Gmail Is Not A Privacy ProblemGmail Is Not A Privacy Problem
Is there really informed consent among Gmail users? The real privacy issue is we're all getting by on a lot of trust.
August 14, 2013
10 Ways To Fight Email Overload
10 Ways To Fight Email Overload(click image for larger view and for slideshow)
In its motion to dismiss a privacy claim against its Gmail service, Google has made it clear that people sending email messages to Gmail users should not expect privacy.
"Just as a sender of a letter to a business colleague cannot be surprised that the recipient's assistant opens the letter, people who use Web-based email today cannot be surprised if their emails are processed by the recipient's [email provider] in the course of delivery. Indeed, 'a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties,'" said Google.
Consumer Watchdog, a group that has frequently objected to Google's privacy practices, calls this "a stunning admission," though it would more accurately be described as "established precedent," because the inline citation comes from a 1979 case, Smith v. Maryland.
The advocacy group's advice, however, is fair enough: "People who care about their email correspondents' privacy should not use the Internet giant's service."
[ The best power solution ever? Read Battery-Free Mobile Devices Draw Power From Thin Air. ]
Indeed, people who care about their email correspondents' privacy should not be using email at all, or if they must, they should be using it only in conjunction with respected encryption tools. But the vast majority of those people do not care enough about privacy — their own or that of their correspondents — to acquire the technical expertise to effectively use encryption.
What Consumer Watchdog neglects to point out is that Google's attorneys are arguing that Gmail does not violate wiretap laws because "all users of email must necessarily expect that their emails will be subject to automated processing."
In a phone interview, Consumer Watchdog's John M. Simpson described the issue with Gmail thus: "They're opening up content and going through it."
But they're not. Google employees don't read Gmail users' messages. Google computers do. Microsoft computers do the same thing, as the company acknowledges in its Terms of Service: "[W]e may occasionally use automated means to isolate information from email, chats, or photos in order to help detect and protect against spam and malware, or to improve the services with new features that makes them easier to use."
The only difference is that Google is using automated means to deliver relevant ads in addition to ensuring security and quality of service.
Eric Goldman, professor at Santa Clara University School of Law, in an email acknowledged that Google's attorneys could have worded things a bit more delicately but stressed that Gmail privacy claims have gone nowhere for years.
"Unfortunately, Google's poor choice of words gives the legions of Google-haters another chance to take another whack at it," he wrote. "I find the whole fracas baffling given that we have nearly a decade of experience using Gmail. The scare-mongering was a lot more persuasive in 2004, when the future was unknown, than 2013, when we basically know how the story turned out, i.e., Gmail is a great service and no one has suffered any harms due to Gmail's automated email processing."
Yet, Simpson's objection to Gmail has a kernel of merit: He takes issue with the notion that there's really informed consent among Gmail users and those sending email to Gmail users. Fair enough: click-through agreements suck. Online disclosure and contractual terms could be much more clear.
But ignorance of the law is no excuse and ignorance about the realities of online life shouldn't be an excuse either, as long as there's no meaningful deception going on. Terms of service agreements, contracts, computer technology and the law are all hard to understand. If we were really to insist on informed consent, there would be no Internet because almost no one bothers to read click-through contracts and few among those who do really understand what's going on at a technical level. We're all getting by on a lot of trust.
The Internet is a surveillance state. If that bothers you, if Gmail's automated scanning is too much of a privacy violation, do something about it. Brush up on PGP and start encrypting. Push for stronger data protection rules. Block ads. Communicate by tin-foil-clad carrier pigeons. Conduct your social networking in person. Vote for regime change. But don't say that you didn't know.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023