It’s no secret that major tech companies run on data. From user profiles to behaviour, companies regularly capture and analyse large amounts of data to improve their products and services. Google embodies this strategy more than anyone. It tracks tons of information and creates a custom data profile to ensure a seamless browsing experience.

However, many people are worried that this may jeopardise their privacy. That’s why it’s important to know what data Google collects and how to manage it.

What is your Google history?

Whenever you use services like Google Maps, YouTube, Chrome, and Search, Google logs all search and browsing activities. To assess this, go to the Data & personalisation menu in your Google Account and select My Activity. From there, you should be able to browse your personal account history, organised by date and time.

The types of data that appear in your My Activity feed may include:

• Web & app activity – Refers to search history, visited websites, recently used Google services, and online purchases. Google then uses this information to refine search results and provide ads and services that are relevant to you.    
• Location history – Stores IP addresses and GPS data that indicate any noteworthy places you visited. Such data allows Google to give personalised directions and travel recommendations.
• Device information – Saves contact lists, calendars, alarms, battery level, touchscreen data, and Wi-Fi stability.
• Voice & audio activity – Records voice data to enhance the responsiveness of Google Assistant and other voice-activated services.
• YouTube history – Keeps track of every YouTube video you watch and for how long you watch it for.

The risk of using Google’s My Activity platform

Although Google’s extensive data collection improves its services, organisations must be careful of the potential risks of collecting data. Data tracking may be a serious concern if you’re in industries like healthcare and finance, where organisations are required to ensure the confidentiality of sensitive information.

From a security standpoint, Google compiles over 10 years’ worth of user activity into a centralised dashboard, but the only thing securing such information is a password. That means if cybercriminals gain access to your account, your organisation can be exposed to a host of cyberthreats, particularly social engineering scams.

Social engineering attacks involve manipulating potential victims to take a desired action such as clicking on dangerous links, disclosing sensitive information, and downloading malware. With access to your activity data, a scammer has everything they need to devise a persuasive con.

For instance, they can send fake links and ads based on your buying preferences and search history to trick you into wiring money directly to the hacker’s account. Scammers can also identify your contacts and send them fraudulent, malware-ridden messages purporting to be from you.  

Besides social engineering, a compromised My Activity feed enables hackers to locate devices tied to your Google account. If they manage to get a hold of these devices, they’ll have unfettered access to your company’s most critical assets.

Mitigating the risks

The best way to protect your data is to limit how much Google can collect. Go to the Data & personalisation menu and disable activity tracking features under the Activity and timeline panel. On iOS, you can access the Data & personalisation menu by opening the Gmail app and going to Settings > your account > Manage your Google Account. On Android, simply go to your device’s Settings app and tap on Google > Google Account.

Critical settings you should turn off include web activity, device information, voice and audio activity, and location history tracking. You can delete any information Google has about you by expanding each setting, clicking Manage Activity, and selecting Choose to delete automatically. This prevents would-be cybercriminals from knowing intimate details about you. Employees must also be informed of the risks of Google’s tracking features and given an opt-out option to protect their privacy.  

Another thing you can do to minimise privacy risks involves deleting your Google browsing history. To do this, open Chrome, tap More (…) > History, and click Clear browsing data. From there, you can choose to clear all or specify the history you want to delete (this applies for PC, Apple, and Android devices).

More importantly, make sure your Google Account is secure. This involves setting strong passwords (i.e., 12-character combinations with letters, numbers, and symbols) completely unique to that account. Enabling multifactor authentication also adds an extra layer of security by requiring users to provide a temporary verification code sent to their devices.

If you want to minimise the risk of cyberattacks and privacy violations, Empower IT Solutions is the best option. As one of Australia’s leading managed services providers, we help businesses control data tracking tools and deploy robust cybersecurity solutions. Contact us today to safeguard your data.