Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: How worried should I be about Google randomly suspending my accounts?
68 points by speedylight on Aug 24, 2022 | hide | past | favorite | 41 comments
So I have a lot of Google accounts that I use for different reasons that are tied to many of my other non-Google online accounts—I’ve made a good effort of switching some of my important online accounts to more reliable email services ever since I learned that Google has a tendency to randomly shut out people from accessing their business, or personal accounts.

Problem is I don’t know how widespread all of this is, but I do know that once an account is suspended or banned that it’s a fools errand to try to get it back unless you personally know a Googler or post it about here or on Twitter and hope that someone who can help you is going to read and respond.

If I start a full on revolt on Google and switch entirely to different services, it’s going to take absolutely forever so I just want to know if this is a decision worth making or am I being paranoid for no good reason?



Reseller here (for a little over 10 years). We've had it happen and support channels have become worse than they ever were. There was a brief period of time I could get phone billing support with good English comprehension, but that's not possible anymore.

The last major issue I had with paid accounts is Google decided to move the goal posts a few years ago and basically make a small college course to maintain being a reseller. Originally you just needed so many licenses and a credit check. We didn't know they launched this new system and had a client hit storage limits on one of his accounts.

Any other company you'd just increase the license tier, vendor gets more money, client gets more service, everybody wins. With Google though, this isn't possible for a reseller in my situation. Support had told us to just go in and increase the license, but the option wasn't available in the redesigned panel. Instead I need to complete a course and maybe a week or so after get blessed enough to have the ability to submit a 'deal' to increase the tier for the customer's account.

Oh and it took me over a week to get this suggested resolution (that requires in best case another week). At no point did I ever feel anyone at Google gave a shit about me or any of my clients, and I regret becoming a reseller and ever recommending them.

EDIT: Use fastmail, I just wish their reseller panel was a bit more fleshed out.


Well Fastmail is already getting my money and given what you and others have said in the thread I’m gonna go ahead and make the full switch with them. Thank you for your help!


Google "randomly" shutting down accounts is a result of their fraud-detection processes. It's also why they (and any cloud provider) can be so unhelpful when this happens: they're trying to protect their support tier from a DoS by fraudsters.

Every so often we loudly hear about egregious mistakes, with legitimate accounts getting shut down. This is a result of large numbers: they're hosting billions of accounts, so one-in-million mistakes happen thousands of times (and believe me, they're tuning their processes for even less than one-in-a-million mistakes)

You say you have a lot of Google accounts. This could already be a red flag in the detection processes. One obvious way to "legitimize" these accounts is to have proper 2FA setup for them. Try not to share 2FA methods (like phone numbers or Yubikeys) across them, in a way that a fraudster might do to save time/money.

You're unwittingly a bystander in a silent war going on between Google and fraudsters. Neither of them are divulging methods they're using to detect/evade, so it's hard to give advice on how to behave legitimately. Try to do things that would be expensive for a fraudster, like the above 2FA advice.


Not only that they can just shutdown your account because you shared picture of your son infected penis with your pediatrician.

https://www.sfgate.com/local/article/billboards-seen-in-LA-a...

And now their reviewers are also supposed to be wannabe doctor. I quote "The company has consulted pediatricians, she said, so that its human reviewers understand possible conditions that might appear in photographs taken for medical reasons."

and

"A Google spokesperson said the company stands by its decisions, even though law enforcement cleared the two men. "

Ok this time I'm really off Google.


blame child pornography (laws)


(low probability) x (high impact) = ("expected value" of catastrophe)

In risk management in general, you usually want to consider the "expected value" of the catastrophic event instead of just the impact or probability alone. The probability that you'll get locked out probably doesn't actually run that large. How much do you have tied to the account?

You should usually take low probability events of sufficiently large "expected value" catastrophe size seriously enough to mitigate the expected value.

Running your own email server is pretty easy, except for sending mail. You should probably just use a reliable relay host with a good mail reputation and relay your outgoing mail through it, and follow-up that your email gets received. This has worked pretty well for me over the years. I've only ever had one place reject my reputable-host-relayed mail with my domain on it, so I send my outgoing mail to them from gmail. You never really have a problem with incoming mail at your MX records, and out-going mail with your domain on it works easily with like 99% deliverability if you use a reputable provider as a relay.


Google or not, I would be very worried about relying on any company too much. That dependency makes you vulnerable.

Stuff happens. Companies die, get purchased, change their focus, etc. all the time.


I see lot of people get around this by purchasing their own domain and using a service like Fastmail. In theory you can switch all of the pieces (domain registration, DNS, and email provider) at will as there are many alternatives available for each piece.

I'd like to go this route as well. I've got a domain and Fastmail checks all the boxes for me, but inertia is a powerful thing.


What helped me finally make the jump was realizing that switching email addresses isn't like moving house: when you make a new email address, you don't lose access to the old one. This means that it's not an all or nothing, you can gradually switch accounts over as you desire. Each baby step you take brings you one step closer to complete independence from Google, and even partial independence is better than nothing.

What I ended up doing was registering for my new email and only using that for new accounts. Then I switched over my key accounts (GitHub, domain registrar, hosting, and the like). From there it's been more than a year of just switching accounts over as I notice that they're still on the wrong address.

It's not urgent yet, so I can take my time and do it gradually. By now most of the important ones have been migrated, what's left is mostly a few forums that I've not used in years.


Working in domain names industry.

Don't forget you never own a domain name, be careful which registry is behind the extension you use. My recommendations would be:

- don't use a ccTLD (2 characters TLDs) unless it's your country's TLD, or a country you can trust. ccTLDs don't follow the ICANN rules but the rules of the country. As a rule of thumb, keep in mind that the poorest the country is, the less their infrastructure is reliable. If you rent an exotic .so, don't be surprised if it doesn't resolve one day. There's also a risk that you lose eligibility to your domain overnight. Usually ccTLD registries tend to loosen the requirements (.fr used to be only available to French people for example, not the case anymore), but the opposite is possible. UK residents also lost eligibility to .eu after the Brexit. I'd also avoid geoTLDs (.asia, .berlin, .paris, .cat, ...) because of the eligibility rules.

- (new)gTLDs are not all reliable either. Stick to the core gTLDs if possible: .com, .net (Verisign, even with their price increase they're probably the most reliable entity), .info (Afilias), .org (PIR, the shady selling deal they had with Ethos Capital has been rejected). There are reliable newgTLDs if you trust the entity behind it: .app/.dev (Google...) for example. I also like [Radix] and [Donuts] as entities.

- don't forget to enable autorenew and to keep an up to date payment mean on your registrar. If you want to retrieve a domain name you lost it will either be costly if you're in the redemption period, or extremely costly if its "drop caught" (from "drop catching", not sure if "drop caught" is a thing) and resold on an aftermarket platform.

[Radix]: https://ntldstats.com/registry/group/Radix-FZC [Donuts]: https://ntldstats.com/registry/group/Donuts-Inc


If you use your own domain, yes, you can switch service providers and get email service back up within whatever time frame that takes you.

However, if you have a large IMAP mailbox and you are locked out out if, you will not get that historical data if you are suddenly locked out. So the periodic archive download might be a reasonable suggestion.


So the periodic archive download might be a reasonable suggestion.

This is exactly what I do for the handful of domains I pointed to fastmail. I use Thunderbird to keep everything local and use 7zip to make snapshots of the local files and copy them to other local servers and USB drives. If AU started imposing some weird laws on Fastmail I could quickly migrate elsewhere.


I posted this in another thread, but it’s relevant here:

Google disabled my wife's voice number and business account for several weeks, right after she ordered new business cards, signs, and started a marketing campaign. They continued to charge her for Google ads each week.

Her accounts were re-enabled about 7 - 8 weeks later. No explanation given.

She averages 2 - 5 new customers per week, gained largely through referrals and her marketing campaigns, so Google's actions had a significant impact on her business.

Customer support was very limited, and again they provided no reason for their actions, no timeline, no nothing.


Is she still using Google workspace/google voice or did she move to something else?


No. She moved to other services. No more eggs in one basket.

I moved my side business off of GCP, and switched my personal email from gmail to another provider.


i am curious if your wife's Google accounts were paid G Suite accounts? or regular @gmail.com accounts? if there were G Suite support tickets languishing for 7-8 weeks with no updates and then a sudden re-enabling of accounts, that would be quite shocking.


Paid accounts.

She got through to customer support, they just weren’t able or willing to provide any information.


thank you for the reply. that is extremely troubling and certainly seems like an unwarranted escalation in customer-hostile behaviour by Google. it runs contrary to my experience in G Suite paid customer service, and i will adjust my expectations and concerns appropriately. i hope others do too. thank you for the clarifications, important and necessary to know.


Ensure you use Google takeout to obtain a local copy of your data frequently and you’ll minimise the risk if you do get locked out


I got locked out of my google account (not suspended or banned) for security reasons. I knew the password, I had access to the recovery email but google ‘couldn’t verify that it was me’ signing in for whatever reason. I tried all the support channels and nothing worked. What did work was waiting for 2+ years and attempting to sign in again. No idea why but all of a sudden I was able to access my account again.


I'm worried enough that I just run my own services on hardware I own. My data center could shut down sure, but I would be informed, and come retrieve my hardware and find another site to host it.

Things could be destroyed, but I'm currently linking into an extra colo facility. 1U of rack space is very cheap, and I've replaced several paid services this way. all in all I'm saving money I think.


After Google's various shenanigans with Gsuite legacy my trust in Google was already low and now almost non-existent. Additionally can't add extra space to the latest free edition for legacy folks without hacking some Google drive APK.

I've moved my family domain to Microsoft 365 (I'm using a free covid trial of Teams Exploratory licence for 12 months then i'll move to M365 Business Standard as the live.com version doesn't support DKIM or multiple domains).

BTW - OWA isn't terrible anymore, feels nicer than Gmail, works fine in Chrome, Firefox, Edge etc.

I also transferred another domain to Infomaniak and i've found its interface quite nice - only miss push email on iPhone so haven't quite pointed my MX to them yet on that domain.

Only downside to my setup is the Microsoft apps like One Drive timeout when I have 1Blocker enabled on my iPhone.


Perhaps you should do a poll HN ? Maybe you could have a question for each of the major platforms ? Last week I was blindsided by an Amazon takedown for example for a product I invented over ten years ago and have been manufacturing and selling ever since. It was just removed with no explanation and at the time I couldn't even guess what I might have done wrong. It's been a week and they have me chasing my tail, I am not optimistic my business will survive.


People really get their nose out of joint about stuff like this, usually because the user is treated so damn poorly, but from a reliability engineering perspective there's really no way to get 100% guaranteed service.

Smaller non-Google cloud alternatives have you by the balls just as much as Google do, and it's not uncommon for them to go out of business or get bought out. Sometimes they'll grandfather the old accounts (Zoho Mail), but not always (Travis CI).

To get away from using a large cloud provider, you could start hosting things yourself. This of course has the risk of a bad config making your email undeliverable, or a hardware failure destroying your data. It also means that you'll need to personally put out the many (metaphorical) fires that occur with running servers.

Now, in terms of the actual numbers, I'm not sure how well studied the risks are, but anecdotally:

- I personally have never lost access to a Google account, and don't know anyone who has either.

- I have been personally screwed over by non-Google cloud providers after they get bought out/go public.

- The majority of people I know have lost data before due to an IT failure, such as accidentally overwriting a file or losing a USB stick.

So yes, while it is a bit shit, I don't think the reason Google get the bad press is because they are the riskiest option out there. Instead, it's more about the fact that they're a big target and the tiny fraction of customers who experience this had such a terrible support experience that they want to tell the entire world.


Owning your own domain and using that for your email is a middle ground between using Google for everything and running your own email servers. If you use your own domain and pay someone (even Google!) to host your email, then you can always change your MX records if your email host goes out of business or blocks your account. If you just use an @gmail.com address, then you are giving Google control both of your mailbox and your address, which means that if they act up you lose both at once.


We have bad support and customer service experiences quite a bit, and don’t feel a need to “tell the entire world.”

Our experience with Google led to a considerable loss of income.

There’s also the problem where they disabled every product my wife used, but continued charging her.

They’re a terrible provider, plain and simple, and we feel that we should warn others.


I have email on my own domain, hosted with Zoho that I use for anything important. Gmail has become like hotmail used to be- the throwaway email you use to sign up for websites that are probably going to spam you.

If you’re doing anything professionally with Google, like submitting Android apps to the play store, create a separate Google account for that. Don’t tie it to your personal one.


Cloud is just a fancy name for "someone else's computer." Other service providers are just other people's computers. My rule of thumb is: Don't store anything on someone else's computer that you would care about if it went away.

For something as important as E-mail, which is often the key to resetting my passwords on other services, I wouldn't rely on anyone but myself. Own your own domain, point the MX record to a machine you control. If that machine is a VPS (someone else's computer), be ready to fail over to your own metal, and keep backups that are in your control.

For other stuff, self host or keep backups. Family photos you care about? Self host or keep backups you control. Important documents? Self host or keep backups you control. I can't think of an online service I use where I'd lose anything I care about if I were suddenly banned from it.


Don't be the customer of a company where you can't speak a human to get issues resolved.


this core. Know your partner. Usually means about comparable sizes.

Few friendships between ants and elephants.


Useful exercise: call up some insurance brokers who offer "cyber risk" or "supply chain risk" insurance.[1] Yes, these are real things. Ask if you can get coverage against account cancellation by a vendor. Tell them the vendor is Google. Get a quote. This will tell you how much risk the insurance industry thinks is involved with relying on Google.

If the price for such insurance is too high, you probably shouldn't be relying on Google.

[1] https://www.thehartford.com/commercial-insurance-agents/reso...


Happened to me for no reason I could discern at all, twice. If you have anything important tied to it, I'd worry. Better still, put your actually important stuff on an account that you pay for somewhere else.


how many thousands of HN comments does it take for folks to finally get that the ONLY way to have any kind of personal representation in any kind of "Google shutoff" is that you pay for your email/cal/drive/etc via G Suite/Workplace. that's it. that is the ONLY way you can have any kind of "in" if you get randomly shut off by Google. you are paying for support and yes you can call that support and get some kind of answers. so many HN'ers are sore because their free legacy G Suite got shut off or got restricted somehow -- sure i get it, that sucks. but you weren't paying for it. you'd never rely on free accounts for company-critical infrastructure, so why would you do the same for your personal-critical stuff? while i do VERY MUCH sympathize with those whose entire lives were upended by their @gmail.com account being shut off effectively meaning _their entire life_ no longer being available to them, the best chance anyone has of being able to deal with a "personal Google shutdown" is actually to be paying money to them for [an/some] account[s] within G Suite/Google Workpace/whatever.

pay a vendor some money, get some kind of support.

while i am not saying if the baby penis doctor photo guy had a G Suite domain his life would be rosy right now, i am saying i think his situation would be a lot better had he been able to actually contact a real support department, something his free @gmail.com account did not afford him.


My wife was shut out of her paid accounts, and had difficulty reaching customer service.

She met many others who experienced the same as paying customers of Google.


Been steadily de-Googling over the last few years. It's not just concerns over suspension, it's the fact that they are parsing all your data in order to serve you ads. I'm just becoming less comfortable with the amount of personal information I'm giving them and how they use it. Domains are cheap. It's fairly straight forward (and a worthwhile exercise) to get one and point it to a privacy respecting email provider such as ProtonMail or FastMail.


If you move away from Google, you should worry very little about Google randomly suspending your accounts.


What's the risk of starting again?

The only one I'd be careful of is Amazon. If you can't access your email and forget your password it's all over. I've had that happen.


Its impossible to talk to a support person.


more than many other risks, e.g. falling victim to a terrorist attack.

Organize your life depending on humans, not corporations.

Only humans care once you're in need.

And pay for what you use. There is no free lunch, let other live, too.


there is a long ong list you make diffecult for people any question simin.h45@yahoo.com


Very.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: