← Productivity
F

Google Workspace

Fail
Google · 🇺🇸 United States
PolicyApp PermissionsNetwork TrafficFirmwareRegulatory
Technical details
Manufacturer: Google LLC

⚠️ The bottom line

Google told the world it stopped reading your emails in 2017. It didn't. It just changed the reason. "Smart Features" scan every email, attachment, and chat using AI — on by default outside the EU. To fully opt out, find and disable two separate settings. Miss one and scanning continues. In the EU and UK, these ship turned off — telling you everything about what Google thinks of the privacy risk. The machine reading your love letters doesn't care whether it's reading them for ads or "features.". Google says Gemini doesn't train on your Workspace data. But Gemini reads your emails, documents, and chats for "features" — turned on without asking. From September 2025, Google started training AI on user chats and uploads unless you explicitly opt out. Court testimony from a Google VP revealed the company used publisher content for AI even when those publishers opted out — internal docs showed they kept 80 billion tokens of supposedly excluded material. The line between "accessing" and "training" is wherever Google draws it on any given day.

Legal jurisdiction
🇺🇸 United States (headquarters)
CLOUD Act read more →
US govt can demand your data from this company even if stored overseas
FISA §702 / PRISM read more →
NSA collects stored emails, photos, messages without individual warrants
Geofence warrants read more →
Police can demand location data for everyone near a crime scene
Spying
3/4 HIGH
Is someone spying on me?
Kids at risk
Data Sharing
3/4 HIGH
Who gets my data?
Kids at risk
Security
3/4 HIGH
Is it actually secure?
Kids at risk
Honesty
4/4 EXTREME
Can I trust what they say?
REPLACE Extreme risk. Look for alternatives or lock down hard.
9Contradictions
3Critical
5High
1Medium
6Sources
Findings by concern
Spying 3/4 HIGH 1 finding
⚠️ criticalpolicy claims vs regulatory findings
Eighty million students use Google Workspace for Education. Google says student data is never used for ads or AI. New Mexico's AG found Google was collecting children's locations, voice recordings, YouTube habits, and saved passwords — extending surveillance from classrooms into homes via syncing. Denmark banned it after finding Google uses children's data for its own purposes. Norway declared it flat-out illegal. Twenty-four Danish municipalities had been handing children's data to Google for years without ever conducting a single risk assessment.

What they claim: Google states student information in Core Services is never used for ad targeting, sold, or used for AI training.

What we found: New Mexico AG Hector Balderas sued Google for collecting children's locations, browsing histories, YouTube habits, voice recordings, and saved passwords — extending surveillance from classrooms into homes via syncing. Denmark banned Workspace in schools after finding Google acts as a stand-alone controller. Norway declared it not legal. 24 Danish municipalities never conducted a DPIA.

Data Sharing 3/4 HIGH 2 findings
⚠️ criticalpolicy claims vs app permissions
Google says Gemini doesn't train on your Workspace data. But Gemini reads your emails, documents, and chats for "features" — turned on without asking. From September 2025, Google started training AI on user chats and uploads unless you explicitly opt out. Court testimony from a Google VP revealed the company used publisher content for AI even when those publishers opted out — internal docs showed they kept 80 billion tokens of supposedly excluded material. The line between "accessing" and "training" is wherever Google draws it on any given day.

What they claim: Google states data is not used for generative AI training outside your domain without permission.

What we found: In November 2025, Drive settings auto-opted users into Gemini content access. On September 2, 2025, a sample of user chats and uploads began training AI unless explicitly disabled. Court testimony from Google VP Eli Collins revealed Google used publisher content for AI Overviews even when publishers opted out — internal documents showed 80 billion of 160 billion tokens remained after filtering.

⚫ mediumpolicy claims vs app permissions
When Google said it stopped reading emails for ads in 2017, it didn't stop targeting you — it just changed what it reads. Free Gmail users get ads built from search history, YouTube, Maps, and every other Google service. Paid Workspace customers get a wall between their data and the ad machine. Free users get nothing. Three billion people use free Gmail. Google created a two-tier privacy system: pay $7/month and your email stays separate. Use the free version, and everything becomes the product. Privacy is not a right — it's a subscription.

What they claim: Google stopped scanning Gmail for ad targeting. Paid Workspace accounts have data segregation.

What we found: Free Gmail users still get targeted ads via cross-service profiling — search, YouTube, Maps. Paid accounts get a data wall. Free accounts get no protection. Three billion free Gmail users' data flows freely between services. Privacy is a subscription, not a right.

Security 3/4 HIGH 4 findings
⚡ highpolicy claims vs app permissions
Every email you write, every draft you start and delete, every chat you think disappeared — your Workspace admin can see all of it. Google Vault saves deleted emails and even unsent drafts, making them searchable and exportable. Email delegation can be set up through Google's API without you ever being notified. Four separate backdoors exist for admins to read your mail. Google doesn't require companies to tell employees any of this. Your work Gmail has the privacy of a postcard pinned to the office bulletin board.

What they claim: Google Workspace markets itself as a professional communication platform where users manage their own inbox.

What we found: Admins can read any employee email via four methods: password reset, Google Vault, email delegation (set up without notification via API), and super admin access. Vault preserves deleted emails and unsent drafts. Email delegation can be configured without the employee knowing.

⚡ highpolicy claims vs app permissions
Google says "industry-leading safeguards" protect your data from internal access. Leaked documents: 80 employees fired between 2018-2020 for misusing access. Some spied on other employees. Some accessed and deleted user data. In 2010, a Google engineer spied on four minors' call logs and chat transcripts. Google called these rare incidents. Eighty firings in three years is not rare — it's a pattern. And those are only the ones who got caught.

What they claim: Google tightly restricts employee access through industry-leading safeguards.

What we found: Leaked documents revealed Google fired at least 80 employees between 2018-2020 for data misuse. In 10% of 2020 cases, employees accessed, modified, or deleted user data. Some spied on other employees. In 2010, engineer David Barksdale was fired for spying on four minors' Google Voice call logs and chat transcripts.

⚡ highpolicy claims vs app permissions
Every time you click "Allow" on a Workspace app permission screen, you may be handing over your entire inbox and Drive. Security researchers call OAuth scope creep "the norm." In 2025, attackers used a single compromised app token to silently export data from hundreds of corporate Workspace environments — no login alerts, no warnings. These permissions pile up over years like unlocked doors nobody remembers opening. CISA now lists blocking high-risk OAuth scopes as required. Google built the marketplace, built OAuth, profits from integrations. When the breach comes, it's your data.

What they claim: Google's Marketplace requires apps to undergo security verification and pass privacy checks.

What we found: Researchers find scope creep is the norm. In 2025, attackers used a compromised OAuth token to silently export data from hundreds of corporate environments without login alerts. Permissions accumulate over years. CISA now lists blocking high-risk OAuth scopes as a required configuration.

⚡ highpolicy claims vs regulatory findings
Google sells "data sovereignty" to European governments — choose your data region, encrypt with your keys. But Google is a US company subject to the CLOUD Act, which lets American authorities demand data regardless of which continent the server sits on. A Microsoft executive told the French Senate no US company can guarantee European data stays out of American hands. The European cloud industry called the EU's Google-Thales sovereign cloud contract "sovereignty washing." You cannot buy sovereignty from the entity you need sovereignty from.

What they claim: Google offers Sovereign Controls for Workspace with data region selection and client-side encryption.

What we found: The US CLOUD Act lets authorities compel data regardless of storage location. A Microsoft exec told the French Senate under oath no US company can guarantee European data stays out of American hands. Google's client-side encryption keys still operate inside Google's infrastructure. The EU's sovereign cloud contract with Google-Thales was called sovereignty washing by the European cloud industry.

Honesty 4/4 EXTREME 2 findings
⚠️ criticalpolicy claims vs app permissions
Google told the world it stopped reading your emails in 2017. It didn't. It just changed the reason. "Smart Features" scan every email, attachment, and chat using AI — on by default outside the EU. To fully opt out, find and disable two separate settings. Miss one and scanning continues. In the EU and UK, these ship turned off — telling you everything about what Google thinks of the privacy risk. The machine reading your love letters doesn't care whether it's reading them for ads or "features."

What they claim: Google announced in 2017 it would stop scanning Gmail content for ad targeting.

What we found: Smart Features still scans every email, attachment, chat, and calendar event using AI — on by default. In the EU/UK these features ship off by default, an implicit admission of the risk. Full opt-out requires disabling two separate buried settings. Miss one and scanning continues.

⚡ highpolicy claims vs regulatory findings
Google gave users a button labeled "Location History: Off." It was theater. Even "disabled," Google kept collecting location through Web and App Activity — on by default in every Google account, including Workspace. The deception ran from 2014 until the AP caught them in 2018. Forty states sued. The bill: $391.5M plus $93M from California plus $85M from Arizona. $569.5 million for a toggle switch that didn't do what it said. The largest consumer privacy settlement by state AGs in American history.

What they claim: Google's account settings presented controls to turn off location tracking.

What we found: Even with Location History off, Google collected location via Web and App Activity — ongoing since 2014. 40 state AGs sued: $391.5M settlement. California: $93M. Arizona: $85M. Total: $569.5M. Applies to all Google accounts including Workspace. Web and App Activity is in every account by default.

What happened to real people
Documented incidents involving Google products and user data.
Jorge Molina jailed 6 days for murder via geofence warrant based on Google Sensorvault location data. Lost job, car, reputation. Charges never filed. [source]
PRISM participant since 2009. NSA collects stored communications. FBI conducts warrantless 'backdoor searches' of American data using names and email addresses. [source]
Google received 180 geofence warrants per week by 2019. Each warrant searches tens of millions of accounts. Supreme Court hearing constitutionality (Chatrie v. United States). [source]
What your data is worth to governments
Google complied with 235,000 government data requests in H1 2024. That's +530% over 10 years. Google has been a confirmed PRISM participant since 2009. Under this programme, the NSA collects stored communications. The company is legally prohibited from telling you. Jurisdiction: US (CLOUD Act, FISA Section 702, Patriot Act).
Documented: Jorge Molina jailed 6 days for murder via geofence warrant based on Google Sensorvault location data. Lost job, car, reputation. Charges never filed.
Documented: PRISM participant since 2009. NSA collects stored communications. FBI conducts warrantless 'backdoor searches' of American data using names and email addresses.
What is PRISM? · What is the CLOUD Act? · Transparency report
Sources