https://www.blog.google/technology/safety-security/updating-our-inactive-account-policies/
Google to start deleting inactive personal email accounts. If your personal email account with Google have been inactive for two years it will, or may, be deleted.
To reduce this risk, we are updating our inactivity policy for Google Accounts to 2 years across our products. Starting later this year, if a Google Account has not been used or signed into for at least 2 years, we may delete the account and its contents ...
Notice that they MAY delete the account and all the content. Weird that they say may instead of will. Will some of them be kept around anyway? Are they saving the content but deleting the account? Is it so the Google AI can have one long good snoop before it goes into dev/null?
I might have missed it but to delete accounts for security reasons, that seems to be the reason given, is by itself sort of a security issue. After all what stops someone from re-registering the names afterwards. Hope that whatever mail they had keeps on sending to the address. Or it can be used to recover account credentials with other services. Deleting in that regard seems bad if they do not also block re-registration of said emails for a very very long time. Most of them will be duds but if you automate the process you'll hit digital credentials gold eventually.
If nothing else for spamming and scamming. After all johnny5753@gmail.com is your personal friend so whatever he mailed you must be real ...
(Score: 4, Interesting) by Rosco P. Coltrane on Thursday May 18, @12:06PM (2 children)
people didn't need but were coaxed into creating when they bought a cellphone to have access to the Play Store, because nobody told them they could sideload? Do those account count as inactive, or actively used to deanonymize and track those cellphone users?
(Score: 4, Interesting) by owl on Thursday May 18, @12:29PM
An account attached to the 'play store' is actively bringing in advertising and spying money payments from advertisers, so of course that account won't be deleted.
(Score: 2) by looorg on Thursday May 18, @12:32PM
From what I gather tho you don't have to check your mail. It's probably just the easiest and most common thing. I recall that they did mention that you could login and watch a youtube video or login to your gdrive etc etc and that would count to. So I would assume that all those people that have required g-accounts for their phones and such are more or less automatically logged in all the time so that big brother Google can keep track of you ... for your security and such reasons.
That reminds me, one of my old workphones "required" a gmail account when I got it. To access the store and such. So that was created just for that and then promptly like never used ever again. So there might be a lot of those around.
(Score: 1, Interesting) by Anonymous Coward on Thursday May 18, @12:19PM
> To reduce this risk, we are updating our inactivity policy for Google Accounts to 2 years
Sure enough, there was an email from Google about 2 years ago announcing that inactive accounts might be deleted. Reading between the lines, I got the impression that accounts with a lot of dead storage (old photos, other large attachments??) might be first to be deleted, but that's just my take.
That same email also included links to several Google pages that were claimed to give more details about what counts as activity (or inactivity) and other Google policies. I tried all those links and they were all dead this morning...
(Score: 5, Insightful) by owl on Thursday May 18, @12:36PM
What they say: "to reduce security risks"
What they really mean:
Some PM, looking for something to add to his/her accomplishments for the year has discovered that old, inactive, accounts are:
And has decided to "add an item" to his yearly accomplishments list by saving google the cost of the db storage and blob storage to hold all that data -- which is not bringing in any advertising revenue because the account is inactive.
Note that the most critical part is "no ad revenue". This is just the next item in a long list of examples (i.e., youtube) of google turning up the "advertising push" knob. This one is simply reversed -- instead of shoving ever more ads it is of the form: if we are not receiving any ad revenue, we are going to delete you.
(Score: 4, Insightful) by canopic jug on Thursday May 18, @02:04PM
This can't be about actual security (confidentiality, integrity, availability) because it will drive a proliferation of second, third, fourth, and so on accounts. As old ones are closed on purpose or by accident, people will be forced by various factors to re-join the inescapable Google ecosystem by creating a new account. So instead of john.doe@gmail.com you'll soon have john.doe.1@gmail.com through john.doe.n@gmail.com with some mixture of fake, real, and expired accounts.
So instead of security my guess is that the mover is really about trying to motivate a larger portion of the population to 1) stay logged in more often and for longer and 2) emit more farmable behaviors for Google.
Money is not free speech. Elections should not be auctions.
(Score: 5, Interesting) by Anonymous Coward on Thursday May 18, @04:09PM (2 children)
Google forces new sign ups to provide a phone number. Old accounts were created without that.
(Score: 4, Interesting) by Anonymous Coward on Thursday May 18, @05:48PM (1 child)
I lost several old accounts cause I refused to give them a phone number or attach an authenticator to them. I guess they are still around. But they'll never get any of that so I guess in about a year or so they'll be deleted.
No legacy accounts for me.
(Score: 0) by Anonymous Coward on Friday May 19, @11:47AM
When Google first offered "Voice" as a Gmail add-on, they also gave out free phone numbers. I requested one in my area code and still use it for texting from my laptop (texting on Voice is free like beer).
I wonder if Google would accept that phone number as part of an authentication profile?
(Score: 3, Interesting) by darkfeline on Friday May 19, @04:30AM
> I might have missed it but to delete accounts for security reasons, that seems to be the reason given, is by itself sort of a security issue. After all what stops someone from re-registering the names afterwards.
Google has never allowed username reuse. You have always been able to delete your account, and no one is allowed to reuse that username.
> If nothing else for spamming and scamming. After all johnny5753@gmail.com is your personal friend so whatever he mailed you must be real ...
That is exactly why Google is doing this. A account that isn't logged into for two years is in all likelihood abandoned. Which means no one is there to detect that it has been compromised. Old, abandoned accounts with easily guessable passwords are an easy target for spamming and scamming.
> Notice that they MAY delete the account and all the content. Weird that they say may instead of will.
Obviously they want to give themselves future leeway. For example they may want to give an account to a deceased family members. They may also disable the feature to rewrite it. They don't want people to depend on the auto-delete feature and then sue them when their burner account is kept for law enforcement or something.
Join the SDF Public Access UNIX System today!