Google has announced it will delete a user’s Google Photos if they have not logged into their account for two years.
In a blog post on Tuesday, the company announced that it will begin deleting Google Photos starting in December.
“You will need to specifically sign in to Google Photos every two years to be considered active which will ensure your photos and other content are not deleted. Similarly, we will send multiple notifications before we take any action,” Google Vice President of Product Management Ruth Kricheli writes in the blog post.
The updated inactive accounts policy states that a user is required to log in at least once every two years to maintain access to Google Photos, Gmail, Docs, Drive, Meet, Calendar, and YouTube.
The cull will initially target Google “accounts that were created and never used again” and the company will send users multiple notifications before deleting the account. Those notifications will also be sent to the user’s requested recovery email.
While the updated inactive accounts policy commenced this week, Google says it will roll out the policy slowly and with plenty of notice to users. However, the company also notes that it will begin deleting accounts from December this year.
To save an account, all a user needs to do is log in to sign into their Google account or any Google service and then read or send an email, use Google Drive, watch a YouTube video, or perform a search, among other activities.
The company says the plan to purge inactive Google accounts only applied to personal accounts and would not affect organizations like schools or businesses that use Gmail and other Google services.
Google will begin deleting accounts that have not been used in at least two years as part of an effort to address security risks.
An internal analysis at Google found that abandoned accounts were much less likely than active accounts to have two-factor verification, an authentication method that helps to confirm a user’s identity.
“Our internal analysis shows abandoned accounts are at least 10x less likely than active accounts to have 2-step verification set up,” Kricheli writes.
“Meaning, these accounts are often vulnerable, and once an account is compromised, it can be used for anything from identity theft to a vector for unwanted or even malicious content, like spam.”
Image credits: Header photo licensed via Depositphotos.