And if you do use your gmail address just forward it and start to transition to something else. With time everything of importance has been transferred.
Current state of OIDC should be pretty much standard across most providers - it put it that devs need too make the push to support alt login providers for preventing vendor lockin in identity like were currently barreling towards in hardware/software.
Notably some model providers explicitly allow that very flow, while others will ban you without notice.
A general problem for Google products is that everything is mixed together.
The correct and sane thing to do is to send them an email, with at most a 24 hour suspension. If they keep doing it despite being warned then by all means fire them.
I hope this is sarcasm. A permaban as the first action is never a good idea.
I would also avoid using the same credit card between accounts. I used a Venmo card for my chrome extension account as an extra layer of separation.
If people lost access to their whole accounts that would be a major crisis for Google users. But it doesn't seem that that was actually the case.
This doesn't make it super clear, but, the submission from a week ago when bans got handed out: https://news.ycombinator.com/item?id=47115805
As a hedge, you can google.com/takeout on a monthly cadence.
At least a few years ago when raspberry pi nodes were cheap, you could set up rClone to sync the `TAKEOUT` folder of your gdrive account locally and then encrypt it and shove it into backblaze. Then set up a monthly reminder to quickly request a takeout and make sure that you choose the "deliver to google drive" option.
However many stories appeared where people tried to claim that their whole Google account was banned to gain traction.
Unless it is clear that a full Google account has been banned we should push back on any story that claims this.
By now they lost any trace of goodwill they ever had and are guilty until proven innocent.
I agree that the digital death sentence is really bad and doubly so seen that many are using single-sign on tied to their Google identity but...
> with a company that notoriously has no way for the average human to contact a human is not worth the risk
There's definitely phone support for paying Google Workspace users: don't tell me there's not, my wife got Google support on the phone more than once and they've been helpful.
And it's not a crazy expensive subscription either.
I'm the customer, not the product.
A week? Try at least 16 days
https://discuss.ai.google.dev/t/account-restricted-without-w...
The danger here is they'll ban you with no specific reason, fill out the form and you get an automatic unban and then something else automatically flags and you're banned the second time permanently.
Support bot will then say "you were warned, read the TOS" and you get to guess what you did wrong.
You'll notice there are no appeals or reviews in this workflow.
Google has no creditability when it comes to handling account bans.
Google wasn't always like this, and moving of from an email address isn't technically hard, but something that 99% of the people will be very very reluctant to do.
What they are actually trying to force you to do is to pay for the tokens that you don't use in their applications to increase their revenue and/or give their in-house tools an "unfair" advantage. But this is bad for the consumer because it means that there is less competition between coding agents and unless I'm willing to pay per token I have to take one of the model labs agents.
Anticompetitive behaviour imo they could just ban reselling tokens or something like that instead of locking your subscription in like this.
This is almost as realistic as "I wish netflix or youtube allowed me to use VLC to watch their content".
The easiest way to watch a movie in the player of my choice - even if i have legal access to it because it's in my netflix subscription - is to download it off piratebay.
Add to that Netflix's shitty discovery system, I'm pretty sure I watched some downloaded movies in spite of actually having legal access to them.
Oh, remember when PC games used to come on disks? For the Netflix example I can only guess, but I'm 100% sure I downloaded isos for games I had actually bought and had the physical disc... somewhere.
Oh, except they do[0].
This is exactly what should be happening. There's no reason to limit the client apps for things like _paid_ Netflix or Youtube Premium.
Think of it like the digital right-to-repair.
I pay for it, I get to use it with any client I want. Simple.
They have no problem with users using their quota on their own software. Because they get the signals. They do have a problem with users using the API in 3rd party software, because they don't get the signals.
if OpenClaw usage go up, and a service (OpenAI it looks like) gets lots of usage data for personal assistent usage, they can optimize to make it better for people who get a $200 subscription just because of that use case.
This is not at all true. What is prompting this behavior from Google and Anthropic is that people are using their oauth creds/API keys to run OpenClaw bots that use orders of magnitude more tokens than the IDEs. The official clients also can use a lot more prompt caching because they have expected workflows.
And like, if you want to run OpenClaw, they’re not saying you can’t do that: use the API pricing, that’s what it’s for. But people are getting mad that they’re not allowed to roll their pickup truck up to the all-you-can-eat buffet table and fill it.
If you want the discounted rates they offer in their monthly plans, then expect to follow the terms that discount is offered under.
It's been 2 months since these bans have started, first Anthropic, then Google. And their wording is still so confusing that I can't get a simple answer to a simple question:
Is piggybacking on headless 'gemini-cli -p' or 'claude -p' a TOS violation? Because there's really no reason why you can't do exactly what these tools did that caused these two companies to start giving out bans.
Unless you're in for a very specific configuration of models for some niche concern, CLIs give you nearly exact same access to the backend that snatching an OAuth token from them does. They give you JSONL for stdin, JSONL for stdout, and if you spin up a local proxy, you even get the same exact API contract in responses that you get from public APIs.
In fact, I already built a small tool for myself that does exactly that, to allow usage of alternative harnesses I prefer. Once I release it to the public, will -p be banned too?
But that's the sole reason why all of the tools have headless modes. Headless mode is textbook definition of supporting automation.
From gemini docs: [1]
> Headless mode allows you to run Gemini CLI programmatically from command line scripts and automation tools without any interactive UI.
And claude code:
> Use the Agent SDK to run Claude Code programmatically from the CLI, Python, or TypeScript
Why does headless mode exist if using it is a bannable offense?
[1] https://google-gemini.github.io/gemini-cli/docs/cli/headless...
>Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products, including agents built on the Claude Agent SDK. Please use the API key authentication methods described in this document instead.
Seems clear-cut to me.
But these tools, including openclaw, didn't have to snatch the OAuth tokens, they could have used claude code built in headless stdio and consequences for Anthropic would be exactly the same. OAuth was just faster to plug in.
So if I open source my solution that allows opencode & openclaw to go through claude cli's headless mode, is this allowed? Is this a product that allows claude.ai login?
What if I open source a 1 line bash loop (e.g. ralph loop) that does the same?
What if I build a more complex bash loop that goes through my tasks in a text file, and calls claude cli for each?
I don't know at which point this becomes "offering claude.ai login" or a "product", or "building agents".
Here's my product:
while :; do cat PROMPT.md | claude ; done
Am I blacklisted now?
Anti Gravity I understand, they are subsidizing to promote a general IDE, but I dont understand constraining the generative AI backend that Gemini CLI hits.
Finally, it's unclear what's allowed and what's not if I purchase the API access from google cloud here https://developers.google.com/gemini-code-assist/docs/overvi...
The Apache License of this product at this point is rich. Just make it closed source and close the API reference. Why have it out there?
To this day I cannot coax the gemini-cli to allow me to use the models they claim you have access to. Enabled all the preview stuff in cloud etc etc.
Still I mostly get 2.5 and rarely get 3 or 3.1 offered.
The gemini-cli repo is a shit show.
I can seem to access the new models using opencode, but am 429 rate limited almost immediately such that its like 5 minutes between calls.
They mask the 429s well in Gemini-Cli - if an endpoint is rate limited, they try another, or route to another model, etc to keep service availability up.
Your experience on the 429s is consistent with mine - the 429s is the first thing they need to fix. Fix that and they have a solid model at a good price point.
I use my own coding agent (https://github.com/hsaliak/std_slop) and not being able to bring my (now cancelled) AI account with Google to it is a bummer.
I'd still use it with the Code Assist Standard license if the google cloud API subscription allows for it but I have no clarification.
ToS change frequently and it’s not really fair to assume the user knows what is and is not correct use of tokens.
Like in a similar vein, Instagram sometimes randomly bans genuine users without appeal, probably because they deal with thousands more spam accounts that don't deserve a warning/appeals process.
[0] Like as Anthropic reported: https://www.anthropic.com/news/detecting-and-preventing-dist...
If you think about how people's entire Google accounts are getting banned without apparently violating any terms without the ability to talk to someone or appeal, this feels almost nothing.
The fix is surprisingly straightforward: own your domain, use a provider that focuses on email, and keep your client separate from your provider. Standard IMAP means all three pieces are interchangeable. If one fails, swap it out.
(I work on Marco [0], an IMAP email client. The number of people looking to decouple from Gmail/Google has been growing steadily, definitely a current trend.)
To be charitable, maybe they’re expecting AI agents to eventually start reading the ToS docs
Which means that anyone serious about AI and not going local route should be using a provider with better reputation. I don't know if Alibaba, Z.ai or moonshots AI are also known for hair trigger responses, could be decent options for coding AI otherwise? If not, time to look for smaller providers with good reputation?
Google consistently fails to provide a process to deal with user issues. You donot see many reports of these at Amazon, Microsoft, Apple, and many more providers. Though Meta learns from google I think.
Yes but as we're talking about Microsoft, these cases are probably explained by incompetence.
Today I could have uploaded them fine, and let whoever owns the cartoon make money I was just a fan of the show.
So either scaling stops hard here pretty soon so that spending can stabilize or else the investors are going to be showing up asking for several pounds of flesh.
Suddenly 'dont get left behind, this is the worst these models will ever be' sounds a lot more like 'get locked in with a hyper giant that'll destroy your livelihood and not notice'.
Although who knows, maybe local models will be a thing (however when your dev team gets banned with no explanation and the next milestone is coming up somehow I don't expect that transition to go sufficiently quick).
This comment resonated with me in particular.
This morning I asked Gemini to “save” its output to a local file. However it did more than that … it committed the file (along with several unrelated staged changes that was not ready to be committed) and even pushed the changes to GitHub. I’ve never asked any model to commit, let alone push… I’m not impressed; actually a bit disappointed that it would do this without any warning up front. This happened in Antigravity.
Or just don't give it the keys, this is my strategy. Put them in a box with specific tools and access.
See also The Lethal Trifecta
> bans for Antigravity usage also blocked access to Gemini CLI and Gemini Code Assist.
Disclosure: I work at Google, but not on anything related to this.
problem is google's security concerns. when people connect gmail to openclaw, google flags the activity as weird and suspend the account because of unusual activity. Many whose accounts got locked because of this and they thought it was because they connected it to antigravity use against the policy (which happened in some cases). We will still see google account suspensions, and that would keep making news. and it wont be because of antigravity usage.
Translation: Google doesn’t want you using Gemini oauth with openclaw
If I squint at the conversation, it doesn't seem that different from a behemoth company taking an employee of a private company and forcing them to still stop working for arbitrary reasons.
I'm giving agents and coding tools wide berth here, but if AI is going to replace all employees, what guarantees do you have as the employer that your employees will do your bidding, and not the bidding of enterprises with a shifting moral landscape?
Once we have tooling wrapped around specific agents, it'll be hard to rehire. What will we do then when our "employees" are furloughed?
This will be especially relevant when the big AI labs decide they need to enter a market to justify an obscene valuation. Or, when the sovereign wealth fund decides they don't like the direction of a business.
This is a good and honorable decision by Google. But it also brings up scary times ahead.
