Researcher Robert Wiblin over at 80,000 Hours spotted something quite interesting about Google Photos recently. He noticed that privately shared links became publicly accessible. He told some friends who use Google Photos and they didn’t believe him. After all, why would Google allow such an oversight? Surely if you’re sharing privately with a specific person, then only that person can see it, right?
Apparently not. After doing a little digging, Robert was able to demonstrate that these privately shared links are publicly accessible from any Google account, or even if you’re not logged into Google at all – as shown when he was able to access a “private” shared link from an Incognito browser window.
Robert details the complete issue in a post over on Medium. About the video above, he says…
What have you just watched? If I go and share a photo with a specific other Google Account, I can use that link to view it in:
- another Google Account it wasn’t shared with (25 seconds in), and;
- an incognito window where I’m not logged into any Google Account at all (39 seconds in)!
If that ‘secret’’ link is ever revealed, anyone anywhere will be able to see it until I go and delete that specific sharing instance. And I’d have no way to find out that they were viewing it!
People constantly tell me I can’t be right about this — it’ll happen in the comments below, I promise — because the interface never indicates that this is going on. Nowhere did “Create shared URL” or anything similar appear in the video.
Furthermore, the interface looks very similar to Google Drive, which by default only lets people see a file when logged into the specific account it was shared with.
Drive also lists who a file is shared with when you click the share icon — so people using Photos naturally assume their photos are private when they see that nobody is listed when they click the ‘share’ icon.
One would expect that Google Photos would work the same way as Google Drive, given that until recently, the two were intrinsically linked. But that is not so. The behaviour we expect and the behaviour shown in Google Drive is not the same in Google Photos. The instant you share your private photo with anybody, then anybody else who can get hold of the URL is able to view it.
So, whereas Google Drive operates private shares in a similar fashion to “Private” videos on YouTube, Google Photos appears to be more like YouTube’s “Unlisted” videos, which are accessible to anybody with the link.
This method of operation isn’t inherently bad, but the problem is that Google Photos does not warn people that anybody with this link will be able to view the images. The intended recipient of the link also doesn’t know that anybody can view it. They assume it’s a private share for their eyes only, and don’t think twice about censoring the link if they forward the conversation to somebody else.
And by default, these links stick around forever until you explicitly go and delete the share.
While for photographers it might cause for a few embarrassing moments sending what we think is a private link to a client, depending on what those images contain, potentially exposing private client images to the world might be illegal.
So, photographers, if you really want to share private images with your clients, or even your friends and colleagues, don’t use Google Photos.
You can read more about the problem over on Robert’s Medium post.
Quoted excerpt used with permission.