Slashdot Mirror
Privacy Complaint Against Google's GMail Service
CRCates writes "Privacy groups in the UK have filed a complaint against Google over its new Gmail service. Privacy groups said they were concerned about Google's ability to link a user's personal details, supplied in the Gmail registration process, to Web-surfing behaviour through the use of a single cookie for its search and mail services. "
It hasn't even been launched yet, it's in beta. I'd imagine the people in this beta have signed some kind of agreement where they say they cannot do anything if they are adversly affected by Gmail, so what's the problem? Of course it's a different matter when it's launched to the public.
When anger rises, think of the consequences.
Confucius (551 BC - 479 BC)
Erase the cookie. Don't use the service. How do you know Yahoo! doesn't read all it's mail?
Welcome to paranoia.
This would be the cookie that doesn't expire till 2038 yes?
'Don't worry' said the trees when they saw the axe coming, 'The handle is one of us.'
After all not even a company like google could keep track of that much information. :P
If you don't want them to have your personal info, then don't provide it! GMail is a service, not a requirement.
You want a gig of email but with privacy? Go sign up at Spymac. It's also free, and it's already here - and not in beta. And they don't read your email.
I've got more mod points and GMail invi
BBC Article
People say I'm crazy, I got diamonds on the soles of my shoes...
If someone has a problem with the way the advertising is done, then they shouldn't use it. It is not like Google is hiding all of this information from their users.
All of this complaining and bickering for a service that is not yet released...
Trying is the First Step to Failing --Homer Simpson
I wish to complain about the post I am going to make half an hour from now. It is inflammatory and totally uncalled for.
I can understand the concerns Europeans may have, but then again, this is an opt-in procedure.
If you don't want to use Gmail, you have other options through your ISP, other free services, etc.
It just seems to me this is an extension of social networking, but from a business perspective. - target based advertising based on what you surf for based on your cookie.
It seems similar in a way to what Gnome's Nat Friedman wants to do with Dashboard. Based on your email & IM, having the desktop provide you with links to what you're talking about.
To me, the pro's at this point from what we know may outweight the cons - yes they'll target me with ad's based on my surfing behavior, but the ability to index and search my email rather than using "To" "From" and "Subject" headers is definitely a step forward in email management.
Since by the same measure, Microsoft can track a user by the personal information given through the passport/hotmail registration procedure through every website you visit using THEIR browser, every program you run on THEIR operating system, every document you read/write with THEIR office application.
Innocent until proven guilty. When they start using this for an invasion of privacy, then you can complain, at this point they haven't even offered the service, how can you complain that they've invaded your privacy.
Besides, if you don't like it, don't create an account and go back to wearing your tinfoil hat. They aren't using strongarm tactics to force you to use their product.
Jamon.
I can count to 1023 on my hands. Ask me about #132.
I will note, however, that at least in the United States we went ahead and outlawed indentured servitude, even though (a) it was usually entered into voluntarily (b) it often had a net benefit to the indentured party. Still, we felt that the moral and social cost of the "servitude" part was too high to allow individuals to enter into that sort of contract.
Perhaps the privacy advocates are arguing along the same lines here.
I will also note that while Google claims that one of their corporate policies is "don't be evil", they also absolutely refuse to discuss or explain almost any facet of their operations. Just a thought.
sPh
I'm still not entirely sure what everyone's complaint is here. You don't have to join Gmail to use google. They openly admit that they may combine data (unlike everyone else who do combine data but refuse to tell anyone about it)
If you don't want google using your data, don't give it to them. Personally, I'm happy for google to have all my data if it will improve my browsing and emailing experience, and that is my personal choice to make.
What people should be complaining about is insurance and credit card companies which buy incomplete and incorrect sets of data and judge your credit rating based on it (it's happened to me). Now thats dodgy.
Combination - fun iPhone puzzling
"Residual copies of email may remain on our systems, even after you have deleted them from your mailbox or after the termination of your account," Google's Gmail says in its privacy and terms of use sections.
/you/, but not to /us/.
:)
/that/ different in Europe?
snip
"If a person deletes an email, he should be confident that email is actually deleted," said Maurice Westerling, co-founder of Bits of Freedom, another privacy interest group, based in the Netherlands.
MS Exchange has settings for the email retention period. If you delete something from your mailbox in Outlook, then empty your Trash folder, it's effectively gone from your view and you've no way to retrieve it. It is however stored in Exchange for as long as the administrators wish to hang onto it (and that "deleted" email is, indeed, backed up and restorable).
If you shift-delete an object out of your Inbox, using that wonderful permanent-kill technique that the tech-savvy thinks protects and anonymizes their email... it's stored for the email retention period listed by the sysadmins, is backed up, and is restorable. It looks very dead to
(fyi, the only real way around this is to edit your Outlook client so that you can get the Recover Deleted Items option on every object in your inbox [as opposed to just the Recycle Bin], then habitually view -- and purge -- that information on a schedule that is more frequent than the one used for our backups. That'd work.)
Anyway, the shorter point is, this kind of thing happens. The reason is happens is liability. If a criminal organization is using Google's GMail system for planning a robbery, or if a terrorist group decides they want to attack rail systems in Europe and wants to do so by using random public terminals to sign into email accounts that someone else hosts, it's a problem. If law enforcement comes looking and Google has to say "Oh, sorry - we respect privacy so much that we absolutely and permanently delete all traces of all email the second you touch the delete object!", it will not be a pleasant thing. The investigators will not be happy.
Alternate question; do you really think that your email is permanently gone from Yahoo! and Hotmail?
Do you really think they can't restore to an arbitrary point in time?
Do you think they wouldn't turn that info over to law enforcement in a heartbeat if a court order came down?
Are the rules
Here is the privacy policy.
I didn't see anything in there about this particular topic, although there is a bit about the fact that they will be using cookies (natch).
Personally, I find it hard to be too concerned about this. My web-surfing patterns are already recorded in a "soft" way via my browser history and a much "harder" way via my ISP's access logs. I can go out of my way to use proxies and make it difficult to trace, etc, but it isn't like you can't figure out what my machine is doing (unless I'm doing some fairly advanced stuff).
My sigs always suck.
Read the EFF's Fair Use FAQ
It seems like most of the comments so far are along the lines "it's voluntary, google should be allowed to do what they want."
/. if this had been a Microsoft service.
It would be interesting to see the reaction on
Look, they aren't charging for the service, nor are they forcing you to use it.
Whether its free or not is irrelevant. In the UK, there is legislation (the so-called Data Protection Act ) which places tight constraints on how personal data is archived and managed. If the Google mail service falls foul of this act, then it does not matter whether or not the service is free; it is still breaking the law.
Tubal-Cain smokes the white owl.
The article is very clear: privacy groups aren't just arguing that Google is violating privacy, they are arguing that Google is violating the law (by violating privacy).
It seems that European privacy law is much more strict than US law, and by retaining a subscriber's email even after they have deleted it or cancelled their account Google is breaking those laws.
Huge difference.
"The market alone cannot provide sufficient constraints on corporation's penchant to cause harm." -- Joel Bakan
Any one else think it's odd that a privacy group is complaing about a service that isn't available to the public yet? I'm all for privacy, but let's pick the reasonable battles. It will be repeated ad nauseum here, but you don't HAVE to sign up for Gmail.
I would much rather that privacy groups spend their finite resources fighting the stuff we don't have the option of avoiding, Big Government and such.
Seems like any other organization, privacy groups have to justify their existence by creating problems where none exist.
This seems to me to be very much a knee-jerk reaction. Provided that Google is up-fromt will all this, why shouldn't I be given the opportunity to opt-in to such a service? I entirely agree that this should not be done secretly - but Google is very upfront. Surely it is not an invasion of privacy if I explicitly accept that Google will scan my mail as part of paying for the service.
I like Google Adwords. Given that advertising is an endemic part of life, and is not going to go away, Adwords is the way I want it. Let Google take all the advertising revenue with Adwords, and may the popup merchants go broke. If Google want to offer a paid-for non-Adwords service, I shall think about it - and probably not buy it.
As to keeping some of your email when you delete it - I don't think this is intentional. AFAICS Google has a "weak delete" policy - they try to recover deleted space, but if they don't recover it all, too bad - disks are cheap. So there may well be old copies of your emails hanging round. What the hell - they are not indexed, so it will take a deep search to find it. Do Yahoo, Hotmail & Co guarantee a destructive overwrite when they delete your mail? I doubt it - in which case they might have an old copy lying round on their disks.
So, privacy people, don't spoil what looks like it might (subject to confirmation, of course) be a useful, opt-in service because of arcane potential privacy problems.
Consciousness is an illusion caused by an excess of self consciousness.
I mean, think about it. Let's say that you have webmail with one of the other major providers. Somebody sends you mail. You reply. They reply. Now your email has a couple of levels of ">" in it. Wouldn't it be nice if they highlighted those in different colors or something?
/. said about ads that if they made sense, they wouldn't mind 'em? Guess what - that's targetting. And how they're supposed to make sense and be timely without some kind of processing is beyond me.
Oh, wait - they already do that? (Note: at least, this was common the last time I bothered with webmail which was some time ago). Guess what - that's "reading" your mail as well. In fact, they're just changing your display - without changing the verbal contact of your message - to make it more convenient for you.
Isn't that also a (reaching, but legitimate) description of providing targetted advertising? I mean, how many times have people here on
As for the article's complaint, it seems to focus around the fact that when you "delete" an email, Google doesn't guarantee that it goes away immediately. Their message seems to be talking about cache updates though - if they were willing to amend it with a service guarantee that within xx hours your email would be deleted, that would probably do the trick. Of course, then people would be arguing that they needed to provide complete file-trashing (triple overwrite, etc) as well, even though your regular email client and ISPs email account probably don't do that.
I think its just a case of being too cautious in their terms of use. In this case, being too honest where the other major providers are being "honest enough," and not worrying about caches, et cetera. Of course, they may be planning to use your old email for nefarious purposes, but somehow I doubt it. Either way, they should clarify their statement.
You're special forces then? That's great! I just love your olympics!
Email in its basic form is not, nor has never been, private. There have never been any promises that email was private. I remember from the first time I used email that it was always likened to mailing stuff on a postcard, not in a sealed envelope. It's also not like Google is trying to hide the fact that they are scanning your emails. It is right out in the open in the terms of agreement. If you don't agree, don't sign up...
Am I the only one with ZERO sympathy when users of FREE services whine?
--- Ban humanity.
Is it just me or is this whole GMail thing an April Fools prank gone horribly wrong?
Read the Google news release again:
The inspiration for Gmail came from a Google user complaining about the poor quality of existing email services, recalled Larry Page, Google co-founder and president, Products. "She kvetched about spending all her time filing messages or trying to find them," Page said. "And when she's not doing that, she has to delete email like crazy to stay under the obligatory four megabyte limit. So she asked, 'Can't you people fix this?'"
The idea that there could be a better way to handle email caught the attention of a Google engineer who thought it might be a good "20 percent time" project. (Google requires engineers to spend a day a week on projects that interest them, unrelated to their day jobs). Millions of M&Ms later, Gmail was born.
Kinda fishy.
OK fine. So you don't have a GMail account, but what if you send mail to one?
Your boss: "I'm on the road - send me your status report IMMEDIATELY to yourboss@gmail.com"
Recruiter: "I have a job for you - send me your resume at somerecruiter@gmail.com..."
Seems to me that if they give you a free gig of space, some targeted ads aren't too much to pay.
"Seems to me, Mr. Jefferson, if England gives you the security of their navy, a little taxation without representation isn't too much to pay."
"Seems to me, Mr, Franklin, if we can give up a little liberty for security, that isn't too much to pay."
"Seems to me, Mr. Churchill, giving up 'a distant country of which we know nothing' in order to get 'peace in our time' isn't too much to pay"
Do you write no email that is personal enough that you'd object to Google looking through it in order to serve up ads?
If you're willing to give up your privacy for mere convenience, what else are you prepared to give up?
How much for your right to vote? A gigabyte of space? Two?
How much for that freedom of speech -- I mean, when did you last need that? And freedom of assembly, will you throw that in too, for say, three gigabytes?
You're not hiding anything in your email, so you're probably not hilding anything your house either -- let's install some free anti-crime cameras in your bedroom -- for your protection of course.
Did I miss the memo telling me that Americans had become so lazy we can't even get up off the couch to protect our privacy anymore?
Alles in Ordnung, Herr Reichsminister!
Opinions on the Twiddler2 hand-held keyboard?
I'm sure the first thing the hotmail staff do when they get into work on a morning is read all my mail to find out what a fascinating life I lead.
As soon as Bill Gates and his henchmen manage to reconcile the facts that I am a 104 year old man from Zimbabwe, lots of hot teens want to meet me and I have a massive interest in cable descramblers then I am sure they have some evil plan to oppress me.
Whats the diffrence between Hotmail, Yahoo, Every other free email provider out there And Google..
Nothing, google is just upfront and honest about whats happening to your emails.
They have to "scan" through them to provide virus and spam protection.
They will use there distributed approach to searching to provide fast web based email services. This means your email could be on 100's of there servers at the same time. When you hit delete it might take a while for it to be removed from all systems.
Here a company steps forward and is 100% honest about what they are doing and we flame them.
No wonder we have to deal with lame support and excuses from companys every day.
Personal Website
I got excited about this almost ten years ago. I installed PGP in my email client, made my keyring (or whatever it's called) and sent a few test messages to myself. After a couple of years in which time I never found anyone who even understood the idea, I gave up, never bothered to reinstall when I moved to a new PC.
Wow, I think you're getting fired up on a non-issue here. Your rights aren't being violated, if you feel that Googol's scanning your mail for ads is invasive, then don't sign up. The analogies youhave madew are all coercive, whereas Gmail is voluntary.
I can CHOOSE to give up my right to privacy in this matter to a company I trust without giving up my Right to Privacy in general, let alone my free speech, voting and assembly.
You seem to be strong on rights. What about Googol's right to offer a service for no money in exchange for policies they lay out in their eula? They are by no means being coercive, they have no monopoly on email and are merely trying to float a new internet service. They are not even being deceitful about it, as we all know about their advertising policy before the service is released to the public.
This is not some mandatory big government service here, merely a private company trying something different.
Around here there are people who think that Microsoft is evil. There are also people who think that Google is evil. These groups might have some overlap.
Slashdot is not a collective mind. You are not the only free thinker.
Boo hoo!
Somebody call the whaaaaambulance!
First: If you read the EULA before you checked the box, you'd know about how they're going to use the info. So, it's not an invasion of your privacy. You told them they could do it! You 'signed the contract'.
Second: They're not trying to hide what they're doing AT ALL. They should be commended for that. It's stated right there on the main page.
Third: You should know by now that privacy doesn't exist. If you need to hide something, don't hide it on a cheapass server owned by someone else. Get your own co-located box and encrypt your mofo-email! PGP, baby. Or get a Hushmail account.
Fourth: It really is a genius revenue model. Minimally invasive. Text-ads are acceptable. Unlike Hotmail & Yahoo, Gmail won't have any annoying banner ads or pop-ups. That is awesome.
geeks are cats who dig a certain kind of cool
"Microsoft is just trying to make money too. So why then do people around here believe Microsoft is EVIL, when they have the choice to simply use something else (like LINUX)."
Microsoft actively tries to destroy companies that it thinks might interfere with their monopoly. Further, it uses its monopoly position to force deals upon other companies (for example, if you sold *any* PCs with Microsoft OSes, you had to pay a licensing fee even for those machines that did *not* have the Microsoft OS installed). Google has never done anything like this, AFAIK. Microsoft leverages its monopoly by requiring people who accept one piece to accept others (e.g. their EU case). Google offers people the *option* of using this service (and it is possible that they may not be able to offer the *option* in Europe if this is a real limitation; more likely, they will just tweak their service to bring it in line).
It's not making money/not making money. It's living honorably when you're at the top. Google traditionally has; Microsoft traditionally has not.
Why do you get to decide unilaterally when the deal is off?
"Defending Google" here is defending the right to enter into agreements. You, apparently, want to be protected from your decisions by being able to change the terms of service if you don't like them at a later date and you want the force of law, through regulation, to enforce your preference.
You don't need regulation, you need to be responsible for your decisions.
Your concerns might be valid, I don't know. But, and I know you are sick to death of this, if you feel this way, "DON'T USE IT THEN". That would be a way of 'telling a company what the consumer wants'. But, you don't really want to tell a company what the consumer wants, you want to force the company to provide a service that you want.
Repeat after me, We are all free thinkers...
We are all free thinkers...
why are the two mutually exclusive? Why can't google make a good service, and be paid for providing that service?
Reason, free market capitalism, and individualism