Google Docs locks out writer

Martin Shelton

Principal Researcher

Freedom of the Press Foundation. (CC BY 4.0)

It’s the Digital Security Training team at Freedom of the Press Foundation (FPF), with security news that keeps you, your sources, and your devices safe. If someone has shared this newsletter with you, please subscribe here.

In the news

  • Time for a scary story. For WIRED, Madeline Ashby recently told the story of a nightmare scenario for journalists and writers everywhere: losing hundreds of pages of your hard-won writing. One day, romance writer K. Renee received an alert from a friend who edits her work that their shared Google Docs folder was no longer accessible. The writer’s friend received an alert, “You no longer have permission to view this document” and “If you believe this is an error, contact the document owner.” Ten of her works in progress — altogether 222,000 words and hundreds of pages across multiple files and folders — were no longer accessible on her devices. She received a message from Google stating, “You cannot share this item because it has been flagged as inappropriate,” but she could not tell what part of her writing was deemed “inappropriate.” As a romance writer, sometimes she writes “spicy” scenes.

  • According to WIRED, it’s not clear if she was flagged for terms of service violations, sharing the document with too many people who preread her work in a way Google could misinterpret as spammy behavior, or something else. Renee has since filed a report with Google to try to unfreeze her documents. Read the story.

What you can do

  • This is a reminder that when using Google Workstation — including Drive, Docs, Calendar, Gmail, and more — your activities are plainly visible to Google. And in turn, it can decide what happens to your files and is also responsible for providing data to law enforcement if it receives a valid legal request. While it’s powerful and convenient, Google Docs might not be right for all documents, including those that you consider sensitive, private, or that you can’t risk losing. Read more about newsroom privacy and security considerations when using Google Workspace.
  • It would be catastrophic to lose hundreds of thousands of words for a false violation of terms of service when reporting or writing about topics that could be seen as “inappropriate” to Google or any other company. Learn about how to appeal a violation.
  • Because the appeals process doesn’t work every time, it’s always wise to keep backups in more than one place, including local copies and copies on end-to-end encrypted backup services like Tresorit (paid) or Proton Drive (free, up to 5 GB) which cannot read your documents at all. Likewise, while it’s hard to beat the flexibility of Google Docs, it’s also possible to draft documents in end-to-end encrypted editors supported on all major operating systems, such as Standard Notes.

We are always ready to assist journalists with digital security concerns. Reach out here, and stay safe and secure out there.

Best,
Martin

Donate to support press freedom

Your support is more important than ever.

Read more about Digital Security Digest

Crossfire over messaging security

Johns Hopkins cryptography professor Matthew Green explains that “the cryptography behind Signal (also used in WhatsApp and several other messengers) is open source and has been intensively reviewed by cryptographers. When it comes to cryptography, this is pretty much the gold standard.” By comparison, Telegram does not provide end-to-end encryption protection by default and only offers it as an option in one-on-one “Secret Chat” mode.

Google details app violations

According to its security blog, Google prevented 2.28 million — yes, million — Android apps from being published on its Play Store in 2023. The company says it also removed 333,000 accounts for attempting to deliver malware through the Play Store, as well as for “repeated severe policy violations.” These numbers have grown substantially since 2022, when the company disclosed it prevented 1.43 million apps from being published on the Play Store.

Bill expands US spying powers

Last week, Congress reauthorized a controversial surveillance authority, Section 702 of the Foreign Intelligence Surveillance Act. While legislators considered reforms to FISA that would restrain the federal intelligence and law enforcement community’s abilities to spy on American communications without a warrant, they in fact expanded these surveillance powers to subject more electronic communications service providers, such as U.S. cloud computing data centers, to data collection.