Staying Private While Using Google Docs for Legal & Mutual Aid Work
Regardless of your opinion about Google, their suite of collaborative document editing tools provides a powerful resource in this tumultuous time. Across the country, grassroots groups organizing mutual aid relief work in response to COVID-19 and legal aid as part of the recent wave of protests have relied on Google Docs to coordinate efforts and get help to those that need it. Alternatives to the collaborative tools either do not scale well, are not as usable or intuitive, or just plain aren’t available. Using Google Sheets to coordinate who needs help and how can provide much-needed relief to those hit hardest. But it’s easy to use these tools in a way Google didn’t envision, and trigger account security lockouts in the process.
The need for privacy when doing sensitive work is often paramount, so it’s understandable that organizers often won’t want to use their personal Google accounts. But administering aid documents from a single centralized account and sharing the password amongst peers is not recommended. If one person accessing the account connects from an IP address Google has marked as suspicious, it may lock that account for some time (this can happen for a variety of reasons—a neighbor piggybacking off of your WiFi and using it to hack a website, for example). The bottom line is: the more IPs that connect to a single account, the more likely the account will be flagged as suspicious.
In addition, sharing a password makes it easy for someone to change that password, locking everyone else out. It also means that you can’t protect the account with 2-step verification without a lot of difficulty. 2-step verification protects accounts so that you have to use an app that displays a temporary code or an authentication key every time you sign in to an account. This protects the account from various password-stealing attacks.
For any documents that you create, you’ll want clear attribution for any changes made, even if it is attributable only to a pseudonym. This helps ensure that if false or malicious data is introduced, you know where it came from. Google Docs and Sheets allow you to see the history of changes to a document, and who made those changes. You can also revert to a previous version of the document.
Unfortunately, in our testing we found that Google requires a valid phone number to create and edit documents from an account. (Instead of Google Sheets to organize data, you might consider using Google Forms instead, which allows you to build out a custom form that anyone can submit to, even without an account.) The author of a document can also share the document via a link with editor or commenter permissions, but this also requires a Google account. Google already has a mechanism for determining if a user is legitimate, via its reCAPTCHA service. Instead of requiring sensitive identifying information like phone numbers, it should allow users to create anonymous or pseudonymous accounts without having to link a phone number.
There are a number of routes to getting a phone number that Google will accept and send you a verification code for. The best method for setting up your account depends on how private you want the account to be. Your real phone number is often easily linked back to your address. One step of removal is using a service that generates real phone numbers that can accept SMS messages. There are many such services out there, and most will have you sign up with your real phone number to generate those numbers. These include apps like Burner and full communications platforms such as Twilio. When you establish an account relying on a phone number generated by a third-party (but, ultimately, connected to your phone number), linking a document to your identity will require information from both Google as well as the third-party service. For extra privacy, users should look into purchasing a prepaid SIM card and use a burner phone to receive the verification SMS. If you’re going down this route, you’ll probably also be interested in using a VPN or Tor Browser when collaborating.
There is not a one-size-fits-all solution to collaborating privately with Google Docs. Your decisions on how private you want to be will depend on your own security plan, as well as that of your collaborators.