My name is danah boyd and I'm a Principal Researcher at Microsoft Research, a Research Assistant Professor in Media, Culture, and Communication at New York University, and a Fellow at Harvard's Berkman Center for Internet and Society. Buzzwords in my world include: privacy, context, youth culture, social media, big data. I use this blog to express random thoughts about whatever I'm thinking.

Relevant links:

Archive

a google horror story: what happens when you are disappeared

Earlier this week, an acquaintance of mine found himself trapped in a Kafka-esque nightmare, a nightmare that should make all of us stop and think. He wants to remain anonymous so let’s call him Bob. Bob was an early adopter of all things Google. His account was linked to all sorts of Google services. Gmail was the most important thing to him – he’d been using it for four years and all of his email (a.k.a. “his life”) was there. Bob also managed a large community in Orkut, used Google’s calendaring service, and had accounts on many of of their different properties.

Earlier this week, Bob received a notice that there was a spam problem in his Orkut community. The message was in English and it looked legitimate and so he clicked on it. He didn’t realize that he’d fallen into a phisher’s net until it was too late. His account was hijacked for god-knows-what-purposes until his account was blocked and deleted. He contacted Google’s customer service and their response basically boiled down to “that sucks, we can’t restore anything, sign up for a new account.” Boom! No more email, no more calendar, no more Orkut, no more gChat history, no more Blogger, no more anything connected to his Google account.

::gasp:: My heart threatens to attack my throat at the mere idea of losing four years worth of email. ::shudder:: Or what if this blog disappeared? Like, OMG. {insert horror film music here}

Luckily, Bob is well-connected. His friends in high places forwarded his story to powerful people inside Google. Today, his account was restored. While such a restoration should provide a sigh of relief, it’s also a bit disconcerting. What if Bob hadn’t been so well connected? What other kinds of damage can phishers do to people who have so many of their key tools linked together under a common account?

Most tech companies blame phishing victims. Basically, the general sentiment is that if people weren’t so stupid, there wouldn’t be a problem. Yet, there is great research on Why Phishing Works that shows that even sophisticated users can be deceived. While education is important, it is unrealistic to expect all users to keep up with the developments of scammers’ deceptive techniques. Consider the story of Clementine, a 13-year-old citizen of Gaia Online who fell victim to a phishing attack and had her account deleted without recourse. Once again, Clementine’s saving grace was that she had connections, but it took a long time and she was written out of her primary social space in the meantime.

When companies host all of your data and have the ability to delete you and it at-will, all sorts of nightmarish science fiction futures are possible. This is the other side of the “identity theft” nightmare where the companies thieve and destroy individuals’ identities. What are these companies’ responsibilities? Who is overseeing them? What kind of regulation is necessary?

There’s also a flip-side to this story. Google was able to restore his account because they kept everything on backup servers. In this case, Bob didn’t want to have all of his content deleted. But what if he had deleted it himself and expected it to be deleted permanently? Who should have the right to recall his data and under what circumstances? I find it particularly haunting that there is no way to delete your Facebook account. You can only “deactivate” it, but you can reactivate it at any time and everything will come right back. What if you don’t want to go down on Facebook’s permanent record?

These are the issues that worry all sorts of privacy and identity types. They are the cornerstone of books like Daniel Solove’s The Digital Person and Simson Garfinkel’s Database Nation. Yet, as with identity theft, few people stop to think about data loss until it happens to them. But perhaps we should. How would you feel if the company hosting your email suddenly decided to disappear you? Or if Facebook/MySpace/Flickr/Xanga/etc. decided to delete your account right now? (There are plenty of examples of this one too. For example, many celebrities have found their accounts obliterated because company reps think that they’re fake. And then there was Friendster…) Imagine if you had no path of recourse. Talk about disempowering!

In thinking about this, your first response should be to back up your data. (And grumble loudly about all of the places where this isn’t possible.) But what’s your second step? What kind of legislation is necessary to address this? What kind of data recovery (or non-recovery) policies should companies have?

Update: Check out this case of a guy being banished from Facebook for reasons that the company refuses to explain to him (in a Kafka-esque nightmare). This is particularly intriguing given that the company is trying to make Facebook a universal platform. If Facebook becomes a platform, what rights to due process do users have?

Print Friendly

34 comments to a google horror story: what happens when you are disappeared

  • I actually had this happen with GMail. Somehow my password got re-set and I was locked out. I still do not really know how this happened. Support was little help in getting back in.

    Their “automatic” re-set procedures didn’t work. I heard hardly anything from support when I wrote to them. The problem (I found out later) was that some initial information was needed from when I first opened the account and apparently what I was entering was either wrong or insufficient for them to believe me. On the one hand, I appreciate their diligence, but on the other, I was a legitimate user being locked out by their normal process.

    I was out of my email for something like three weeks. As you know, this is an eternity for a software developer and Internet geek.

    In my case as well, I used a connection at Google to find out what was going on and to give me a “second chance” to prove that I was who I said I was. I can easily imagine how someone who did not have any connection at Google could be locked out for good.

    It was no doubt a cautionary tale for me. Just like backing up your computer, back up your email. Although, many other kinds of services don’t allow data archival, like you said.

  • This happened to me a couple of years ago, when a lot of people lost access to eBay accounts without phishing, and being one of those folks without connections inside Google, I had to settle for losing my gmail account. The saga, and my eventual giving up are chronicled here and here.

    Lessons Learned:

    1) eBay hands down owns when it comes to helping get you control of a compromised account back.

    2) Google doesn’t honor their own supposed resolution procedure in these situations, deleting emails to both security@google.com and gmail-abuse@google.com unread.

    3) If I had a friend in Google, I could maybe get service as good as eBay has for everyone.

    The upshot of the whole experience was reconsidering how I used these great new services, which led me to decide that I would no longer turn over all of my data to someone else’s profit motive. No more sharecropping my data (email, pictures, etc) just for the sake of a “convenience” that is only that if everything works perfectly, which is, of course, impossible.

  • Bob

    I’m the Bob in question. To be fair to Google, it’s unclear if the connections were the reason my account was restored (within 3 days). I filled out the “account hijacked” form several times (advice on the discussion group was to do it every day). And the support email did not come from an individual at Google, but the “team.” So either it was at the guiding hand of one of my friends’ connections and they aren’t taking credit, or I had a really good experience with the standard customer service.

    That said, after experiencing phishing first hand, I think it’s a serious design flaw that networks should address. Consider the UI involved in deleting all the files on your hard drive. Open the drive, select all folders, drag them to the trash, waiting for them all to copy there. And then selecting empty trash (and perhaps checking OK at a warning box). That’s several steps, it’s really difficult to do that by accident.

    The phishers designed the UI to look and work exactly like logging into Orkut. The steps involved were: click on phishing link, fill out name and password, click login. My account was deleted minutes later.

    I’m a very experienced internet user, which is part of why I’ve asked not use my name. I’m the -last- person that should be a phishing victim, yet it happened to me. Since it happens to internet professionals far less than, say, the clueless relatives of internet professionals, of course we blame it on the user.

    The design problem is you want the site’s interface to be uniform every time you visit, this tells the user “this is the real gmail”. But this is what the phishers are exploiting. If the site was somewhat different every time you visited, it would be jarring and perhaps cause more people to look at the URL to make sure they were in the right place. Bank of America uses a “personal icon” that you should see to ensure it’s the right server. It’s not the most elegant solution, but it is a step in the right direction.

    Thanks danah!

  • Welcome to the digital age of humanity, where everything you do leaves a trail (like it or not).

    IMO you should never let a third party (especially electronically) maintain any personal information or data which you wouldn’t want disclosed.

    I’m glad they recovered your account, although it is rather unfortunate we cannot maintain total privacy on the internet in some cases, such as your situation, it could be considered a good thing that Google had a backup of all you data and was able to revert it back to your account (a potential legal issue in the future one would think).

  • The one thing that’s not being mentioned– and it’s a far from perfect solution, but helps a little– is to back up everything you have on Google’s servers.

    I personally use Thunderbird with Gmail’s IMAP service, and sync my Google Calendar to Thunderbird with the Lightning plugin. That way, it’s all stored on my side and theirs. I also exported my entire gmail accounts list to Thunderbird.

    That way, if I were to get locked out, I could do a mass mailing and let people know what’s up… once I’d gotten another IMAP or POP client.

    Not ideal, as I said, but there’s ways to make getting locked out less devestating.

  • Bob

    Tad – I agree using IMAP for your gmail account is very important, but the reality is, IMAP is greek to most internet users and they aren’t aware that it is an option. You say back up everything from google’s servers – Email is a pretty linear thing to back up – how do you back up say Flickr/Picassa with photos and captions (and comments)? How do you back up your calendar? (I’m sure there is a format, but once again, not obvious to most users). Look at the list of google services and you will realize that it’s impossible to back up. How about google books where you bookmark pages/annotations of the books they scan…?

  • Frightening!

    Is there any “Internet Data Protection Service”, similar to Anti Virus Software, to protect not my PC data but my Internet data now?

  • Ideally, these web services would offer backup features. This makes sense in a cloud computing world with DataPortability.

  • gregory

    and what if the “phisher” is uncle sam? or even an anonymous dhs (stasi) official?

    this internet is not the quiet happy universe we might think it is. every social network is only about finding out as much of your private details as possible so they can turns you into a mark. and those private details, they are not private, as i’m sure you know.

    i won’t be paranoid, but i will be practical, and trust nothing of the net for what i may truly need in real life. sunspots, cable cuts, power failures, warfare, economic failures… let alone malicious intent, or rogue employees …

    would be this subject is only beginning to be discussed

  • Joe Adams

    So, let me get this straight. Google is bad because they deleted an account that had obviously become associated with spam and phishing. By the way, how do you “click on a link and get your account hijacked”. Huh? It doesn’t work like that – you would have to enter your id and password for your google accounts on a page run by the phishers. In which case, gee, you’re lucky the only bad thing that happened was your account got deleted. If this person had given their id and pw to their bank account to the phisher, is that a Bank of America horror story or a “boy is this guy an idiot” horror story? Finally, just to be sure i’m clear, Google is good because they backed up his data but google is bad because they backed up his data. um, dana, guess what, your ISP sees everything you type into your browser long before it gets to google or anybody else, and all of that information will be used for behavioral targeting ads at some point. Wake up and smell the electrons. If you use a computer connected to the internet, you at the mercy of the least transparent and privacy focused company that ever receives your bits. Google is the last company on that list you need to worry about.

  • One thing that complicates this: IMO, the odds are MUCH greater that your own personal computer will be stolen than you would somehow lose information stored on Google’s (et al) servers.

    My laptop has been stolen twice in the last 3 years. Thankfully, all my personal information is “secure” on a random server somewhere in the world. Somehow it seems safer there than in a bag slung over my shoulder.

  • Another aspect of this. Increasingly when you go to a new service you’re expected to put in your id and password for GMail and other webmail services to find friends or invite new people. This really ought to use a more secure method like oAuth and OpenID so that you don’t have to give the new site your credentials.

    This is all part of what Dataportability.org is trying to encourage. You should be able to export all the data you’ve given to a site. You should be able to use more complete authentication methods.

  • James Y.

    I too live in fear of getting disappeared. I recently moved 2 years of data out of gmail and onto a Slicehost slice. Decided to use Zimbra, it wasn’t too bad to setup and I have regular backups going to S3, in addition to the slice backups. Peace of mind…

  • Isaac Rabinovitch

    IMO you should never let a third party (especially electronically) maintain any personal information or data which you wouldn’t want disclosed.

    Excuse me? Do you have a job? A doctor? A bank account? Do you use ISP email? Do you pay taxes? All these things require you to share sensitive information. Hopefully the people you share it with do good job of protecting your privacy. Google doesn’t seem to be doing very well in that department.

  • John

    Why on earth would you really NEED to store FOUR years worth of email!?!?!?

  • ade

    I find it amusing and a little sad that having identified a serious problem you ask: “What kind of legislation is necessary to address this?” Are you seriously suggesting that adding government regulation into a fast moving and highly technical field will somehow help?

    Would you feel more comfortable if your government mandated that backups of everybody’s credentials had to be kept in some central government facility? Sadly that’s the sort of solution we’re likely to see if we ask the government so solve our problems for us.

    In the comments I see lots of people pointing fingers but no-one offering solutions. What alternative course of action do you believe that Google or any other online service provider should follow in this kind of situation?

    P.S. If you’re going to use the term “disappeared” in such a flippant way you should at least read the wikipedia page on the subject: http://en.wikipedia.org/wiki/Forced_disappearance so that you understand what that words means to a lot of people

  • how do you back up say Flickr/Picassa with photos and captions (and comments)? How do you back up your calendar? (I’m sure there is a format, but once again, not obvious to most users).

    Easy, don’t rely on free web services that offer only advertisement in exchange for the goods. Such services don’t take your use of them seriously, and while Google is trendier, it is no different.

    Any service should offer clear online information and/or tools to assist you in backing up your data or retrieving it from the service if it is ever lost or rendered inaccessible. In particular, this story illustrates the importance of making sure it is data YOU can back up on YOUR local resources – not just theirs. That way there’s no dependency on a quick resolution from people giving you a “free” service.

    Dave

  • I’m glad your story has a happy ending. A friend had a similar situation with Yahoo, but instead of phishers he was the victim of lawyers. He had bought a used copy of 3D Studio Max (legally) and a couple years later tried to sell it through Yahoo classifieds. During this time, the product was sold to AutoDesk, who decided to invoke that part of the software license that effectively says “and oh yeah, we can change this whenever we want”. They had made the license non-transferrable, but didn’t notify him. They instead had their lawyers write a letter to Yahoo saying who knows what, but I’m guessing it was rather threatening. Yahoo killed his account immediately. He not only lost years of email, but his IM account, classified listings, and fantasy football league, of which he was the commissioner. There was no happy ending.

    Personally, I’ve had a problem with Lycos. Several years back they tried to upgrade their database and lost most of everyone’s email. Gone. No backups. My solution was to set up my own server to host email and web. This worked, and guaranteed privacy and security, but it’s a ton of work to set up and maintain a Linux/UNIX server. I’ve finally relented and use 3rd party hosting, but agree with Tad that keeping local copies of everything is best. For spam, I’ve found that SpamBayes (http://spambayes.sourceforge.net/) works wonders for desktop clients like Outlook.

  • relying on a free service is a silly thing to do.
    You should control your data, this means getting dependable hosting, backing up and getting your own domain name for your email/website.

    When you sign up for Facebook,myspace,myface,facespace etc. you agree to give them the right to do pretty much anything they like with any data you submit to them.
    It is certain that this information is going in to some database and sold to various marketing companies.

  • If the site was somewhat different every time you visited, it would be jarring and perhaps cause more people to look at the URL to make sure they were in the right place.

    I agree. There’s a lot of work to do in this area. I run an online password manager, so protecting our users from phishing is a top priority. We use a personalized welcome message in big red letters during login. It’s a start, but we’re always looking to improve.

    We also have an autologin button that helps against phishing in other sites (not the password manager itself). Essentially you press the button and it’ll fill in your login and password for you as long as you have one stored for that site in your account. If you don’t – then it’ll tell you “unknown website”.

    That’s is a heads up that the site isn’t the one you think it is. It will literally stop you from inserting your login and password.

    I’m not trying to plug my product – any form filler will do the trick. It’s worth getting a password manager and using it.

  • Prayer? Probably prayer…

    …but mostly backups.

  • Should I click ‘Remember personal info’ here?

    I accept that my privacy is not mine especially since the 9/11 attack and the anti-terror laws. I also grew up with Communist Party parents and we had ASIO parked outside a lot. I’m Australian. My parents could not get a visa to America and nor could my brother. Luckily, when a Labour Government came to power some time ago, they raided ASIO and destroyed all the files. So I got to go to America (twice).
    I digress though. I’d hate to lose my data and I do do backups. But what I can’t backup is my blog. My host used to have a back up service but discontinued it. I don’t know how to back that up.

    A friend of mine recently found her OS was corrupted. She lost absolutely everything, including all her gmail files. But gradually she built it back up again. She does write down almost everything though, whereas I’m a bit slack about usernames and passwords. I even forgot my PIN number the other day while going to the bank. I had to get one reset.

    Only just found out that Facebook won’t let you stop being a member. I’ve read a post though that said delete everything you have on Facebook and then discontinue but then you have to delete something else which Facebook doesn’t tell you about. Over the years though, I’ve learned not to tell ‘everything’. My answer has been to be circumspect all my life. Having privacy was never a fact of life and never will be.
    But I do support all the legislation that supports privacy even though it is just theory.

  • Hello all,

    I have started a web site called http://www.googlehorrorstories.net whose main goal is to see Google policies change in regards to how they handle dispute resolutions between them and their end uses whether they be advertisers, publishers or just users. By posting your Google Horror Story at my site, you will be helping to build a “one stop shop” for internet users to see the not so pretty side of Google. It is my hope that this will eventually spur changes at Google for the better. But if not, at least it can help more people become better informed about the risks associated with using and relying on Google.

  • I feel sympathy for your friend but this shows the weakness of relying on a third party’s “free” service to maintain your digital life. Your data is available at their whim and, also, they can change policy and *sell* your data to whomever they choose at some future date.

    Personally, I don’t use Gmail because I don’t want Google trawling through my e-mails for a way to advertise to me. I don’t want my e-mail permanently stored (whether I’ve deleted my access or not) until the end of time. I already am annoyed that Usenet news postings of mine fro 18 years ago are available on Google’s servers.

    Google, Yahoo, Microsoft, etc. are not your friends. You are a source of *revenue* towards them.

    I keep my e-mail on an imap server that I have control over. The same goes for my web pages. I can move them to another location, delete them, etc. as I wish. Sure, that isn’t an option for everyone but you’re better off using, say, e-mail through Speakeasy than a giant beast like one of these MegaCorps.

    You should especially avoid having your entire online life based around access provided by a single entity. What happens when that entity folds or, for example, is bought by a competitor that you dislike with markedly different policies?

    People need to be a little more paranoid.

  • this is one of the reasons why i don’t have everything interconnected by the same service in terms of my email, accounts, website, etc. i try to keep things separate, because if one provider goes down/gets bought out i don’t want to lose everything.

    according to this, you CAN have your facebook account deleted:
    http://www.thenation.com/blogs/notion?bid=15&pid=283731
    “Facebook’s Brandee Barker sent in a response to this post:

    “There are two different ways to remove your information from Facebook. The first is to deactivate an account. Once a user deactivates the account, his or her profile becomes inaccessible on the main Facebook service, and the data is kept by Facebook only to allow easy reactivation. The second option is to delete the profile altogether. When a user deletes his or her profile, personal information — such as name and all email addresses associated with the account — is deleted from Facebook servers. If a user decides to join Facebook again, he or she would need to create a new profile. We are working to better explain the simple deactivation process, and to ease the deletion process for those who want their personal information removed from our servers.”"

  • AnonyMouse

    I had my own horror story with Yahoo about a year back. I was heavily involved in Yahoo Answers for awhile. Then one day I guess I gave a sarcastic answer to a question that irritated someone, and boom, I was not only locked out of Yahoo Answers, but I was locked out of my email, my photos, my documents, basically EVERYTHING that I had been accumulating on Yahoo for the past decade or so. The most absurd thing about it that I was even a PAYING customer. I was PAYING an extra 25 bucks a month for Yahoo’s professional email service, and I was PAYING for a Yahoo web site, and I lost those services too! I was able to get my account restored by raising holy hell, but it was a sickening experience. And Yahoo lost me as a paying customer for life!

    To this day I don’t know what I said on Yahoo Answers that provoked such an extreme response from Yahoo, but I do know that I didn’t say anything that a reasonable person could consider criminal or obscene. And even if I did do something that justified expulsion from Yahoo Answers, why should I lose my email and my personal photos? Taking that further, if Yahoo merges with another company, does that mean that in the future if I do something to violate the rules at Yahoo, I’ll lose access to my Microsoft Hotmail? Or my Windows operating system? Or my AOL broadband? Or my cable TV? Or my cell phone service? Will I lose my email if I’m late making a payment on my Yahoo Visa card?

    This was a case of Yahoo robbing me of my online life as a way of punishing me for expressing my opinion, and in the United States of America, I find that disturbing. It’s also offensive because sites like Yahoo Answers profit from the contributions of their users, yet are so arrogantly ungrateful to the public which provides them with content they don’t even have to pay for, that they feel entitled to arbitrarily rob their users of personal data without warning or recourse.

    And who says that because the service is free, the company has no obligations to those who use the service? Companies like Yahoo and Google profit from those of us who use their services, just as they profit from the internet itself, a resource that belongs to the public. Television is free, does that mean that broadcasters have no responsibility to serve the public? Of course not. Whenever people build a community, they are entering into a social contract, with rights and responsibilitities for all parties. There’s no reason the same principle should not apply to those who are in the business of building communities online.

  • AnonyMouse

    Correction to previous post: Actually, it was Twenty-five bucks per YEAR for Yahoo’s professional email, not per month, but that’s bad enough.

  • I believe in backing-up data, I’ve helped recover one too many drives (go to DriveSavers.com for fun). I back-up my entire hard-drive (except for programs) each night, and store one of these copies off-site, weekly. Additionally, I perform incremental saves during the day if I’m working on something critical.

    For my blog, I simply copy and paste the entire blog into a Word document (photos and all), and update that every month or so. You can also just turn it into a PDF if you prefer. There are even companies that will make your blog into a bound book.

    For those whose mail is hosted on heavy machinery (for better or for worse), there are many products that will “back-up” or offload your web-mail, but use with caution. If you’re not familiar with how they work, you could end up blowing away some or all, of your mailbox.

    You can use these free programs (below) to port your mail over to Outlook and then from Outlook save it as a PST file and burn it. If you try to export too much mail at one time, your provider will shut you down temporarily. Additionally, if you have mailbox folders, these clients may or may not allow you to map those folders, (I haven’t tried all of these clients). Also, they don’t grab old Sent Items.

    Again, be careful because once you install these, you could find that deleting from Outlook deletes the original, and/or if you don�t check-off �leave a copy on the server� you may pull a Hoover on your entire Inbox. All the above caveats being stated, these can be very useful:

    http://ypopsemail.com
    http://www.freepops.org
    http://mrpostman.sourceforge.net
    http://fetchyahoo.twizzler.org

  • This has just happened to my Dad and he’s been locked out for weeks, does anyone have any other way to contact google about this, he keeps filling out the hijacked account report and he is stuck. please if anyone can help email me at karl dot long at gmail or comment here
    http://experiencecurve.com/archives/is-google-shutting-down-email-accounts-if-they-suspect-hijacking

    Thanks for any help

  • John Trainor

    I wanted to transfer my blog (http://opinionanddissent.blogspot.com) from one Gmail account to another and was following Google’s detailed procedures to do so. I finally got my new Gmail address to show in my blog “Permissions” as “Admin” and so I thought I’d be safe to delete my older now unwanted Google account, but I ended up deleting my blog too. Everyone liked my blog name, “Opinion and Dissent,” and I am now trying to recover my old Google account just so I can get my blog name back.

    Google turned me down, saying their investigation was “inconclusive.” Their form has no opening for a comment. I could prove I’m the true previous owner if they just let me. I will try what someone suggested here, keep submitting every day. Thank you for the insights!

  • [...] many other reasons — it is a precursor to stealing your actual account credentials. (That is particularly scary with Google due to their lack of anything resembling customer service for account issues.) [...]

  • Here’s another kafka-esque episode of Facebook banning for no reason:

    http://translate.google.com/translate?js=y&prev=_t&hl=en&ie=UTF-8&layout=1&eotf=1&u=http://aurelianito.blogspot.com/2009/12/como-me-echaron-de-facebook.html&sl=es&tl=en

    This is the original article (in Spanish):

    http://aurelianito.blogspot.com/2009/12/como-me-echaron-de-facebook.html

    In this case, Facebook not only banned the user without providing a valid reason (their reasons contradict each other) but they also refused to delete the account data as well. So not only they can ban you, but they’ll also keep your data in their servers forever.

  • Quill

    Here is another horror story. Unfortunately these things continue:

    http://www.lastwordonnothing.com/2013/04/22/dumped-by-google/

    “In reality, I discovered, Google assumes no responsibility over user data nor is it required by law to do so. In the same notice informing me that it had disabled my account, Google told me for the first time that it reserves the right to “terminate your account at any time, for any reason, with or without notice.”

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>