[rollcat]

Staying logged out off Google at all times is slowly becoming basic web browsing hygiene. Picture a situation:

- You interact with a bot in a mostly-idle, public chatroom (such as !commands on Twitch)

- Bot pastes a url-shortened link that redirects you to a Google doc

- Anyone who had that document already open can now link your Twitch identity to your Google identity (which may include real name+photo)

Granted this particular vector has been open for well over a decade, it may just catch you off guard sooner or later.

[mattzito]

How would they be able to link that? Document owners can't see non-domain users who viewed a particular document (and even for domain users, that can be disabled).

[seabass-labrax]

My recollection is that, at the top-right corner of the screen, you can see the email addresses of the other people who are currently editing the document (but not those who did in the past). If they aren't logged in, you'll see them as names like 'Anonymous Aardvark' instead.

[mattzito]

That is inaccurate. You only see individuals with whom you have directly shared the document with and/or people in your domain (if a business/enterprise customer). For anything link shared, you see the anonymous animal names.