While unscientific, I've noticed an increasing frequency of "[FAANG company] banned me from [service I literally need to live] and I don't know why" posts over the past few months. My personal google account is permanently suspended from Adwords over my, no joke, chess-over-videochat website that I tried to advertise last year. Just like you, Google refused to let me know what exactly I had done wrong even after multiple emails, appeals, etc.
At some point, we need to recognize this for what it is - unregulated monopolies having no accountability.
I'm wondering whether there are legal actions that people can take. Many years ago, I was having a problem with Anthem "losing" my insurance claims. Eventually, I got sufficiently frustrated and filed a complaint with the California Attorney General. Shortly after that, I got a long letter of apology, a promise to open an internal investigation, and most importantly, finally got my insurance claims processed.
Insurance companies have unique regulatory requirements specifically because they used to do what Google does now: ghosting paid-up customers. In their case, many insurance companies welcomed regulation to maintain a level playing field. It would otherwise become too easy for some to collect premiums but not pay out obligations, and thereby be able to undercut more honest companies. But for this to work, state Attorneys General need to take enforcement seriously, and resist capture. California's Attorney General is elected, which helps there.
Why is that unique to insurance? Taking money for a service and then not providing is just normal fraud, it's unclear why you'd need insurance-specific regulations for that beyond ordinary contract law.
Because people who need insurance are already suffering from a loss. Having to sue the insurance company for fraud would be just adding insult to injury, and would be unattainable for many people who cannot afford to open lawsuits. Pre-emptively putting mechanisms in place so you don't have to go to court to get your insurance claims handled makes insurance work with society.
The similarity is that you are insuring against a specific event with a lot of caveats. As a silly example, if you insure your house against fire damage and then light it on fire yourself intentionally, you're not getting anything. The insurance policy may not even cover accidental fire damage if it was due to your own negligence, e.g. operating an unsafe fireplace.
Given all these terms and stipulations, it's easy for the insurance company to say the policy doesn't cover the specific event that led to your loss, even if it should. Which is when you have to take them to court. So in the interest of keeping the insurance business an actual legitimate business people trust, you have oversight.
Yes, but that answer doesn't explain why anything insurance specific is needed. Courts can rule on contract disputes regardless of how complex they are.
Courts take a long time to rule on complex contract disputes. The whole point of insurance is that you need the money now, not years later, as was already explained nearby: <https://news.ycombinator.com/item?id=25902290>.
Insurance payouts delayed are insurance payouts denied.
There are Nash equilibria at many different points on the curve, but only a narrow range where the value proposition of insurance is appealing to potential customers. An Insurance Commission's job is to force it into the range where negligence and arson are not paid, but genuine misfortune is paid immediately.
You could make a time based argument like that for any contract dispute. "Payout delayed is payout denied" isn't true, but if it were then it'd mean all contracts were useless. So you aren't showing that there's something specific to insurance here that's special, and there are plenty of mechanisms to help people who aren't rich get justice (e.g. no win no fee arrangements).
If an insurance company is regularly stiffing people then it won't last long regardless of whether an insurance commission exists or not.
Contracts where one party is incapable of getting the contract enforced are useless for that party. In the insurance case, an insured natural person may have lost the means to do so as a direct result of the event that leads to the insurance claim.
If you lose your family and house in a fire, with marginal savings, then you may not be able to afford a lawyer and your contract is useless in the truest sense of the word. Unlikely situation? Yes, but then, that's exactly what insurance is all about.
No, that's not what I'm saying. I'm saying that if you have a working mechanism for contract enforcement, then insurer specific mechanisms on top should be redundant. The replies arguing with this seem to mostly be arguing that contracts don't really work, at least in the USA. Contracts are a very general construct that really do need to work, and it'd make far more sense to make them more enforceable than set up hundreds of industry specific commissions to try and make every commercial dispute one between a company and the government.
Even if OP's company misbehaved, the nuclear option of immediate and complete shutdown is way way too drastic for a CORPORATE account.
This can literally kill the company outright.
We are a GSUITE company, and these stories give me nightmares. If one of my employees violated the ToS, even repeatedly, I expect to be told "Get off our system. We're giving you x days to move elsewhere, and have restricted <functions> until such time".
An immediate and total shutdown with literally NO response from Support is so drastic that it would trigger a lawsuit if it were any other company.
The only reason it doesn't in these cases is because it's David vs Goliath, and the victim company is already too dead and broke to sue.
Hopefully some lawyers will file a class action against Google - I have a Google My Business account that was suspended without cause (no abuse) with zero response from support.
Which is exactly what Google does. At $dayjob we get warnings from Google all the time about users misbehaving.
Remember you are hearing one side of the story here. Innocent people and the people worthy of banning for legitimate reasons will both proclaim innocence until the end of days.
It would be great to hear the other side of this story. But until we do, as a business owner, I still see this as a huge risk.
...because I've also had things banned from Google (not the entire gsuite account thank god), and support has no ability to help. So I'm not at all going to assume that they deserved this ban.
As a business owner you should be thinking how to end any dependence on google.
Seriously you see the reflexive responses from in this thread from people who work/worked at google. They refuse to believe that google could have messed up and the OP did something wrong.
Google has a fatal cultural problem. Just like Intel. With the exception that Google has nothing that someone else can't do better.
The email section of your profile is only between you and ycombinator. You need to put it in the about section if you want other users to be able to see it.
I replied to your claim that base64 should be preferred over "foo at bar dot com" since it would be "unlikely to be automatically checked by bots". I find that claim unlikely since a scraper that is adjusted to handle the former will easily be adapted to the latter and likely already is today.
I'm happy to hear a counterargument to that position, but please don't include an insult.
Since offering emails in base64 form is not usually done, I consider it pretty unlikely that bots have been specially modified to go around checking everything which looks like base64 to check whether them codes have an email inside.
If you don't want people to be insulting, maybe you should think through your arguments more carefully before treating someone else like the idiot.
There is definitely a bubble effect here. Every trendy startup seems to use gsuite, but you'd be looked at quite strangely if you suggested it in some of the circles I've worked in.
And yet, my father works at Airbus and they switched to gsuite last year. Needless to say, the transition from excel to gsheets is not easy, but he's learning javascript in the process.
Google Sheets supports 99% of what Excel does and most existing sheets can be imported as is.
Of course, odds are that the company's One Critical Sheet that reimplements SAP in Excel is critically reliant on the 4DMATRIXTRANSFORM.OLDCHURCHSLAVONIC() function that falls into the remaining 1%.
After 10-ish years of using G Suite for my corp email, I finally switched last year when they started rewriting URLs in my emails to the google redirector, breaking PGP signatures and the like, even via IMAP. The only way to get my original unmodified emails is via Takeout now.
Migadu and Fastmail are good alternatives in case hosting your own is too much effort. I got bitten by the same issue with the lack of IMAP when moving to Tutanota, another secure email provider.
I run my personal email on Fastmail, but I don't like the idea of them being compelled to turn over my entire mailspool on demand to intelligence agencies without a warrant, so I'll go back to hosting my own, as I did for 20 years before Fastmail. :/
That is one of the reasons I switched to Migadu. The other being cost, as I have several domains that receive very little mail, so the cost structure on Migadu is very attractive.
Isn't Hetzner heavy blocked by the large mail providers? I had similar issues with Digital Ocean, AWS, Linode etc when trying to self host. Even tried smarthosting via SES and that still made my very small volume of emails land in spam folders.
As someone who runs IT for a medium sized organisation using G Suite (now Google Workspace), I can not recomend against it enough. I understand why the decision was taken at the time it was (it was before my time, but it was when G Suite had much better collaborative editing than MS offered, and when the company needed to upgrade it's on-prem file server, and didn't have any capable of managing things like that in house), but it turned out, with hindsight, to be a huge mistake.
You get things like issues with a user not having visiblity of items in a folder, and support ask you to check all folders shared with the user to see how many are affected. There are tens of thousands of these, so this is obviously impractical.
I had an issue with their "eventually consistent" admin interface not showing whether a user was part of a group, and their response was to wait 24 hours to see if they have been sucessfully added to it, or to email the entire group and ask the user to check whether they got the test email.
We had a Google Sheets file that, for whatever reason, was not able to be opened. Months later, the issue is unresolved. If we didn't have daily backups that use the API to make a copy, exporting Google Docs, Sheets and Slides files as MS Office documents, using a thrd-party service, we would have just effectively lost this data.
It is clear that Google does not treat this as a business class product, and it hurts to business users.
It is getting worse and worse IMHO, while the MS competition is getting better and better. It is only a matter of time until we switch I think, and I would strongly caution anyone against adopting it, especially if you plan to use it as the primary file sharing method for more than 10 users. For us, the thing making it hard to move is that our data on Google Drive is a mess. We haven't been using Team Drives, because we have been using Google Drive since before they were a thing, so have complicated nested permissions, meaning we can't simply move things to Team Drives. If you have used it for as long as we have, when there was no way to prevent users from doing this, and didn't have policies about how it was used to prevent this (whiuch we didn't, we started using it before I joined the company) I don't see how you can have avoided this.
I'm not sure how GCP compares, but I have been pretty disappointed by how slow they have been to support recent versions of PostgreSQL and MySQL in their hosted DB service. We use AWS mostly, and, while there are things about GCP that look nice, they seem to fail to do the basics that would not be at all hard for them to do, and it looks like they don't take it seriously as a product either really. It is sad really, given that there really needs to be more competition for AWS and Azure IMHO.
It sounds like they've already contacted support. They said "Google support is refusing to let us know what happened" and "no one is providing us any answers or providing support".
Even if it was abuse related - it shouldn't just turn into the nuclear option of total and immediate company-wide shutdown.
It's amazing that Google doesn't get sued in a case like this, regardless of what's in the ToS.
If one of my employees did something bad, I would want warnings and ultimately a "hey, since your employees cannot behave, we're shutting your account as of <date> and have limited <functions> until then so you can migrate your company to another service.
This sort of binary response is why I will never commit to Google, and am increasingly evaluate the likelihood of ban when selecting cloud services.
Particularly since these bans are immediate, summary, and often based on algos, not humans.
...and this isn't just unfounded fear. We've had our Google My Business listings suspended when we had issues with our 2FA/recovery details. That was 4 months ago, and support also said they could do nothing, and My Business support never responded.
No, Google absolutely does not care what you do in your mailbox. They care when you shit in other peoples mailboxes.
I won't get in to specifics, but the first few times the user will get spanked. If you keep reenabling accounts that send spam, eventually the domain as a whole gets spanked.
what i don’t get is why a terms of service violation default response is to lock the whole account down, rather than just restricting the account - for example stopping outbound email or moving to read only mode to limit the damage to people and their businesses.
I used to work on this stuff, years ago. It seems arbitrary and harsh but makes sense in cold engineering terms.
The purpose of an account lockout is either:
1. Stop a clear abuser from trashing the network, e.g. by sending spam that will get Google IPs blacklisted (yes this happens, there are no special breaks for Google).
2. Challenge an account in such a way that false positives have a chance to 'clear their name' by doing things that serial abusers have difficulty with, like passing phone verification or in the good old days, solving CAPTCHAs.
Virtually all responses to service violations in the consumer world are (2). They're automated, people pass the challenge when they log in and never think about it again so you just don't hear about it.
Corporate services pose special problems. Companies expect to be able to automatically create large numbers of accounts using APIs, which is something not allowed for consumer accounts. The latter are carefully monitored, throttled, and ultimately the services may just refuse to let you create an account. Tough cookies. That doesn't work for GSuite domains where the administration is devolved, so what happens when spammers notice this and create such domains then add lots of users at once? Yes they're meant to pay, but some abusers can get past CC fraud checks and other mechanisms that would otherwise make this approach too expensive.
Unfortunately the rapid, automated nature of abuse means that the response also has to be rapid and automated. It's not as easy as saying, hmm, foobar.com looks suspicious, let's get a trained expert to mount an investigation. By the time the specialist has woken up and got into the office the attack is over already and you sent 10 million spams or hosted 50,000 phishing sites. That's the flip side of very scalable systems with convenient signup, in which the admins don't suffer any consequences of abuse they proxy or allow (i.e. when you buy GSuite part of what you're buying is Google's spam reputation). That's also why these stories so often resolve with an ending like "A googler got in touch and we're back in now". This creates the impression that the only way to get support is to flag it up on Hacker News or Twitter. That's sometimes true for consumer services where getting people to look at your case is harder but for companies with support contracts, it's often just due to the time lag involved between someone doing a manual investigation and resolving it.
and this are not the same thing. There are absolutely "special breaks" for Google, particularly (though not solely) since they are now the server of choice for a huge percentage of the email being sent and received, whether @gmail.com or on Gsuite accounts of various types.
So even if there were some kind of massive spam event, Google isn't going to block emails from its own IP blocks or domains from reaching Gmail or Gsuite customers. And frankly, I would be shocked if any of the various DNS blocklists that people use for determining who's a dirty spammer would actually put a Google IP block on there without massive and obvious changes in Googles mode of operation.
Meanwhile, us mere mortals, if we dare to try to set up our own mail server, can be listed in a blacklist because of a) something the previous owner of the IP address did, b) something someone else in the same class B block did, or c) something that was never expected before, but now because of escalation by spammers, it's required without any documentation. And then the blacklist just doesn't respond to requests for reconsideration or elaboration because obviously, we're dirty spammers, and why should we be listened to?
even if there were some kind of massive spam event, Google isn't going to block emails from its own IP blocks or domains from reaching Gmail or Gsuite customers
When I worked there it absolutely did do this. Yes it seemed stupid to me at first too, but all it takes to end up like that is to decide not to give yourself unfair special exceptions to your own policies, which is how things should be!
frankly, I would be shocked if any of the various DNS blocklists that people use for determining who's a dirty spammer would actually put a Google IP block on there
Be shocked. It did happen when a particularly clever spammer got through the controls. There are no bits of logic in most email servers that say "if IP is owned by Google, ignore". Spam filters are all relative. If senders send a lot more good mail than bad, they're good. If they send a lot more bad mail than good, they're bad. Google IPs are rarely blocked because they send a lot of good mail and invest a huge amount of money and time in keeping it that way.
In cold engineering terms, you should never put yourself in a position where somebody you don't control can shut down something you rely on, in such a way that you can't easily recover on your own. Especially if they're on a hair trigger to do it. This has been obvious from day one.
Unfortunately, in this day and age, that's effectively impossible to achieve for the vast majority of online businesses. Google, in particular, can destroy the ability of nearly anyone else online to do business, with no meaningful recourse, no accountability, and no consequences.
You know, if I was providing support, I'd consider it a point to make it as easy for customers as possible to know what to do. Like if I banned them I'd include how to appeal/fix and how to get more info.
If it is indeed abuse related (whether there was any abuse or Google's algorithm just decided there was some abuse) then telling the abuser what got them banned is counterproductive from Google's PoV. Same reason reddit does vote fudging.
This is a dangerous equivocation of the guilty with the innocent, and throws away completely the notion of "Better X Guilty Persons Escape than that One Innocent Suffer."
Do schools or parents not teach philosophy or ethics to these FAANG employees?
And if it's not abuse related a Google employee could just take a
look at it and lift the automated ban if it was unwarranted. Too
bad Google doesn't like having employees for anything that an AI
can do with 50% success rate.
Telling people what they did wrong so they can correct it is appropriate. You don't have to tell them how you detected it, and keeping them banned until they fix it is fine.
Also at minimum I'd think I'd allow them access to past emails as a default.
The culture of the people who make up these companies don't want to let anyone know what happened or let them appeal it, because they "know better" and are "in agreement" with unspoken rules such that adjudication would be "a waste of time." It's all about arrogance and fascist behavior towards users in the name of expediency and risk management. Unless someone is a celebrity, they're squished like a cockroach if they stumble into the "light" of algorithms or human review.
But they are not telling us what went wrong...So we are in dark. I have shared details with One Googler who is willing to help out. Will keep you posted here
If there were a Googler here willing to help you you haven't given them much to go on. Your profile has no contact information, you haven't shared a support case number, you haven't even shared your company's name or domain.
This. Also, while I have no clue what happened in the OP's case, many of these "Google nuked my account for no reason at all!" stories turn out to have darn good reasons, so being cagey is not going to help you.
I understand that there might be two sides to these stories, but I don't get how anybody ever would rely fully on Google for their companies mission critical infrastructure unless it is something like a lemonade stand. If you have a specific contract with Google that manages reliability/availability sufficiently that would be sth. else, but who has that?
It may be that I am out of touch with the other HN users on this one, but "$megacorp does something that on purpose/accidentally blocks my service" doesn't surprise me at all. That the megacorp is legally in the right on their own turf is even less unsurprising and not the point. There is a price to not running your own infrastructure and this price becomes tangible when something like this happens for whatever reason.
Yeah hey’s been usable enough, been using it since the early invites. It has some pretty neat features that I can’t find on regular email. Also, I can post my hey email publicly because I can filter it before it goes to my Imbox. But it is kinda slow but I’m hoping it will improve by version 2.0 or 3.0.
Yesterday I hit the "support" button in Fi, did the dog and pony show of reading the "suggested resolutions", for the privilege of being directed to "community support".
For such a highly valued organisation, they really do appear to not prioritise customers. Such a wealth of resources, yet these things manifest often. Google's reputation for me is diminishing gradually every year.
I've come to the conclusion that they don't care about their paid users. It's an ad company that operates at scale, "power users" that require support or expect services not to get randomly turned off only jam up the gears.
My friend was kicked off of Instagram and took it self represented to the New Hampshire Supreme Court and won because of the fact it was a paid account which I believe he argued meant there was a breach of contract in terminating the account.
Out of curiosity, did you make use Google Cloud Platform?
I don't think I'm the only business owner who is wary of using GCP for anything, as it vastly increases the surface area of unintentional or malicious actions that could make our Google Workspace and all our data in it go poof with no recourse.
Greetings. Alex here from Google. I look after Workspace technical support. We'd love to look into this but need @ameyv to reach out and let us know the Workspace domain this is in reference to. I can be reached at alexd@google.com so please reach out.
Great. I haven't seen anything yet. If you could put HackerNews and/or your username (ameyv) in the email so I can keep an eye out for it, that would be helpful.
Don't use Google. If the Internet is your main bussiness, take it seriously and don't let a third party control your independence. Yes, it is more work, but somewhere down the road that work will pay off compared to your competitors.
Overall MS have been benevolent when you are in their ecosystem. People often miss just what lengths do they go to support their customers. Like compatibility they have done on Windows. Almost as if providing decent enough service to keep people stuck as their customers is a decent idea...
This is so unfortunate to you. Can you tell us what business you are in? Any chance that you compete with a Google service? Or some business that Google may think is not worthy like say gambling? That of course can never justify such an action. Perhaps having a lawyer reach out to them may work.
Don't know why this is downvoted, on prem is the only sure fire way to ensure something like this doesn't happen. Even that can sometimes be iffy with licensing services.
You're probably glad that you had the basics in place and made regular back ups of your data. Hopefully you didn't follow the "it's in the cloud so I don't need to backup" philosophy.
At least with office 365 you have a cached version of your email.
Google drive is hard as the only way is to setup continuous Google takeout's or use a third party service for backups which the last time I looked several years ago.
And still, after years and years and years people do not have backups, especially if they have their data in the cloud. From my experience the number of backups people make went down not up.
If my comment helped one iota to make backups more likely next time, I did good.
Except the problem is that you can't really back up Google documents. The file format is closed. You can, of course, periodically export them into common document formats. But you can't restore the same Google document and expect it back with all its functionality.
For the rest, you're completely right. Everything possible should've been backed up. It just has nagged me that a real backup isn't possible, and it has bitten me in the past (corrupted drawing, which corrupted related documents as well). Since then, I have only used the Google sheets/documents/etc. for throwaways and drafts.
There are multiple third party services which use the API to make daily copies of your documents, exporting them as MS Office documents. Yes, this isn't perfect, and you can lose some info in the files, it is pretty good for the most part. Nobody shpould be using G Suite without this, IMHO, because this happens too often.
I'm paranoid and tell people to print out data they can't backup and put it in a safe. I've always had some essential data printed out put in a fireproof safe :-) But yes Google is bad at this.
If you have critical data that can cost your company that you can't backup, your're living a risky life. Hopefully they've checked with their colleagues that those agree with living that risky life.
I could have said: Been there bought the T-shirt and I feel your pain. Which would be true. The person would have not felt better in any way because the data is gone, and would not have learned something either.
Does the person feel worse because of my comment? Don't think so. Either he already new and agrees with 'Yes, d* it should have done that, you're right' - what I felt someone said this to me - or he learned something. Perhaps if getting kicked hard enough he will not skip backups next time.
Does he feel bad? Sure.
Does anyone think about the people who he dragged down with him because he didn't have backups which would have been something he is paid for but didn't - do risking the jobs of everyone around him.
When consulting the FIRST thing I ask:
DO YOU HAVE BACKUPS FOR YOUR AWS/GOOGLE/... DATA?
And if not do it now - although the usually answer is: This is the cloud I don't need backups because they backup the data/redundancy/S3/... What about someone deleting it? By accident or itention? What about you getting sued by A/G/MS/...? What if they kick you of like XXX (Parler, ...)?
Most do backups to a another provider the same day.
Not having backups if you're the one responsible is not the same as getting cancer or being hit by a car. It's you've screwed up very badly endangering many other people.
At some point, we need to recognize this for what it is - unregulated monopolies having no accountability.
I'm wondering whether there are legal actions that people can take. Many years ago, I was having a problem with Anthem "losing" my insurance claims. Eventually, I got sufficiently frustrated and filed a complaint with the California Attorney General. Shortly after that, I got a long letter of apology, a promise to open an internal investigation, and most importantly, finally got my insurance claims processed.