Google said it would delete content stored in inactive accounts (but not the accounts themselves). Google has now updated its account inactivity policy, announcing that starting at the end of this year, long-term inactive personal accounts and their content will be deleted. This move is designed to save storage space, improve security, and reduce the retention time of personal information.
According to Google’s announcement, if a Google account has not been used or logged in for at least two years, Google will delete the account and its content. This means that the account’s email address will no longer be available, and Gmail messages, calendar events, Drive, Workspace files such as Docs, and Google Photos backups associated with the account will be deleted. At this time, Google does not plan to delete accounts containing YouTube videos.
Google said it would start enforcing the policy in December 2023 (the earliest) and would take a “phased” approach, starting with accounts “created and never used”. “We will move forward with this process slowly and carefully.” Google said that before deleting an account, it will notify the account’s email address and alternate email (if provided) multiple times in the first few months.
Additionally, this policy only applies to free Google accounts, not accounts managed by businesses or schools.
How can I keep my account active? In addition to logging in regularly, staying logged in and performing basic actions can count as active, such as:
read or email
Use Google Drive
watch youtube video
Download the app on the Google Play Store
use google search
Use Sign in with Google to sign in to third-party apps or services
In addition, Google also said that using a signed-in Android device is also considered an activity. And Google Photos already has a separate two-year login and usage policy for being active. Also, accounts with Play Store subscriptions such as Google One or third-party apps are considered active.
In making the change, Google cited security, as inactive accounts often have “old or reused passwords that may have been compromised” and are more vulnerable to compromise. Google said: “Our internal analysis shows that abandoned accounts are at least 10 times more likely than active accounts to not have two-factor authentication set up. That said, these accounts tend to be vulnerable, and once an account is compromised, it can be compromised.” Used for anything from identity theft to spreading unwanted or even malicious content like spam.”
It is noticed that, unlike other services with different security/privacy implications, Google does not release deleted Gmail addresses for reuse.