleasure. Instead I somewhat saw red, wondering how this was possible, and how was it possibly legal? Then how I could figure out how they did it to prevent it ever happening again.
I'm sure it has.
Does nothing to change the fact that, once again, a one-sided promise is being broken without recourse.
I don't care that there may be people who forgot their account. I don't see that it is a problem for Google because if they're not accessing their account, then they're not using bandwidth either.
And don't bother me about the cost of storage, that's nothing these days.
What I care is that there was nothing in the sign-up that said you could lose your data if you didn't do something that didn't exist at the time. Google has no right to go change the initial rules of engagement like that. If there was a proper contract then Google could only beg users to accept new rules.
But this is the Internet. It's the companies that decide and, once again, it's the users that lose data.
Tired of this bullshit . . .
Except that they did not need to tell you up-front. I know there will be a clause in the original agreement like "We may modify the terms in the future and publish these new terms and conditions. We will show you a (small) message to let you know when this happens. It will be your responsibility to read these new conditions, and your continuing use of the service will imply that you have accepted the modified T&Cs" etc.
Once you agree to a clause like that, unless it crosses legislation, you don't have a leg to stand on.
I'm tired of this bullshit too, but recall that the usual remedy is to demand one's money back. And we're talking about unpaid accounts. So this is simply yet another reminder that my long standing project to de-Google my life remains important and I need to complete it.
Just find a gmail account attached to something that's important but doesn't get used often eg. monitoring, or as domain registration for something that's got a few years to run.
Wait a while until Google closes the account, then register it yourself and take over the domain.
I am a regular user of Google stuff.
I was an early adopter of 2FA. It seems like a good idea. I use it for the work VPN and other things.
Then I changed my phone. Google locked me out. I eventually got it going again and, after a while, re-enabled 2FA again. A few years later and the same problem. I have not re-enabled it since. I actually have 4 2FA apps on it now for everything from Government gateway to voluntary work. Wary of putting it on my Google account though.
> we start looking like 90s drug dealers with 3 phones
Didn't your local plod put up those big posters from the Met in 2008, warning that people with multiple phones or owning a camera are terrorists?
https://observers.france24.com/en/20080307-terrorist-campaign-photographers-searched-london
As usual, the best solution to an outage is the sadly neglected backup. Non-technical users don't do backups at all, Google deleting their data is bad, bad, bad. Just imagine someone saved their CV in Google docs, happily employed for years, but now they need a job. I'm reminded of the terrible advice to get rid of any clothes you haven't worn in a year. I have a suit in my closet which hasn't been worn since the last wedding I attended, and it's going to another wedding in October....
Techie users, though, have no excuse! If you have some weird use case where you need to keep an ancient gmail alive, just set up a cron job to send from gmail once a year, problem sorted. As for the data deletion, any techie user whose backup cycle is longer than two years deserves to lose their data, in my opinion. You do back up your Google data, right? The cloud is not a backup, right? I use Google (only) for the Contacts, because I can export/backup to vcard, whereas the iPhone can only "backup" to iCloud -- not a true backup. (Actually Apple might have improved in this area, I should check on that.)
Long story short, just another reminder of the importance of (true, offline) backups.
Edit window has closed.
"(Actually Apple might have improved in this area, I should check on that.)"
Woohoo! Good things come to those who wait.
Settings > your name > iCloud > turn on Contacts > exit. Go to iCloud > Contacts > Select all > Export vCard.
https://www.lifewire.com/export-contacts-iphone-4585037
Bye-bye, Google.
Google does not offer a proper native backup option for their services. Even Takeout converts any native docs to a different format on the way out, which results in the data you receive not being an identical copy of what they hold on their end. This makes their products inappropriate for businesses which need to guarantee immutability of old data.
They’re also giving Apple an easy time in the consumer space (especially since custom email domains only cost 79p now) while giving Microsoft an easy time in the enterprise space, where MS will keep orphaned SharePoint data for up to 10 years and shared mailboxes forever (for up to 50GB of data per mailbox) with the ability to convert leavers mailboxes to being shared at no cost.
I have never saved anything* on Google, for any reason. First thing I do when I get a phone is disable all that junk. Anything I want to keep is saved locally, and anything really important gets a paper printout. Google can go google themselves, my backups aren't their concern and I will continue to not use their ad ridden junk. The only things I do use is the play store and google maps, and I do my best to not be tracked when using maps.
*Work doesn't count. I don't have a choice about that, but then I don't use that machine for anything other than work stuff and I've flushed stuff I care more about than work data.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
