I used to have a sign up in my office that said “I read your email”. It was just a joke, a geek’s bumper sticker to shock people. But as with so many things, what may seem like a joke or far-fetched idea one day suddenly becomes mainstream reality.
By now I’m sure many people have read about the controversy surrounding Google’s proposed new free email service, GMail. Soon after the company announced the forthcoming new service, privacy advocates started criticizing Google for potential privacy violations. The basic idea is this: the service may scan the contents of people’s email to figure out the most relevant targeted advertisement. One response to the reactions has been to say that people have a choice to use this service. If they are bothered by the practice, they do not have to use GMail. But is it really as simple as that?
Let’s set aside for a moment the issue that many users probably do not read the agreement they sign or even if they read it they may not understand its full implications. Let’s assume that those who sign up for the service do so because for whatever reason they do not mind that their emails get scanned. Okay. But what do you do if you get correspondence from someone who is using a GMail account? If you respond to them then your email will be scanned as well regardless of what email service you use. You did not opt to use GMail because you are bothered by the implications of your mail being scanned. But what can you do? Worse yet, let’s assume you are writing to an email address that the recipient uses as an alias that forwards to a GMail account. You have absolutely no idea that your mail is ending up in the mailbox of someone whose every message gets scanned.
So when people say users will have a choice to opt in and use GMail knowing that their emails may be scanned, I do not think they are considering the implications of the scanning for the correspondants of GMail account users.
{ 25 comments }
Anand 04.15.04 at 2:28 am
This isn’t the US Postal Service. You have no guarantee that your email isn’t being scanned now. Do you email someone at a work email address? Do you email someone who uses a spam scanner?
I remember when Hotmail scandalized people by appending ads to email messages without their consent. Things haven’t changed much…
Sniffy McNickles 04.15.04 at 2:42 am
You also have a choice about whether and how you respond.
If you feel the need to respond, but don’t want anything scanned by Gmail, you can inform your correspondant of that.
In fact, this is little different than some conversations I have on telephones. For some conversations, I want them to happen face to face, without the phone mediating it.
eszter 04.15.04 at 2:44 am
No need to assume complete naïveté on my part. The purpose of my post was to point out that simply saying “it’s the user’s choice to sign up for GMail” doesn’t really address all angles.
Mary 04.15.04 at 2:54 am
I scan every email I receive too. Not for purposes of tailoring advertising to myself, but for purposes of training my spam filter and assessing the likelihood of any given mail being spam. It’s not even sender-blind: the sender becomes part of the data that results from the training.
Further, this scanning and training is already done not just by geeks who manage their own server but on a mass scale by most large mail hosts.
I’m unsure of what the difference is between someone scanning my email sent to them for the purposes of building an email classifier and someone scanning my email sent to them for the purposes of building an advertising service targetted to the recipient. I do feel there’s a difference, but perhaps that intuition is based on the perceived value of “saving my correspondents from spam” versus “allowing my correspondents to pay for their hard disk space with targeted ads.”
I suppose the broader question is about the ethics of using email you receive for various purposes: forwarding private email to third is generally frowned on, using it to train spam filters seems to be neutral. For providers/hosts, reading it is frowned on (except where subpoenas and such are involved), forwarding it also frowned on, deleting it frowned on (unless it’s spam, in which case some but not all recipients rejoice), but training on it? Not sure. To what extent can the recipient assign extra rights to their host?
[Eszter: just saw your comment about naïveté — I’m not assuming you are naïve, rather, I want to see what people think about grounds for a difference between the two types of scanning.]
Tom T. 04.15.04 at 3:10 am
I wonder if the technology will next evolve such that some company will offer scan-proof e-mail to its users. At which time G-mail and various spam filters might offer their users the option of rejecting messages from scan-proof senders. Telephones have reached a state something like this, between Caller ID and Caller ID blocking.
can't use it 04.15.04 at 3:43 am
This is just one more instance proving that people are going to have to start encrypting mail that they don’t want read by onlookers of various types. I recently did a security review that revealed confidential product roadmap documents were being exchanged (by company A with a partner company B). Company B used a company C as their mail hosting service to eliminate spam and viruses. Ordinary senders probably don’t notice this type of relaying of mail. A and C were direct competitors. A wasn’t aware that their confidential documents were going through C’s servers. C’s servers were definitely scanning A’s mail, though in this case I doubt they were engaging in industrial espionage. The point is they could have been. People need to get over the idea that mail sent in the clear is private. (Just ask Ollie North).
bryan 04.15.04 at 3:44 am
‘You also have a choice about whether and how you respond.’
also you have a moral obligation to keep up to date with all the various agreements pertinent to the email services through which people send you email.
What? You didn’t know, don’t be absurd, ignorance of the corporate law is no excuse.
Anonymous (by choice) 04.15.04 at 4:15 am
For those wanting a bit more formal reasoning about why Gmail is wrong:
http://www.worldprivacyforum.org/gmailopenletter.pdf
This is the complaint letter of the various privacy organizations sent to Google.
I also doubted they had a case but the letter is fairly clear and convincing.
Anatoly 04.15.04 at 4:39 am
The open letter is ridiculous.
“Currently, individuals may have the understanding that Google s system is not that different in nature from scanning messages for spam, which is a common practice today. There is a fundamental difference, however. With Gmail, individuals incoming emails will be scanned and seeded with ads.”
The ads, as I understand it, are not inserted inside the emails, they’re displayed alongside them. The user doesn’t perceive them as part of the email message’s text. Thus “seeded” is wrong.
“Inserting new content from third party advertisers in incoming emails is fundamentally different than removing harmful viruses and unwanted spam.”
By this reasoning, the elaborate “X-Spam:” headers a spam filtering service inserts in my incoming email messages before I get them violates my privacy as much as Gmail. After all, it “inserts new content” (and mentions the filtering software, too — could count as advertising).
Yahoo, Hotmail etc. have been inserting ads in outgoing messages for years. That’s “inserting new content from third party advertisers”. Where are the outcries of privacy-related organisations? Where are the open letters?
“Google has countered criticism of Gmail by highlighting that a computer, not a human, will scan the content of the e-mail, thereby making the system less invasive. We think a computer system, with its greater storage, memory, and associative ability than a human s, could be just as invasive as a human listening to the communications, if not more so.”
Do they have any idea how email is delivered in the first place? Not by carrier pigeons, certain RFCs nonwithstanding. Every byte of every message is “scanned” by computers on its way to recepient. Usually mail software doesn’t care about the content of the message, but spam filtering services do.
“Google could — tomorrow — by choice or by court order, employ its scanning system for law enforcement purposes.”
And so could any other webmail system, or an ISP, or a mail forwarding service. They are all able to inspect a message coming through their system, just as Google is.
Rich Puchalsky 04.15.04 at 4:59 am
This will lead to a new spam tactic — buy reputable ads on Google, then send spam that you know will be deleted by the user unread but will be scanned by Gmail and cause your ads to come up.
Jonathan Ichikawa 04.15.04 at 7:22 am
I’ve been wondering for a while, now: why is privacy valuable? Does it harm anyone if a computer scans my email? Are we just worried about the possible 1984ish scenarios, or is this non-privacy bad, even if nothing beyond scanning for ads never comes of it?
kellan 04.15.04 at 9:28 am
tom t: “I wonder if the technology will next evolve such that some company will offer scan-proof e-mail to its users.”
There is a company which already offers this service, its called PGP.
Scott Martens 04.15.04 at 10:08 am
By itself, I’m inclined to agree that there is nothing new or worrysome in what Google is doing. No human is reading through your mail, and law enforcement can already subpeona e-mail archives easily enough.
The trouble with saying that if you don’t like the terms you don’t have to use the service is that it begs the question whether it is okay to make privacy something you can trade away. There are lots of things that the law won’t let you sign away. In California, I regularly signed employment contracts and leases that either restricted or removed my right to file civil suits regarding them. Those clauses have no legal force – in California you cannot sign away your right to sue.
If you can’t sign away your right to sue, should you be able to sign away your right to privacy? I can certainly see an argument against letting people sign such agreements. In principle, I could refuse to sign an employment contract which took away my right to sue my employer. In reality, I couldn’t. Jobs are relatively hard to find, and few employers are willing to change their standard contract for one employee. Allowing it under the liberty of contract has an ultmately chilling effect on this freedom.
In the same way if a service is offered for free on the condition of reduced privacy, the relatively limited number of e-mail providers and the cost of establishing a reliable e-mail service at a low cost could have the same effect on privacy.
rick 04.15.04 at 10:51 am
In a corporate setting, you don’t have a reasonable expectation of privacy. Most employee handbooks will point that out. Some employment agreements go further by requiring you to sign a document acknowledging such.
Getting back to GMail, IANAL but, in legal terms, federal law (and most states’) restrict access of electronic communications to three parties – the sender, the recipient, and the data carrier. Anyone else is potentially criminally liable. In the case of GMail, Google would certainly fall under the category of data carrier. So … basically you’ve only got the Terms of Service agreement to govern what Google (or Yahoo, or Hotmail, …) can and can’t do.
What personally bugs me about these agreements is they keep changing. I consent to what I consider reasonable terms, establish an online identity in the form of an email address – then some Yahoo! comes along and changes the TOS. I’m stuck with choosing between either accepting the new terms or picking a new email provider followed by my own personal bulk email campaign to inform everyone of my new email address.
If you really care about privacy, you need to be looking elsewhere for this kind of service. As for the PGP route, the problem with that is not enough people actually use PGP (or S/MIME). It only works if both parties have the necessary software.
bryan 04.15.04 at 11:15 am
“The ads, as I understand it, are not inserted inside the emails, they’re displayed alongside them. The user doesn’t perceive them as part of the email message’s text. Thus “seeded†is wrong.”
well unfortunately my pdf installation is fucked up so I’m not going to go read the pdf you quoted from, however is it clear whether or not the advertisment is added in as part of web page display at the display time for each email. which is one thing, or is the advertisement added into the email at the email’s reception via an application specific header to the email. the first means nothing, the second would be so astoundingly stupid I wouldn’t believe it possible except the outrage being quoted seems to indicate that might be the case, if the second is the case then it doesn’t matter how the user perceives the email when they read it, it matters that the email has had added in content.
Anatoly 04.15.04 at 1:23 pm
From the screenshots I’ve seen, it’s clear that “the advertisment is added in as part of web page display at the display time for each email”, and is not added permanently and inherently to the text of the message. The “outrage being quoted” is a bunch of self-important activists crying wolf. My own respect for these organisations has diminished greatly with the publication of this open letter.
smart lawyer gal 04.15.04 at 3:51 pm
What if you forward your e-mail to someone who decides he doesn’t like you and posts it on the web? What if you tell someone a secret in confidence and he breaks your trust? The rule for gmail is the same as the rule for any other communication, right? I don’t see what the issue is.
anonymous (even today) 04.15.04 at 5:04 pm
Do they have any idea how email is delivered in the first place? Not by carrier pigeons, certain RFCs nonwithstanding. Every byte of every message is “scanned†by computers on its way to recepient.
Anatoly,
It is common in this bizz to adhere to “abstraction layers”. When according to RFC 821 a mail message is relayed or delivered its headers are changed and the body is “scanned” to find the end of the message. But the Gmail scanning is done at another layer. You can make almost anything fuzzy by not adhering to common abstractions.
As for the smart lawyer gal, if you are a lawyer, the following should interest you:
Gmail’s Potential Conflict with International Law
The Gmail system may conflict with Europe’s privacy laws, specifically, Directive
95/46/EC, also called the EU Privacy Directive. This directive states, among other things,
that users’ consent must be informed, specific, and unambiguous (pursuant to Article 7(a)
of Dir. 95/46/EC).
As it has been proposed, and based on the current Gmail privacy policy, the consent of
EU-based Gmail users cannot necessarily be considered informed, specific, and
unambiguous in regards to the scanning, storage and further processing of their e-mails.
The need for informed, specific, and unambiguous consent also applies to the potential
linking of EU citizens’ e-mails to their search histories. Additional issues with data
retention may also exist under the EU Privacy Directive.
rick 04.15.04 at 7:03 pm
Smart lawyer gal wrote:
I don’t see what the issue is.
For starters, US citizens should take a look at the Communications Act of 1934, the Electronic Communications Privacy Act of 1986, the Communications Assistance to Law Enforcement Act (of 1994).
smart lawyer gal 04.15.04 at 9:06 pm
Rick,
Nice try, but this smart lawyer gal knows better. ECPA has exceptions for the consent of a party to the communication, and courts have uniformly held that proceeding in the face of monitoring constitutes consent. See, e.g., United States v. Amen, 831 F.2d 373 (2d cir. 1987). And CALEA is simply irrelevant to this problem, as it deals with regulation of the telephone system, not e-mail.
From a legal perspective, as long as you agree to the TOS, you have consented to the Gmail monitoring and have waived your rights. What is your argument beyond “for starters?”
Detached Observer 04.16.04 at 12:46 am
Eszter,
Frankly, you have no reasonable expectation of privacy when you send an email. The person who receives it may do whatever they want with it — give it to someone else to read, ridicule it on an online forum, or, if they so wish, let google scan it.
eszter 04.16.04 at 1:35 am
SLG, Detached Observer, and others who so kindly take my personal email practices to heart here. My post wasn’t about me or my personal email practices. Rest assured, I am aware of what it means to send out an email.
I was attempting to point to some more general issues, especially when the email provider may be the same as the service you use for searches. Read this for some more info.
rick 04.16.04 at 4:07 pm
SLG wrote:
Nice try, but this smart lawyer gal knows better. ECPA has exceptions for the consent of a party to the communication, and courts have uniformly held that proceeding in the face of monitoring constitutes consent.
I’ll try harder next time, honest! See my earlier comments on bait-and-switch where the TOS gets changed after the fact. This is semantic but, from an ECPA perspective, would GMail be considered a party to the conversation on the same par as the sender and intended recipient? Under the Communications Act of 1934 (amended) the carrier is permitted to “listen” but is restricted from disclosing any information learned. That’s not the same freedom held by the intended recipient. I’m assuming GMail is the carrier, not an actual party.
And CALEA is simply irrelevant to this problem, as it deals with regulation of the telephone system, not e-mail.
I think CALEA is being extended (ie. Carnivore). We may have to contend with our own ISPs logging everything we do just so they are compliant with laws like CALEA and it’s follow-ons. Email services like Yahoo, Hotmail, and GMail would have to comply (so it’s not too far off topic).
From a legal perspective, as long as you agree to the TOS, you have consented to the Gmail monitoring and have waived your rights. What is your argument beyond “for starters?â€
Again, see my earlier comments. Basically, we’re in agreement except for this: I think it IS a big deal because people are lazy. They don’t read the EULA that came with their software; they don’t read the contract on their extended warranty, and they’re not going to read their GMain TOS.
[Warning: cheap ploy for free legal advice follows …]
Counselor, if you were giving out paid advice, would you tell your client, “hey, that fine print … it’s no big deal” ?
Frank Quist 04.16.04 at 10:42 pm
Here‘s Slate’s take, which makes some of the same points some people have made here: comparing the scanning of e-mail messages to detect spam vs. scanning them to detect keywords for ads. Interestingly Google seems to says it does not store the keywords that triggered the ads. I’m leaning towards agreement with it with the quibble that Google better make it very clear what they do with all the data, if only to comfort the people that dislike what they’re doing.
Read My Mail, Please
The silly privacy fears about Google’s e-mail service.
mrkmyr 04.17.04 at 8:48 pm
I think there is another problem with allowing user choice. When enough people make a choice to have mail scaned, there may be reduced options for those who don’t want it. If Gmail works, hotmail, yahoo, and others might silently switch-over to ad scanning. One might say this is the market at work, but I might argue it is the imperfect market at work.
I think an example of this effect can be seen in credit card contracts. You can’t get a credit card without an arbitration provision.
Comments on this entry are closed.