Comment by temp667

We use a fair number of google products, and you can turn on a lot of enhanced protection, and many businesses do. This means even password protected / private URLs may generate scans from what I've seen. I'm not sure how they actually fingerprint files (maybe locally) but it seems pretty broad

This seems to work across a lot of google products (gmail, drive, chome etc) so it scoops up a ton.

More here:

https://security.googleblog.com/2020/05/enhanced-safe-browsi...

Not sure if this is related to safe browsing. We also can turn on more scanning and other features of all email users.

The key though, if you allow users to PUT files onto your S3 (even private / signed in) then google may scan them. That means if your user uploads a suspicious file to a trouble ticket system, if there IS a virus in there and google sees it, wham. Obviously most folks will segregate those uploads off into their own s3 bucket by user/account to avoid contamination, but you really have to be careful not to hose viruses AT ALL on your key domains.