Your online data is incredibly valuable(nowe okno), particularly to companies like Google that use it to make money through ads. This, along with Google’s numerous privacy violations(nowe okno), has led many to question the safety of their information and find alternatives to Google(nowe okno).
Google Docs has over 1 billion(nowe okno) active monthly users, making it one of the most popular productivity tools, especially as more people work from home. But there are many reasons that Google Docs may not be the most secure or private home for your data. Google does not use end-to-end encryption, meaning the company has access to your data, which could be exposed in a data breach.
This article examines the security of Google Docs and the many concerning privacy issues. We also offer tips to improve your Google Docs security and alternatives to try instead.
Or skip to the following sections:
- What makes Google Docs so popular?
- How secure are Google Docs?
- Does Google Docs protect your privacy?
- How to increase your Google Docs security
- Secure your data with Proton Docs
- How Proton defends you
What makes Google Docs so popular?
Google Docs is a web-based application that allows users to create, edit, and store documents in the cloud. Its key features include real-time collaboration, automatic saving, and easy sharing options.
You can access your documents from any device with an internet connection, view version history to track and roll back content changes, suggest changes to a file for reviews, and work on documents offline. Google Docs is flexible and accessible, especially since it’s free. But “free” just means you pay in other ways(nowe okno).
How secure are Google docs?
Google hasn’t experienced any publicly reported data breaches since 2018, when a bug in the Google+ API exposed the private data(nowe okno) of over 50 million users. However, its security features aren’t airtight.
Encryption
Google Docs uses AES-256 encryption(nowe okno) to secure your data in transit, at rest, on Google’s servers, and during backups. Any information being transferred between the user’s device and Google’s servers is encrypted(nowe okno).
If a hacker gets their hands on your data in transit, they wouldn’t be able to read it due to encryption. However, Google can see everything you do since it doesn’t use end-to-end encryption(nowe okno), so your data is more vulnerable to data breaches affecting Google’s servers.
Account security
Google accounts support two-factor authentication (2FA)(nowe okno) and passkeys(nowe okno), making unauthorized access more difficult. 2FA adds a second form of verification(nowe okno), like sending a code on an authenticator, while passkeys let you sign in to your Google account with your fingerprint, face scan, or device screen lock, like a PIN.
Access controls
By default, your Google Drive documents are set to private. As an owner, you can configure permission settings and select who can view, comment on, or edit your documents, such as individual users, groups, or anyone by creating shareable links. It’s also possible to see who has accessed documents and what changes have been made, as well as to set expiration dates if you have a school or work account.
Malware protection
Google automatically processes your content to provide spam filtering, virus detection, and malware protection. If any document is suspicious, Google shows a warning in Drive, including others you may have shared the file with, and it also notifies you via email.
Does Google Docs protect your privacy?
Google often uses misleading privacy claims(nowe okno) and prefers to settle lawsuits totaling billions of dollars rather than face in-depth scrutiny.
For example, Google settled a $93 million lawsuit in 2023, when it deceived(nowe okno) users by continuing to track their location data even after they had turned off the location history setting on their devices. In 2020, Google faced a $5 billion class-action lawsuit for collecting user data when using the Google Chrome incognito browsing mode(nowe okno), which it also settled.
Considering the company’s track record on privacy, it’s helpful to investigate how Google collects and uses the contents of your files in Google Docs.
Data collection
According to its privacy policy(nowe okno), Google collects the content you create, upload, or share with others — including everything in your Google documents.
Google specifically processes your content in Google Docs(nowe okno) to search for spam and malware, and so that you can search your documents. And every time you search, Google also saves your queries. The company can combine this data with other information it collects, such as your location, name, and phone number.
Advertising
Google doesn’t use the content you store in Google Docs for advertising. According(nowe okno) to the company, it doesn’t share your personally identifiable information(nowe okno) with advertisers unless you ask them to, like selecting the call button to call a shop straight from your browser.
AI training
There’s nothing in Google’s privacy policy(nowe okno) that prevents the company from using the content you create, upload, or receive (including Google Docs) and publicly available information to train their AI models. If you want to be absolutely certain your data isn’t being ingested into Google’s training models, the only solution would be to stop using Google services.
Third-party access
As with any other app, integrating Google Docs with third-party add-ons raises concerns since their privacy policies may differ from Google’s. For instance, a third-party add-on could see your personal information and use it for analytics or to show ads. It may also expose your data to third parties(nowe okno).
How to increase your Google Docs security
Most security issues happen because users are not careful enough with their Google accounts, like failing to sign out when using a shared computer. Check out the following tips to stay safe when using Google Docs:
1. Secure your Google account
Protect your Google account with a strong password(nowe okno) to prevent hackers from decrypting it in a data breach. You should also enable two-factor authentication (2FA)(nowe okno) to add another layer of defense in case someone learns your password. Setting up a passkey offers even better security.
Proton Pass is a secure password manager that offers a random password generator(nowe okno), authenticator for 2FA(nowe okno), and support for passkeys(nowe okno), so you can use it to enhance the protection of your Google account.
2. Be mindful of your Google account
Google has been known to disable accounts(nowe okno) for perceived violations of its terms of service(nowe okno) for Docs or any other Google product. So, for example, if you break a rule on YouTube, you might also lose access to your documents, emails, or any other Google service. Sometimes the company’s automated systems can wrongly flag(nowe okno) you.
3. Control who can access your documents
Avoid sharing documents using the “Anyone on the internet” setting unless you are comfortable with them becoming publicly available information. When sharing documents, use restricted sharing options for specific people rather than broad access levels. Additionally, you can check the activity dashboard to see who has accessed your documents and when.
4. Check the permissions of third-party add-ons
Before installing a third-party add-on from Google Marketplace, check the Permissions tab to see what data it collects and how it processes it. You can also look over its privacy policy and check if the app is independently audited.
5. Encrypt your documents
Google work or school accounts(nowe okno) can create new encrypted documents and encrypt documents before uploading them if the admin enabled client-side encryption. It’s also possible to collaborate on encrypted docs. However, free Google accounts can’t use this encryption feature. It’s far easier to use a service that stores documents using end-to-end encryption by default, such as Proton Drive.
6. Back up your important documents
In 2023, many people reported(nowe okno) significant data losses with Google Drive, which underscores the need to back up important files(nowe okno). Fortunately, the company makes it easy to download your Google data(nowe okno) and back it up or move it to another cloud storage service.
Secure your data with Proton Docs
Proton has now launched Proton Docs, a secure end-to-end encrypted fully-featured Google Docs alternative that respects your privacy.
Learn more about Proton Docs(nowe okno)
Proton Docs is accessed through Proton Drive, and is free to everyone — just sign up for a free Proton Drive account.
If you already have Proton Drive and want to experience Proton Docs, just log in to docs.proton.me(nowe okno) using your Proton Account username and password (plus 2FA, if configured) and select + New → New document.
Proton Drive is a safer alternative to Google Drive for cloud storage and collaboration since we use end-to-end encryption(nowe okno) to ensure no one can see your private data — not even us. All files are automatically encrypted before upload.
Proton Drive lets you securely share files(nowe okno) and with anyone, even non-Proton users. You can set expiration dates for shared files, allow viewing or editing, protect links with passwords, easily share files via email(nowe okno), and track how many times your files were downloaded.
Google spies on your data – Proton defends it
Moving away from Google, or deGoogling, means finding a provider you can trust with your data, so you won’t have to worry about privacy violations. Millions of people worldwide trust Proton with their internet privacy, including journalists and activists.
Start deGoogling your life today for just $1
Unlike Google, Proton doesn’t use your data to make money — we are exclusively funded by our community of subscribers and primarily owned by a nonprofit(nowe okno) focused on promoting online privacy for all. Additionally, we operate under strong Swiss privacy laws(nowe okno). All our apps are open source(nowe okno) and independently audited.
Signing up for a Proton account means gaining access to an encrypted ecosystem designed to protect all your data, including cloud storage, passwords, internet connection(nowe okno), email, and calendar.
Frequently asked questions
You can improve your privacy and security when using Google Docs by using strong passwords and 2FA or passkeys for your Google account. You should also manage who can access your documents, check the permissions of third-party add-ons, and encrypt your documents before uploading them to Google Drive.
The biggest concern with Google Docs is that Google can see your documents since it doesn’t use end-to-end encryption. You could also lose access to your account if Google suspects you broke its terms of service, which means losing important documents if you haven’t backed them up elsewhere. Additionally, nothing in Google’s policies prevents them from freely using your documents to train AI models without your consent.
Google doesn’t use end-to-end encryption, so the company and its employees can see your passwords. If you use third-party add-ons with Google Drive, those may see your passwords, too. Additionally, Google can disable your account if it thinks you violated its terms of service when using any of its products. There are also other risks involved, like someone looking over your shoulder in a public place and taking a photo of your screen. Or you may fall victim to clipboard hijacking attacks. A password manager like Proton Pass is more convenient for keeping passwords. Proton Pass uses end-to-end encryption to ensure no one can see your passwords.
Google Workspace is HIPAA compliant, so healthcare providers in the United States can use Google Docs to share medical records. However, your data is only as secure as your Google account, so be sure to use strong passwords and enable 2FA (or use passkeys). Google Drive doesn’t use end-to-end encryption(nowe okno), so the company can see your medical records. If you don’t feel comfortable with this, you should encrypt your files before uploading them to Google Drive. Or you can use Proton Drive to encrypt shared links with a password.