In November 2019, Google accidentally archived videos from users into unrelated photo archives. As a result, a small group of people may find videos in this archive that aren’t theirs. At the same time, their videos may have been made available to others.
Google today sent an email to people who exported their Google Photos library between 21 and 25 November 2019. Google Photos is the default backup app for many Android phones and is also a popular choice for iPhone users, because it offers unlimited backups of photos and videos.
In the space of 4 days, those who downloaded an archive of their photos and videos for offline use were affected by an issue where “some videos in Google Photos were incorrectly exported to unrelated users’ archives”.
Users were also told that “one or more videos in your Google Photos account was affected by this issue”.
To understand the root cause of the issue, one has to be cognisant of how data is stored in the “public cloud”, what that means, and who’s paying for unlimited data storage. Using the public cloud means you’re using someone else’s computer to store your data or run computations. That means “the cloud” in this case is just several thousand computers that work for Google in storing and computing data.
One must always keep an important question in mind: if this is free, who’s paying for it? In this case, the users were paying for it. Google Photos needed (and still needs) a vast amount of photos to train its facial recognition software, which it plans to sell at a later stage.
What went wrong was that they collected photos and videos into temporary folders on their cloud machines with no privilege controls. Then they zipped those folders and gave users a link to download. One can assume that, under high volumes of archive requests, these temp files may not have been deleted before the next batch was processed.
Jon Oberheide, CTO at Duo Security, tweets about how he may have been affected.
Google will probably make more apologies about the issue in further communications. However, the virtual cat is out the bag with this one, because once data is downloaded, Google has no control over it. This issue extends far beyond just applying a bug fix or a patch and moving on.
In Google’s communication, it recommended users perform another export of their content and that they “delete prior exports at this time”.
Our recommendation, in future, is to make encrypted backups by yourself, whether it be in the cloud or on-site, as long as you are the only person with the decryption keys, so that events like these will be extremely unlikely to affect you. Gadget and many security professionals recommend using OwnCloud for backups because it’s secure, open-source, and reasonably simple to set up for home use.