Slashdot Mirror

← Back to Stories (view on slashdot.org)

Privacy Complaint Against Google's GMail Service

Posted by CmdrTaco on from the that-didn't-take-long dept.

CRCates writes "Privacy groups in the UK have filed a complaint against Google over its new Gmail service. Privacy groups said they were concerned about Google's ability to link a user's personal details, supplied in the Gmail registration process, to Web-surfing behaviour through the use of a single cookie for its search and mail services. "

18 of 447 comments (clear)

  1. Erase the cookie by Anonymous Coward · · Score: 5, Insightful

    Erase the cookie. Don't use the service. How do you know Yahoo! doesn't read all it's mail?

    Welcome to paranoia.

    1. Re:Erase the cookie by sgtron · · Score: 5, Insightful

      Hotmail, Yahoo, GMX.. they all *read* your email.. let me explain. All these services have "anti-spam" measures in place. They scan all your email for certain terms that would identify it as spam. Now, what is Google doing differently? They also scan your email, not only for spam words, but for ad keywords. I don't see the big problem here honestly. If you don't want your email scanned for spam terms or ad words, just use a real isp and run your own anti-spam software.

      --
      No todo lo que es oro brilla
  2. Eternal cookie by JosKarith · · Score: 5, Funny

    This would be the cookie that doesn't expire till 2038 yes?

    --
    'Don't worry' said the trees when they saw the axe coming, 'The handle is one of us.'
  3. Re:How can they do this? by darien · · Score: 5, Insightful

    Presumably this group wants Google to get it right before it's released to the public! Which seems fair enough to me. Isn't that what being in beta is for?

  4. Er... by Inuchance · · Score: 5, Insightful

    If you don't want them to have your personal info, then don't provide it! GMail is a service, not a requirement.

  5. Nobody's forcing you... by LinuxOnHal · · Score: 5, Interesting

    If someone has a problem with the way the advertising is done, then they shouldn't use it. It is not like Google is hiding all of this information from their users.

    All of this complaining and bickering for a service that is not yet released...

    --
    Trying is the First Step to Failing --Homer Simpson
  6. I wish to register a complaint by minus9 · · Score: 5, Funny

    I wish to complain about the post I am going to make half an hour from now. It is inflammatory and totally uncalled for.

  7. Why shouldn't google be able to link data? by Chris_Jefferson · · Score: 5, Insightful

    I'm still not entirely sure what everyone's complaint is here. You don't have to join Gmail to use google. They openly admit that they may combine data (unlike everyone else who do combine data but refuse to tell anyone about it)

    If you don't want google using your data, don't give it to them. Personally, I'm happy for google to have all my data if it will improve my browsing and emailing experience, and that is my personal choice to make.

    What people should be complaining about is insurance and credit card companies which buy incomplete and incorrect sets of data and judge your credit rating based on it (it's happened to me). Now thats dodgy.

    --
    Combination - fun iPhone puzzling
  8. Microsoft Exchange? by Wingchild · · Score: 5, Interesting

    "Residual copies of email may remain on our systems, even after you have deleted them from your mailbox or after the termination of your account," Google's Gmail says in its privacy and terms of use sections.

    snip

    "If a person deletes an email, he should be confident that email is actually deleted," said Maurice Westerling, co-founder of Bits of Freedom, another privacy interest group, based in the Netherlands.

    MS Exchange has settings for the email retention period. If you delete something from your mailbox in Outlook, then empty your Trash folder, it's effectively gone from your view and you've no way to retrieve it. It is however stored in Exchange for as long as the administrators wish to hang onto it (and that "deleted" email is, indeed, backed up and restorable).

    If you shift-delete an object out of your Inbox, using that wonderful permanent-kill technique that the tech-savvy thinks protects and anonymizes their email... it's stored for the email retention period listed by the sysadmins, is backed up, and is restorable. It looks very dead to /you/, but not to /us/.

    (fyi, the only real way around this is to edit your Outlook client so that you can get the Recover Deleted Items option on every object in your inbox [as opposed to just the Recycle Bin], then habitually view -- and purge -- that information on a schedule that is more frequent than the one used for our backups. That'd work.)

    Anyway, the shorter point is, this kind of thing happens. The reason is happens is liability. If a criminal organization is using Google's GMail system for planning a robbery, or if a terrorist group decides they want to attack rail systems in Europe and wants to do so by using random public terminals to sign into email accounts that someone else hosts, it's a problem. If law enforcement comes looking and Google has to say "Oh, sorry - we respect privacy so much that we absolutely and permanently delete all traces of all email the second you touch the delete object!", it will not be a pleasant thing. The investigators will not be happy.

    Alternate question; do you really think that your email is permanently gone from Yahoo! and Hotmail?

    Do you really think they can't restore to an arbitrary point in time?

    Do you think they wouldn't turn that info over to law enforcement in a heartbeat if a court order came down? :)

    Are the rules /that/ different in Europe?

    1. Re:Microsoft Exchange? by dave420 · · Score: 5, Informative
      The real reason they're keeping the data is the way google's distributed file system works.

      It uses 64mb-chunks of disk space, and instead of erasing data from within the chunk, it just flags it as deleted, thereby not fragmenting the filesystem fantastically. That method means it's practically impossible to delete the email.

      It has to be kept on their filesystem as the inbox is searchable, and 1gb large - raid arrays just wouldn't cope with that stress (and it'd take 3 days to search your mail). The filesystem is the real genius of google - their system is made of hundreds of terabytes of storage on a distributed system. Thousands of servers running redundantly. When one dies (with that many it's a regular occurance) it gets swapped out seamlessly. The processing on the data also requires huge bandwidth throughput.

      To me, it looks like the google boys found a great use for their systems, but the very methods that make them great contradict local law in some areas they're selling in.

      Oh, and the rules are that different in europe ;)

  9. Data Protection Act by Aardpig · · Score: 5, Informative

    Look, they aren't charging for the service, nor are they forcing you to use it.

    Whether its free or not is irrelevant. In the UK, there is legislation (the so-called Data Protection Act ) which places tight constraints on how personal data is archived and managed. If the Google mail service falls foul of this act, then it does not matter whether or not the service is free; it is still breaking the law.

    --
    Tubal-Cain smokes the white owl.
    1. Re:Data Protection Act by AlecC · · Score: 5, Informative

      But the DPA prevents usage of personal information for purposes other than that for which it was collected. If anybody explains why they are collecting information about you, and receives your OK to do so (opt-in, not opt-out), it does not seem to me that they are breaking the DPA. Google is very open. If they put all this clearly (as they do) in their Terms and Conditions, and then keep to their word, I don't see that the DPA being involved.

      --
      Consciousness is an illusion caused by an excess of self consciousness.
  10. Not that simple by GreenCrackBaby · · Score: 5, Insightful

    The article is very clear: privacy groups aren't just arguing that Google is violating privacy, they are arguing that Google is violating the law (by violating privacy).

    It seems that European privacy law is much more strict than US law, and by retaining a subscriber's email even after they have deleted it or cancelled their account Google is breaking those laws.

    Huge difference.

    --

    "The market alone cannot provide sufficient constraints on corporation's penchant to cause harm." -- Joel Bakan
  11. Privacy Groups by Fortress · · Score: 5, Insightful

    Any one else think it's odd that a privacy group is complaing about a service that isn't available to the public yet? I'm all for privacy, but let's pick the reasonable battles. It will be repeated ad nauseum here, but you don't HAVE to sign up for Gmail.

    I would much rather that privacy groups spend their finite resources fighting the stuff we don't have the option of avoiding, Big Government and such.

    Seems like any other organization, privacy groups have to justify their existence by creating problems where none exist.

  12. Knee Jerk reaction by AlecC · · Score: 5, Insightful

    This seems to me to be very much a knee-jerk reaction. Provided that Google is up-fromt will all this, why shouldn't I be given the opportunity to opt-in to such a service? I entirely agree that this should not be done secretly - but Google is very upfront. Surely it is not an invasion of privacy if I explicitly accept that Google will scan my mail as part of paying for the service.

    I like Google Adwords. Given that advertising is an endemic part of life, and is not going to go away, Adwords is the way I want it. Let Google take all the advertising revenue with Adwords, and may the popup merchants go broke. If Google want to offer a paid-for non-Adwords service, I shall think about it - and probably not buy it.

    As to keeping some of your email when you delete it - I don't think this is intentional. AFAICS Google has a "weak delete" policy - they try to recover deleted space, but if they don't recover it all, too bad - disks are cheap. So there may well be old copies of your emails hanging round. What the hell - they are not indexed, so it will take a deep search to find it. Do Yahoo, Hotmail & Co guarantee a destructive overwrite when they delete your mail? I doubt it - in which case they might have an old copy lying round on their disks.

    So, privacy people, don't spoil what looks like it might (subject to confirmation, of course) be a useful, opt-in service because of arcane potential privacy problems.

    --
    Consciousness is an illusion caused by an excess of self consciousness.
  13. Email is not private by lordbios · · Score: 5, Insightful

    Email in its basic form is not, nor has never been, private. There have never been any promises that email was private. I remember from the first time I used email that it was always likened to mailing stuff on a postcard, not in a sealed envelope. It's also not like Google is trying to hide the fact that they are scanning your emails. It is right out in the open in the terms of agreement. If you don't agree, don't sign up...

  14. Lots of ways to get yourself in the GMail database by Anonymous Coward · · Score: 5, Insightful

    OK fine. So you don't have a GMail account, but what if you send mail to one?

    Your boss: "I'm on the road - send me your status report IMMEDIATELY to yourboss@gmail.com"

    Recruiter: "I have a job for you - send me your resume at somerecruiter@gmail.com..."

  15. To much tin foil in the air by cyberlotnet · · Score: 5, Insightful

    Whats the diffrence between Hotmail, Yahoo, Every other free email provider out there And Google..

    Nothing, google is just upfront and honest about whats happening to your emails.

    They have to "scan" through them to provide virus and spam protection.

    They will use there distributed approach to searching to provide fast web based email services. This means your email could be on 100's of there servers at the same time. When you hit delete it might take a while for it to be removed from all systems.

    Here a company steps forward and is 100% honest about what they are doing and we flame them.

    No wonder we have to deal with lame support and excuses from companys every day.

    --
    Personal Website