I used to have a sign up in my office that said “I read your email”. It was just a joke, a geek’s bumper sticker to shock people. But as with so many things, what may seem like a joke or far-fetched idea one day suddenly becomes mainstream reality.
By now I’m sure many people have read about the controversy surrounding Google’s proposed new free email service, GMail. Soon after the company announced the forthcoming new service, privacy advocates started criticizing Google for potential privacy violations. The basic idea is this: the service may scan the contents of people’s email to figure out the most relevant targeted advertisement. One response to the reactions has been to say that people have a choice to use this service. If they are bothered by the practice, they do not have to use GMail. But is it really as simple as that?
Let’s set aside for a moment the issue that many users probably do not read the agreement they sign or even if they read it they may not understand its full implications. Let’s assume that those who sign up for the service do so because for whatever reason they do not mind that their emails get scanned. Okay. But what do you do if you get correspondence from someone who is using a GMail account? If you respond to them then your email will be scanned as well regardless of what email service you use. You did not opt to use GMail because you are bothered by the implications of your mail being scanned. But what can you do? Worse yet, let’s assume you are writing to an email address that the recipient uses as an alias that forwards to a GMail account. You have absolutely no idea that your mail is ending up in the mailbox of someone whose every message gets scanned.
So when people say users will have a choice to opt in and use GMail knowing that their emails may be scanned, I do not think they are considering the implications of the scanning for the correspondants of GMail account users.
This isn’t the US Postal Service. You have no guarantee that your email isn’t being scanned now. Do you email someone at a work email address? Do you email someone who uses a spam scanner?
I remember when Hotmail scandalized people by appending ads to email messages without their consent. Things haven’t changed much…
You also have a choice about whether and how you respond.
If you feel the need to respond, but don’t want anything scanned by Gmail, you can inform your correspondant of that.
In fact, this is little different than some conversations I have on telephones. For some conversations, I want them to happen face to face, without the phone mediating it.
No need to assume complete naïveté on my part. The purpose of my post was to point out that simply saying “it’s the user’s choice to sign up for GMail” doesn’t really address all angles.
I scan every email I receive too. Not for purposes of tailoring advertising to myself, but for purposes of training my spam filter and assessing the likelihood of any given mail being spam. It’s not even sender-blind: the sender becomes part of the data that results from the training.
Further, this scanning and training is already done not just by geeks who manage their own server but on a mass scale by most large mail hosts.
I’m unsure of what the difference is between someone scanning my email sent to them for the purposes of building an email classifier and someone scanning my email sent to them for the purposes of building an advertising service targetted to the recipient. I do feel there’s a difference, but perhaps that intuition is based on the perceived value of “saving my correspondents from spam” versus “allowing my correspondents to pay for their hard disk space with targeted ads.”
I suppose the broader question is about the ethics of using email you receive for various purposes: forwarding private email to third is generally frowned on, using it to train spam filters seems to be neutral. For providers/hosts, reading it is frowned on (except where subpoenas and such are involved), forwarding it also frowned on, deleting it frowned on (unless it’s spam, in which case some but not all recipients rejoice), but training on it? Not sure. To what extent can the recipient assign extra rights to their host?
[Eszter: just saw your comment about naïveté — I’m not assuming you are naïve, rather, I want to see what people think about grounds for a difference between the two types of scanning.]
I wonder if the technology will next evolve such that some company will offer scan-proof e-mail to its users. At which time G-mail and various spam filters might offer their users the option of rejecting messages from scan-proof senders. Telephones have reached a state something like this, between Caller ID and Caller ID blocking.
This is just one more instance proving that people are going to have to start encrypting mail that they don’t want read by onlookers of various types. I recently did a security review that revealed confidential product roadmap documents were being exchanged (by company A with a partner company B). Company B used a company C as their mail hosting service to eliminate spam and viruses. Ordinary senders probably don’t notice this type of relaying of mail. A and C were direct competitors. A wasn’t aware that their confidential documents were going through C’s servers. C’s servers were definitely scanning A’s mail, though in this case I doubt they were engaging in industrial espionage. The point is they could have been. People need to get over the idea that mail sent in the clear is private. (Just ask Ollie North).
‘You also have a choice about whether and how you respond.’
also you have a moral obligation to keep up to date with all the various agreements pertinent to the email services through which people send you email.
What? You didn’t know, don’t be absurd, ignorance of the corporate law is no excuse.
For those wanting a bit more formal reasoning about why Gmail is wrong:
http://www.worldprivacyforum.org/gmailopenletter.pdf
This is the complaint letter of the various privacy organizations sent to Google.
I also doubted they had a case but the letter is fairly clear and convincing.
The open letter is ridiculous.
“Currently, individuals may have the understanding that Google s system is not that different in nature from scanning messages for spam, which is a common practice today. There is a fundamental difference, however. With Gmail, individuals incoming emails will be scanned and seeded with ads.”
The ads, as I understand it, are not inserted inside the emails, they’re displayed alongside them. The user doesn’t perceive them as part of the email message’s text. Thus “seeded” is wrong.
“Inserting new content from third party advertisers in incoming emails is fundamentally different than removing harmful viruses and unwanted spam.”
By this reasoning, the elaborate “X-Spam:” headers a spam filtering service inserts in my incoming email messages before I get them violates my privacy as much as Gmail. After all, it “inserts new content” (and mentions the filtering software, too — could count as advertising).
Yahoo, Hotmail etc. have been inserting ads in outgoing messages for years. That’s “inserting new content from third party advertisers”. Where are the outcries of privacy-related organisations? Where are the open letters?
“Google has countered criticism of Gmail by highlighting that a computer, not a human, will scan the content of the e-mail, thereby making the system less invasive. We think a computer system, with its greater storage, memory, and associative ability than a human s, could be just as invasive as a human listening to the communications, if not more so.”
Do they have any idea how email is delivered in the first place? Not by carrier pigeons, certain RFCs nonwithstanding. Every byte of every message is “scanned” by computers on its way to recepient. Usually mail software doesn’t care about the content of the message, but spam filtering services do.
“Google could — tomorrow — by choice or by court order, employ its scanning system for law enforcement purposes.”
And so could any other webmail system, or an ISP, or a mail forwarding service. They are all able to inspect a message coming through their system, just as Google is.
This will lead to a new spam tactic — buy reputable ads on Google, then send spam that you know will be deleted by the user unread but will be scanned by Gmail and cause your ads to come up.
I’ve been wondering for a while, now: why is privacy valuable? Does it harm anyone if a computer scans my email? Are we just worried about the possible 1984ish scenarios, or is this non-privacy bad, even if nothing beyond scanning for ads never comes of it?
tom t: “I wonder if the technology will next evolve such that some company will offer scan-proof e-mail to its users.”
There is a company which already offers this service, its called PGP.
By itself, I’m inclined to agree that there is nothing new or worrysome in what Google is doing. No human is reading through your mail, and law enforcement can already subpeona e-mail archives easily enough.
The trouble with saying that if you don’t like the terms you don’t have to use the service is that it begs the question whether it is okay to make privacy something you can trade away. There are lots of things that the law won’t let you sign away. In California, I regularly signed employment contracts and leases that either restricted or removed my right to file civil suits regarding them. Those clauses have no legal force - in California you cannot sign away your right to sue.
If you can’t sign away your right to sue, should you be able to sign away your right to privacy? I can certainly see an argument against letting people sign such agreements. In principle, I could refuse to sign an employment contract which took away my right to sue my employer. In reality, I couldn’t. Jobs are relatively hard to find, and few employers are willing to change their standard contract for one employee. Allowing it under the liberty of contract has an ultmately chilling effect on this freedom.
In the same way if a service is offered for free on the condition of reduced privacy, the relatively limited number of e-mail providers and the cost of establishing a reliable e-mail service at a low cost could have the same effect on privacy.
In a corporate setting, you don’t have a reasonable expectation of privacy. Most employee handbooks will point that out. Some employment agreements go further by requiring you to sign a document acknowledging such.
Getting back to GMail, IANAL but, in legal terms, federal law (and most states’) restrict access of electronic communications to three parties - the sender, the recipient, and the data carrier. Anyone else is potentially criminally liable. In the case of GMail, Google would certainly fall under the category of data carrier. So … basically you’ve only got the Terms of Service agreement to govern what Google (or Yahoo, or Hotmail, …) can and can’t do.
What personally bugs me about these agreements is they keep changing. I consent to what I consider reasonable terms, establish an online identity in the form of an email address - then some Yahoo! comes along and changes the TOS. I’m stuck with choosing between either accepting the new terms or picking a new email provider followed by my own personal bulk email campaign to inform everyone of my new email address.
If you really care about privacy, you need to be looking elsewhere for this kind of service. As for the PGP route, the problem with that is not enough people actually use PGP (or S/MIME). It only works if both parties have the necessary software.
“The ads, as I understand it, are not inserted inside the emails, they’re displayed alongside them. The user doesn’t perceive them as part of the email message’s text. Thus “seeded” is wrong.”
well unfortunately my pdf installation is fucked up so I’m not going to go read the pdf you quoted from, however is it clear whether or not the advertisment is added in as part of web page display at the display time for each email. which is one thing, or is the advertisement added into the email at the email’s reception via an application specific header to the email. the first means nothing, the second would be so astoundingly stupid I wouldn’t believe it possible except the outrage being quoted seems to indicate that might be the case, if the second is the case then it doesn’t matter how the user perceives the email when they read it, it matters that the email has had added in content.
From the screenshots I’ve seen, it’s clear that “the advertisment is added in as part of web page display at the display time for each email”, and is not added permanently and inherently to the text of the message. The “outrage being quoted” is a bunch of self-important activists crying wolf. My own respect for these organisations has diminished greatly with the publication of this open letter.
What if you forward your e-mail to someone who decides he doesn’t like you and posts it on the web? What if you tell someone a secret in confidence and he breaks your trust? The rule for gmail is the same as the rule for any other communication, right? I don’t see what the issue is.
Do they have any idea how email is delivered in the first place? Not by carrier pigeons, certain RFCs nonwithstanding. Every byte of every message is “scanned” by computers on its way to recepient.
Anatoly,
It is common in this bizz to adhere to “abstraction layers”. When according to RFC 821 a mail message is relayed or delivered its headers are changed and the body is “scanned” to find the end of the message. But the Gmail scanning is done at another layer. You can make almost anything fuzzy by not adhering to common abstractions.
As for the smart lawyer gal, if you are a lawyer, the following should interest you:
Gmail’s Potential Conflict with International Law
The Gmail system may conflict with Europe’s privacy laws, specifically, Directive
95/46/EC, also called the EU Privacy Directive. This directive states, among other things,
that users’ consent must be informed, specific, and unambiguous (pursuant to Article 7(a)
of Dir. 95/46/EC).
As it has been proposed, and based on the current Gmail privacy policy, the consent of
EU-based Gmail users cannot necessarily be considered informed, specific, and
unambiguous in regards to the scanning, storage and further processing of their e-mails.
The need for informed, specific, and unambiguous consent also applies to the potential
linking of EU citizens’ e-mails to their search histories. Additional issues with data
retention may also exist under the EU Privacy Directive.
Smart lawyer gal wrote:
I don’t see what the issue is.
For starters, US citizens should take a look at the Communications Act of 1934, the Electronic Communications Privacy Act of 1986, the Communications Assistance to Law Enforcement Act (of 1994).
Rick,
Nice try, but this smart lawyer gal knows better. ECPA has exceptions for the consent of a party to the communication, and courts have uniformly held that proceeding in the face of monitoring constitutes consent. See, e.g., United States v. Amen, 831 F.2d 373 (2d cir. 1987). And CALEA is simply irrelevant to this problem, as it deals with regulation of the telephone system, not e-mail.
From a legal perspective, as long as you agree to the TOS, you have consented to the Gmail monitoring and have waived your rights. What is your argument beyond “for starters?”
Eszter,
Frankly, you have no reasonable expectation of privacy when you send an email. The person who receives it may do whatever they want with it — give it to someone else to read, ridicule it on an online forum, or, if they so wish, let google scan it.
SLG, Detached Observer, and others who so kindly take my personal email practices to heart here. My post wasn’t about me or my personal email practices. Rest assured, I am aware of what it means to send out an email.
I was attempting to point to some more general issues, especially when the email provider may be the same as the service you use for searches. Read this for some more info.
SLG wrote:
Nice try, but this smart lawyer gal knows better. ECPA has exceptions for the consent of a party to the communication, and courts have uniformly held that proceeding in the face of monitoring constitutes consent.
I’ll try harder next time, honest! See my earlier comments on bait-and-switch where the TOS gets changed after the fact. This is semantic but, from an ECPA perspective, would GMail be considered a party to the conversation on the same par as the sender and intended recipient? Under the Communications Act of 1934 (amended) the carrier is permitted to “listen” but is restricted from disclosing any information learned. That’s not the same freedom held by the intended recipient. I’m assuming GMail is the carrier, not an actual party.
And CALEA is simply irrelevant to this problem, as it deals with regulation of the telephone system, not e-mail.
I think CALEA is being extended (ie. Carnivore). We may have to contend with our own ISPs logging everything we do just so they are compliant with laws like CALEA and it’s follow-ons. Email services like Yahoo, Hotmail, and GMail would have to comply (so it’s not too far off topic).
From a legal perspective, as long as you agree to the TOS, you have consented to the Gmail monitoring and have waived your rights. What is your argument beyond “for starters?”
Again, see my earlier comments. Basically, we’re in agreement except for this: I think it IS a big deal because people are lazy. They don’t read the EULA that came with their software; they don’t read the contract on their extended warranty, and they’re not going to read their GMain TOS.
[Warning: cheap ploy for free legal advice follows …]
Counselor, if you were giving out paid advice, would you tell your client, “hey, that fine print … it’s no big deal” ?
Here’s Slate’s take, which makes some of the same points some people have made here: comparing the scanning of e-mail messages to detect spam vs. scanning them to detect keywords for ads. Interestingly Google seems to says it does not store the keywords that triggered the ads. I’m leaning towards agreement with it with the quibble that Google better make it very clear what they do with all the data, if only to comfort the people that dislike what they’re doing.
Read My Mail, Please
The silly privacy fears about Google’s e-mail service.
I think there is another problem with allowing user choice. When enough people make a choice to have mail scaned, there may be reduced options for those who don’t want it. If Gmail works, hotmail, yahoo, and others might silently switch-over to ad scanning. One might say this is the market at work, but I might argue it is the imperfect market at work.
I think an example of this effect can be seen in credit card contracts. You can’t get a credit card without an arbitration provision.
I confess: I like targetted advertising, it's all the other advertising that I despise.
Read more at eyes.puzzling.org
À Gauche
Jeremy Alder
Amaravati
Anggarrgoon
Audhumlan Conspiracy
H.E. Baber
Philip Blosser
Paul Broderick
Matt Brown
Diana Buccafurni
Brandon Butler
Keith Burgess-Jackson
Certain Doubts
David Chalmers
Noam Chomsky
The Conservative Philosopher
Desert Landscapes
Denis Dutton
David Efird
Karl Elliott
David Estlund
Experimental Philosophy
Fake Barn County
Kai von Fintel
Russell Arben Fox
Garden of Forking Paths
Roger Gathman
Michael Green
Scott Hagaman
Helen Habermann
David Hildebrand
John Holbo
Christopher Grau
Jonathan Ichikawa
Tom Irish
Michelle Jenkins
Adam Kotsko
Barry Lam
Language Hat
Language Log
Christian Lee
Brian Leiter
Stephen Lenhart
Clayton Littlejohn
Roderick T. Long
Joshua Macy
Mad Grad
Jonathan Martin
Matthew McGrattan
Marc Moffett
Geoffrey Nunberg
Orange Philosophy
Philosophy Carnival
Philosophy, et cetera
Philosophy of Art
Douglas Portmore
Philosophy from the 617 (moribund)
Jeremy Pierce
Punishment Theory
Geoff Pynn
Timothy Quigley (moribund?)
Conor Roddy
Sappho's Breathing
Anders Schoubye
Wolfgang Schwartz
Scribo
Michael Sevel
Tom Stoneham (moribund)
Adam Swenson
Peter Suber
Eddie Thomas
Joe Ulatowski
Bruce Umbaugh
What is the name ...
Matt Weiner
Will Wilkinson
Jessica Wilson
Young Hegelian
Richard Zach
Psychology
Donyell Coleman
Deborah Frisch
Milt Rosenberg
Tom Stafford
Law
Ann Althouse
Stephen Bainbridge
Jack Balkin
Douglass A. Berman
Francesca Bignami
BlunkettWatch
Jack Bogdanski
Paul L. Caron
Conglomerate
Jeff Cooper
Disability Law
Displacement of Concepts
Wayne Eastman
Eric Fink
Victor Fleischer (on hiatus)
Peter Friedman
Michael Froomkin
Bernard Hibbitts
Walter Hutchens
InstaPundit
Andis Kaulins
Lawmeme
Edward Lee
Karl-Friedrich Lenz
Larry Lessig
Mirror of Justice
Eric Muller
Nathan Oman
Opinio Juris
John Palfrey
Ken Parish
Punishment Theory
Larry Ribstein
The Right Coast
D. Gordon Smith
Lawrence Solum
Peter Tillers
Transatlantic Assembly
Lawrence Velvel
David Wagner
Kim Weatherall
Yale Constitution Society
Tun Yin
History
Blogenspiel
Timothy Burke
Rebunk
Naomi Chana
Chapati Mystery
Cliopatria
Juan Cole
Cranky Professor
Greg Daly
James Davila
Sherman Dorn
Michael Drout
Frog in a Well
Frogs and Ravens
Early Modern Notes
Evan Garcia
George Mason History bloggers
Ghost in the Machine
Rebecca Goetz
Invisible Adjunct (inactive)
Jason Kuznicki
Konrad Mitchell Lawson
Danny Loss
Liberty and Power
Danny Loss
Ether MacAllum Stewart
Pam Mack
Heather Mathews
James Meadway
Medieval Studies
H.D. Miller
Caleb McDaniel
Marc Mulholland
Received Ideas
Renaissance Weblog
Nathaniel Robinson
Jacob Remes (moribund?)
Christopher Sheil
Red Ted
Time Travelling Is Easy
Brian Ulrich
Shana Worthen
Computers/media/communication
Lauren Andreacchi (moribund)
Eric Behrens
Joseph Bosco
Danah Boyd
David Brake
Collin Brooke
Maximilian Dornseif (moribund)
Jeff Erickson
Ed Felten
Lance Fortnow
Louise Ferguson
Anne Galloway
Jason Gallo
Josh Greenberg
Alex Halavais
Sariel Har-Peled
Tracy Kennedy
Tim Lambert
Liz Lawley
Michael O'Foghlu
Jose Luis Orihuela (moribund)
Alex Pang
Sebastian Paquet
Fernando Pereira
Pink Bunny of Battle
Ranting Professors
Jay Rosen
Ken Rufo
Douglas Rushkoff
Vika Safrin
Rob Schaap (Blogorrhoea)
Frank Schaap
Robert A. Stewart
Suresh Venkatasubramanian
Ray Trygstad
Jill Walker
Phil Windley
Siva Vaidahyanathan
Anthropology
Kerim Friedman
Alex Golub
Martijn de Koning
Nicholas Packwood
Geography
Stentor Danielson
Benjamin Heumann
Scott Whitlock
Education
Edward Bilodeau
Jenny D.
Richard Kahn
Progressive Teachers
Kelvin Thompson (defunct?)
Mark Byron
Business administration
Michael Watkins (moribund)
Literature, language, culture
Mike Arnzen
Brandon Barr
Michael Berube
The Blogora
Colin Brayton
John Bruce
Miriam Burstein
Chris Cagle
Jean Chu
Hans Coppens
Tyler Curtain
Cultural Revolution
Terry Dean
Joseph Duemer
Flaschenpost
Kathleen Fitzpatrick
Jonathan Goodwin
Rachael Groner
Alison Hale
Household Opera
Dennis Jerz
Jason Jones
Miriam Jones
Matthew Kirschenbaum
Steven Krause
Lilliputian Lilith
Catherine Liu
John Lovas
Gerald Lucas
Making Contact
Barry Mauer
Erin O'Connor
Print Culture
Clancy Ratcliff
Matthias Rip
A.G. Rud
Amardeep Singh
Steve Shaviro
Thanks ... Zombie
Vera Tobin
Chuck Tryon
University Diaries
Classics
Michael Hendry
David Meadows
Religion
AKM Adam
Ryan Overbey
Telford Work (moribund)
Library Science
Norma Bruce
Music
Kyle Gann
ionarts
Tim Rutherford-Johnson
Greg Sandow
Scott Spiegelberg
Biology/Medicine
Pradeep Atluri
Bloviator
Anthony Cox
Susan Ferrari (moribund)
Amy Greenwood
La Di Da
John M. Lynch
Charles Murtaugh (moribund)
Paul Z. Myers
Respectful of Otters
Josh Rosenau
Universal Acid
Amity Wilczek (moribund)
Theodore Wong (moribund)
Physics/Applied Physics
Trish Amuntrud
Sean Carroll
Jacques Distler
Stephen Hsu
Irascible Professor
Andrew Jaffe
Michael Nielsen
Chad Orzel
String Coffee Table
Math/Statistics
Dead Parrots
Andrew Gelman
Christopher Genovese
Moment, Linger on
Jason Rosenhouse
Vlorbik
Peter Woit
Complex Systems
Petter Holme
Luis Rocha
Cosma Shalizi
Bill Tozier
Chemistry
"Keneth Miles"
Engineering
Zack Amjal
Chris Hall
University Administration
Frank Admissions (moribund?)
Architecture/Urban development
City Comforts (urban planning)
Unfolio
Panchromatica
Earth Sciences
Our Take
Who Knows?
Bitch Ph.D.
Just Tenured
Playing School
Professor Goose
This Academic Life
Other sources of information
Arts and Letters Daily
Boston Review
Imprints
Political Theory Daily Review
Science and Technology Daily Review