Google's Scanning of Gmail To Deliver Ads May Violate Federal Wiretap Laws

New submitter SpacemanukBEJY.53u writes "In a declaration that could make Google very nervous, a U.S. federal judge on Thursday rebuffed Google's defense of its targeted ad system that scans the content of Gmail. Judge Lucy Koh — who also heard the Apple-Samsung case — found Google's terms and conditions and privacy policy isn't clear to users. Koh subsequently allowed a class-action suit to proceed against the company (official ruling). The plaintiffs in the suit allege Google violates federal and state wiretap laws by scannning the messages sent by non-Gmail and Gmail users."

Oh for crying out loud

Will this shit die already, this is getting tiring.

It is an automatic system.

I bet Microsoft is funding this, AGAIN.

Re:Oh for crying out loud

[gandhi_2]

By this logic, all mail virus scanners are also guilty.

Barracuda should be worries about that.

Re:Oh for crying out loud

[Monoman]

You beat me to it.

So I guess the question for everyone is should Google (and others) be allowed to scan communications if they state clearly in their EULA what they are doing and why? Does the answer change when the communications include a parties that didn't accept the EULA?

Re:Oh for crying out loud

[MozeeToby]

I agree with you to some extent. An algorithm searching for keywords and displaying appropriate ads? I really don't have a problem with that. Where I do have an issue is where the information gleaned goes into a big database that Google has on me. A big database that can be subpoenaed, or leaked, or stolen. A database that slowly but surely includes information from nearly every act of communication and internet usage. Even if I were to opt out of Google's services, the fact is if I send an email it's likely going to a gmail address, if I browse the internet there are likely Google servers providing parts of the page.

Re:Oh for crying out loud

By this logic, all mail virus scanners are also guilty.

Barracuda should be worries about that.

The GMail algorithm goes "hey, this guy is talking about being dissatisfied with his job lets promote som job services in the ad space" (yeah, if you think the Google context ads are just simpel keywords think again)

The Barracuda algorithm goes "6e 6f 72 6d 61 6c 20 63 6f 64 65... ok so far so good.. 76 69 72 75 73.. holy shit, stop that"

Re:Oh for crying out loud

[SirGarlon]

A big database that can be subpoenaed, or leaked, or stolen.

So it's only a problem if outsiders get access? You have a lot more faith in Google's present and future intentions than I do.

Re:Oh for crying out loud

You beat me to it.

So I guess the question for everyone is should Google (and others) be allowed to scan communications if they state clearly in their EULA what they are doing and why? Does the answer change when the communications include a parties that didn't accept the EULA?

"Scanning" can mean very different things. GMail scans and extract the meaning of the communication (as best it can and it is getting quite good) *and* then files this in the permanent marketing profile they have on you and which they continue to build on and reuse. So they are extracting, saving, using and building a database of meaningful content from your email and about you. Other forms of scanning is without actually extracting the content itself, and not storing it in a database on you. This is clearly not exactly the same.

You can still think this ruling against Google is silly, but we should be precise on distinctions like that.

Re:Oh for crying out loud

[mystikkman]

... on terms which you have accepted in using the service

Please read the article. The judge specifically said that the "terms are service" are vague and don't indicate that user profiles are being built.

Re:Oh for crying out loud

[somersault]

I don't see any a priori reason why it's ok to invade someone's privacy and the privacy of their corespondents in order to make ads displayed to them more "relevant"

It's okay to it, because they agreed to it to get a free service. If people would rather pay for an ad-free service, they are free to do so.

I'd rather see targeted ads, than random ads.

I don't actually see any ads at all, because I use an adblocker.

Re:Oh for crying out loud

[Dr_Barnowl]

Is isn't privacy. Email is an open protocol. You wouldn't send private communications on postcards, because the postman could read it. This is the same thing.

If you don't know this about email... well, it's as well that people learn.

Re:Oh for crying out loud

[newcastlejon]

So I guess the question for everyone is should Google (and others) be allowed to scan communications if they state clearly in their EULA what they are doing and why?

Debatable, depending on whether or not such a clause falls foul of laws on unfair contract terms.

Does the answer change when the communications include a parties that didn't accept the EULA?

Initially I would say yes, but on the other hand giving out your gmail address knowing that your mail will be scanned would shift the onus onto you in my opinion. In other words, if you want private contact between you and another party you shouldn't be using a service like gmail. Hell, I haven't read the gmail EULA and even I know that they effectively read my email; it's pretty much Google's business model.

Re:Oh for crying out loud

[Mr.+Slippery]

Is isn't privacy. Email is an open protocol.

The wiretap law apparently says otherwise, which is why this has come up.

Yes, as a practical matter, don't assume e-mail to be private. The question here, however, is legal, not practical/crypographic.

Re:Oh for crying out loud

[Mr.+Slippery]

It's okay to it, because they agreed to it to get a free service.

First, the suit alleges that they did not so agree because the TOS are not clear, and furthermore that they can't agree on behalf of their correspondents. (TFA: ""Google has cited no case that stands for the proposition that users who send emails impliedly consent to interceptions and use of their communications by third parties other than the intended recipient of the email," Koh wrote.") Second, if Google is not permitted under wiretap law to eavesdrop, that supersedes any part of a user contract or agreement.

Re:Oh for crying out loud

[dissy]

So I guess the question for everyone is should Google (and others) be allowed to scan communications if they state clearly in their EULA what they are doing and why? Does the answer change when the communications include a parties that didn't accept the EULA?

Here is the very first email Google sent to me when I signed up for Gmail service. Bold is added by me.

Just due to the fact Google already does explain it clearly in their (obviously unread) EULA, as well as in their welcome email, and on more than one help/support page, I doubt explaining it yet another time would make any difference to these people.

----------

Gmail Team 6/25/04 to me

First off, welcome. And thanks for agreeing to help us test Gmail. By now you probably know the key ways in which Gmail differs from traditional webmail services. Searching instead of filing. A free gigabyte of storage. Messages displayed in context as conversations.

So what else is new?

Gmail has many other special features that will become apparent as you use your account. Youâ(TM)ll find answers to most of your questions in our searchable help section, which includes a Getting Started guide. You'll find information there on such topics as:

        How to use address auto-complete
        Setting up filters for incoming mail
        Using advanced search options

You may also have noticed some text ads or related links to the right of this message. They're placed there in the same way that ads are placed alongside Google search results and, through our AdSense program, on content pages across the web. The matching of ads to content in your Gmail messages is performed entirely by computers; never by people. Because the ads and links are matched to information that is of interest to you, we hope you'll find them relevant and useful.

You're one of the very first people to use Gmail. Your input will help determine how it evolves, so we encourage you to send your feedback, suggestions and questions to us. But mostly, we hope you'll enjoy experimenting with Google's approach to email.

Speedy Delivery,
The Gmail Team

Re:Oh for crying out loud

Yahoo has been doing this off-and-on for the past year. They will even embed ads of a competitor of the company that sent the newsletter based on key words. They finally updated their TOS in June this year but they were doing it well before then.

Source, I'm the man that ensures billions of email messages are being delivered every month.

Re:Oh for crying out loud

[sjames]

So if I send you an email at blah@hggdfshjd.org and it forwards to your gmail account (that I don't even know you have), where is my knowledge and consent to the scanning and storing?

That's right, there isn't any.

Re:Oh for crying out loud

[Noughmad]

Let's say I send a letter to a friend, and he shows it to his wife. Where is my knowledge and consent? There isn't, but there should be an expectation that the recipient has the authority to show this letter to others. In GMail, the recipient has decided that he wants to show all his incoming mail to Google.

Re:Oh for crying out loud

[AJH16]

You have to extract meaning to perform SPAM filtering. The irony is we may prevent targeted advertising on GMail and instead get blown away by SPAM everywhere.

Re:Oh for crying out loud

[EXTomar]

To apply "Junk Mail Filtering" requires scanning the contents. Even doing the basic things like checking DKIM and SPF to just do basic validation requires reading and extracting data from the message and storing it for metrics/heuristics is an important thing all modern email systems do now. And this ignores even the fundamentals of delivering the message.

This is not black and white situation. Email systems need to read email messages to make the system work but they also need to read the email to do ads.

Re:Oh for crying out loud

[Imagix]

I sent my letter to Mr. XXXX in BigCorp, but Mr. XXXX's secretary read the letter. I didn't even know Mr. XXXX had a secretary, I expected only Mr. XXXX would read it. Isn't reading someone else's mail a federal offence (at least in the US)? How is this different? I signed up with Google. I know (and authorized) that Google does such scanning. You send me email. My secretary (ie: Google) reads it first, and compiles certain information about the "letters" I receive.

Re:Oh for crying out loud

[haapi]

To amplify, with Gmail, we [non-business] consumers are not Google's customers, we Google's product.
Perhaps Google can make this clearer what we are 'paying' Google in order to get our storage and mail services, but it was never a mystery to me.

--
If God forks the Universe every time you roll a die, he'd better have created a damned large process table.

Re:Oh for crying out loud

[Hamsterdan]

"So they are extracting, saving, using and building a database of meaningful content from your email and about you. "

So does the NSA, yet in NSA's case it's not considered illegal

Re:Oh for crying out loud

[Mitsoid]

If i send you an e-mail @hggdfshjd.org, how do i know your storage or e-mail handling policy?

E-mail has no reasonable expectation of privacy or secrecy. If anything, it is nowadays considered standard that your e-mail will be stored for at least 30 days, or until deleted. Unless you send an e-mail to a government address, then it's longer depending on the branch/locality/etc... or if it's to someone in the financial industry.. then it's saved even if it's deleted (until requested by a probe, then it's deleted)... My point is, everyone has a different policy, and no e-mail between two people can be ensured privacy and secrecy on unencrypted messages. when going between two distant servers

Also, when the message does arrive, regardless of service, the message will also be scanned by a junkmail filter. It will also, likely, be parsed by the recipients mail filter setting, and also by their anti-virus, anti-phising, and other anti-whatever systems. What makes Gmail's system different? If i submit a message to my ISP as junk, I'm releasing your e-mail to a 3rd party without your consent, and half a dozen machines will read it, process it, and act on it.

If we block recipient mail systems from "automated-reading" of messages, we effectively make it illegal to filter ALL junk, spam, and phising protections.
With the track record of poorly-worded laws we've had, I'd rather assume privacy/secrecy risks myself with encryption, than allow judges, lawyers, and elected officials choose the wording.

Re:Oh for crying out loud

Once you send an e-mail to me, that's no longer your property, it's mine now, and I consent to it being indexed. Even if I wasn't using GMail, I'd be using another mail system that indexed my e-mails so I could search them later, and there's nothing you can do about that.

Just realize that you do not retain property rights to things you send me, and then you'll understand how stupid this suit is.

Re:Oh for crying out loud

[Dishevel]

Here is a real problem as well.

I like my targeted ads. They are way better than the non targeted ads. Every great once in a while they are even useful.

Re:Oh for crying out loud

[alexo]

Because, while all animals are equal, some are more equal than others.

Re:Oh for crying out loud

[ElectricTurtle]

If you send mail to your congressperson, it's rather certain that an intern reads it. Do you get notified of this? Of course not. All this BS about Google is just ad-hating angst. Because I totally want another bill to pay instead of ignoring ads. All the whiners and mock-appalled/offended need to grow up.

Re:Oh for crying out loud

[kqs]

In other words, if you want private contact between you and another party you shouldn't be using a service like gmail.

If you want private contact between you and another party, well, good luck enforcing that from your end. You can send them an actual letter, which they can keep secret or they can show to their spouse, their lawyer, or the New York Times.

This whole thing seems to be "I want the courts to let me determine what you are allowed to do with the email I sent to you". I am amazed that anyone thinks that this is a good idea. I have a gmail.com and a .org account, both through Google, and I let Google look at my mail for spam detection, categorization, etc, because I'm tired of dealing with spamassassin and procmail. And now these guys want to tell me that I cannot do that????

Re:Oh for crying out loud

[kqs]

You're right. If you send me a letter, and I show it to my wife, well, you didn't consent to that. Hell, I can show it to the New York Times, and you didn't consent to that, and tough shit to you. Once you send it to me you cannot control who I show it to.

Please stop trying to tell me what I can do with MY email. You sent it to me, so you no longer control it. Stop trying to control me.

Or are you trying to say that gmail users didn't consent to Google having access to their email? Despite the text they saw when they signed up, the contents of the first letter in their inbox, and Google's greatly simplified privacy policy that was all over the news a year ago for months on end? Hell, I applied for this credit card but didn't realize I had to pay it back, pretty please mister judge fix that for me!

Re:Oh for crying out loud

[kqs]

Wow, you truly have no idea how anti-spam algorithms work. Please read up on bayesian networks. They are used by anti-spam software, and they (or something similar) are used by Google's ad systems.

They are exactly the same system. Exactly.

Lucy Koh isn't the brightest judge on the planet

[maroberts]

...she was(is?) the ringmaster for the Apple Samsung patent battle.

Personally if I wanted a decent tech judgement I'd move heaven and earth to end up before Judge Alsup (Oracle v Android)

Re:Virus scanning is a service

[gandhi_2]

Somehow I doubt "federal wiretapping laws" take into account how much the person being tapped does or does not enjoy the results.

Amazon Does this too

[gishzida]

Google isn't the only one that reads your mail.

If you have a Kindle Fire or Fire HD they are reading it too. I had the upsetting experience of reading an email on my Kindle Fire HD that announced my father's death and then not more than a few hours later was served a "recommendation" on my Kindle a book on how to write a Eulogy.

I deleted my email account information from the kindle and shut down the recommendation system on the device... and I told Amazon how creepy they were... At least Google hasn't served creepy ads like that... so far...

Maybe Amazon should learn from Google and adopt "Don't Be Creepy" as their motto. Are you listening, Mr. Bezos?

[By the way I tried at the time to put Amazon's actions up as a news story on Slashdot... but it was not picked up as a story...]

Re:Amazon Does this too

[Internal+Modem]

You weren't published by Slashdot because you didn't have a blog that quoted another blog that linked to the original blog which had a link to a news aggregation site pointing to the original story.

I wish

[no-body]

The same scrutiny would get applied to NSA's escapades but they get a free ride on everything.

Re:Virus scanning is a service

[mjtaylor24601]

Virus scanning is a service a provider can deliver to its customers.

Scanning mails for the benefit of the provider for advertising is not beneficial to the customer.

...except in so far as it allows the service provider to make a profit thereby enabling the customer to get access to the service for free.

No they're not...

[mystikkman]

The judge mentions this in her ruling:

...generating user profiles or to provide targeted advertisements.

Spam filters and mail virus scanners don't do that.

Re:No they're not...

[Imagix]

Actually, many spam filters do. They're not just blind pattern matchers, they do have algorithms that continue to tune the filters' effectiveness, even without human intervention. They may also download other databases from their home (like Barracudacentral), but that's so that your spam filter can take advantage of the tuning that the other thousands of other spam filters are assembling as well (which might get your filter one jump ahead of a spam blast as a filter in Chicago has already seen the blast, but it hasn't reached Seattle yet...).

Informed consent? Really?

[satch89450]

"But people who send e-mail imply consent..."

I'm a long-time Google Apps user, and my company's domain is on all mail receipents' mail, not "gmail.com". So how can you have implied consent when the sender doesn't know that the mail is being sent through Google?

Re:The REAL news of the day...

[fustakrakich]

Yes, you and I are not allowed to listen in and record the feds.

Re:If Google can do it

[Unknown74]

too %%#&^# LAZY...can't even deliver the mail

Re:Virus scanning is a service

As I understand it, that's actually a key part of Judge Koh's ruling: The *sender* of the email doesn't know that their email will be scanned for profit, only the receiver. And it's the sender's communication that's being wiretapped.

The sender "can't take their custom elsewhere".

How could Google have been any MORE clear?

[sirwired]

Google has been 100% up-front, since the day they announced the product, that they were going to pay for GMail by scanning your mail messages and guessing at relevant ads. They have made utterly no effort whatsoever to hide or obfuscate this fact.

Re:How could Google have been any MORE clear?

[Bucc5062]

What you state has merit, but what stops a postman from opening a letter, reading it, and perhaps acting upon the contents. Sure the envelope provides a modicum of protect from casual reading, but it does not take much for a person to use a letter opener on someone else's mail. What stops them (for the most part) is that mail is protected under the Constition, under the law and as such can bring legal trouble to said letter opener.

As a computer or tech person, you may see an email as "open" like a postcard, but most of the population that uses email does not see it that way. They type a letter, hit send, and the binary is routed through the "internet" to the recipient. That it may pass through servers, routers, program analyzers is not in the mind set of the sender; just like they really don't know how many hands touch that envelope.

I am a software developer, I do understand that my email can be "read" in route, but what bothers me is that that email is not accorded the same protections as my hand delivered envelope, Some reads my letter by steaming open the envelope, bad; someone reading my email because they can catch it in route; okay. That is not how it should be. If someone reads my email (without my permission) they should be held to the same level of privacy invasion as one who reads my snail mail. If I give gmail permission to scan my mail so be it, but that does not mean I abdicate my privacy for anyone else to read it. At least that is how email should be viewed today.

Re:How could Google have been any MORE clear?

[Todd+Knarr]

No, but the person you're sending the e-mail to has. When you send physical mail to someone, you don't know if they've got a secretary opening and reading all their mail for them. They could even have an outside company doing it (what, you think Hollywood stars and politicians read and answer their own fan or constituent mail?). And the law has absolutely no problem with this, nor with the idea that if this will be a problem for you as the sender then it's your responsibility to sort this out with the recipient before sending your mail.

Federal wiretapping laws

[Highland+Deck+Box]

Right cos those were soooooo effective at stopping anyone like the NSA tapping every wire ever. Or is this one of these things where it's ok if a government organisation does it, like how the US army can't commit terrorism because they are the "good guys"?

Re:Federal wiretapping laws

[FatLittleMonkey]

NSA doesn't tap wires. They tap fibre.

Re:Lucy Koh isn't the brightest judge on the plane

[frinsore]

There are some pretty interesting points raised in the case that I think should be addressed. I'm on google's side, the service that google provides me is worth their database about my habits. That's my choice and I knew it going in, even Microsoft advertises that Google does this. But privacy policies, EULAs and such have become stupidly complex. An average user can't be expected to read those tedious documents and I doubt if more then 1% fully read any of the contracts they click to accept. FTFA: "that a reasonable Gmail user who read the Privacy Policies would not have necessarily understood that her emails...". I can see this as a way to require human readable EULAs and privacy policies instead of the pages and pages of legalese that currently exist.

There's also the question of who "owns" the data in an email. If someone sends me an email, do they still own it and am I restricted in how I handle that email according to their wishes? Should they be informed that I'm saving the email on a server or that I've printed out a copy or that I run it through a spam filter? Most engineers would agree that I can do whatever I want to the email as that copy of the data is mine to use as I wish but IP lawyers can argue that I don't have the intellectual property rights to use the data except by whatever rights the owner has granted me.

I'm really hoping that this case can be appealed and finally set some precedence to some of the crazy shenanigans.

What about spam filtering?

[NoNeeeed]

If the court decides that mail providers cannot, on principle, be allowed to scan the content of a mail message then I don't see why it wouldn't affect content based spam filtering.

This case could have interesting ramifications for all mail providers if the court decides this violates wire-tap laws.

Re:What about spam filtering?

[Tom]

The law and the courts are smarter than most /. geeks. They understand the concepts of "intent" and "purpose".

No, no it doesn't.

[bmo]

>The plaintiffs in the suit allege Google violates federal and state wiretap laws by scannning the messages sent by non-Gmail and Gmail users."

The ECPA says that email is different and that only watching the live transmission outside the normal checking of function of the email system by a person when not otherwise disclaimed by the privacy policy is the equivalent of a wiretap.

That's because email is a store and forward communication, not the equivalent of a phone call.

When the ECPA was written, it had to be written in a way that prevented turning all operators into felons when they weren't deliberately spying on their users. This is the "hole" (it's not really) that Google is using to justify the machine reading of email, if it's spelled out.

I have read the Gmail privacy statement. To me it covers their ass in this regard. The Gmail privacy statement applies just as much to incoming mail as it does to outgoing. But even if it doesn't, when you send email, unless it's encrypted, it's the equivalent of a postcard. Are we going to be throwing meatspace postal workers into jail when they read the text next to the address on a postcard? That would be insane and unrealistic expectation of privacy, wouldn't it? That's not just my opinion, it's the opinion of everyone who knows anything about email. It's not a new concept, either. It's been expressed in books like my copy of the first edition of "Navigating The Internet" where the author introduced this "new thing" called the "web."

Calling this wiretapping and removing the safe-harbor sets a dangerous precedent and will turn all operators into felons.

While there is the desire to have complete privacy when it comes to email, unencrypted transmission and text negate any realistic expectation of privacy. Privacy starts with the user and ends with the user. If you don't want people reading your stuff (besides the fuckin' NSA spit), take measures to keep them from reading it. Instead of sending plain text on the postcard, encrypt the text with your (figurative) Ovaltine Decoder Ring and get your friends to use their decoder rings.

http://www.youtube.com/watch?v=zdA__2tKoIU

There is a crying need for transparent encryption methods in communication software, and it boggles my mind that this hasn't happened yet.

--
BMO - Drink more Ovaltine.

Re:No, no it doesn't.

[Bucc5062]

My point is that when I mail a letter I have an expectation of privacy, outside of encryption, because that letter is in an envelope that is protected by law, not Mathematics. The average (meaning most) humans are not going to encrypt every letter they write so they depend on the law to provide protection. To actively read my mail a person has to open the envelope.

When I send an email, the "data" may be plain text, but routing servers and mail managing program do not actively read content. Their programming is delivery. That header is my envelope (which is why the icon does make sense). The only way to read that email is either through a mail manager program under my control, a server based mail manager program under my control (webmail programs), programs like gmail which add programming to read my mail with my permission, or the last which is programs that actively open my mail without my permission. The data is not just "sitting around", at some point there has to be a human action to view the contents *with intent*.

The law says you can't steal or open my mail in route, or sitting in the post office, sitting in my mailbox, or sitting in my house. I feel the law should be extended to include email for there are similar mechanisms in place to differentiate between an active intent to view the contents and the act of delivery which does not. An postcard is public simply because if left in the open it can be read. An email is not a postcard in that it still takes an action, even the effort open a program to read it. That is my expectation or privacy.

Re:No, no it doesn't.

[garutnivore]

Are we going to be throwing meatspace postal workers into jail when they read the text next to the address on a postcard? That would be insane and unrealistic expectation of privacy, wouldn't it?

The comparison is not apposite. What Google does is akin to postal workers scanning postcards and storing them in a database which is used to profile people so as to push services on them. You can be certain that if postal workers did this, then there would be an outcry.

That's not just my opinion, it's the opinion of everyone who knows anything about email.

I've been an email postmaster since the early 90s. Your opinion is not by any means representative of "the opinion of everyone who knows anything about email." The issue is not storing the emails but the damn data mining that Google performs on them. I've never data-mined the emails stored on my server, nor have the postmasters that I've had the pleasure to work with. As a matter of fact, we take measures to avoid accidentally looking at people's emails. That they are not encrypted does not make it okay to snoop. It's called having a sense of ethics.

And we (me and the postmasters I've worked with) all think what Google is doing is shit.

Re:No, no it doesn't.

[alexo]

Are we going to be throwing meatspace postal workers into jail when they read the text next to the address on a postcard?

If a group of postal workers read every single postcard you sent or received via that service, saved all the text in a database, indexed and cross-indexed it by keywords, dates, senders and recipients, addresses and names... Than, yes, I'd expect their asses to be thrown in jail for a long time.

Re:No, no it doesn't.

[Tom]

Are we going to be throwing meatspace postal workers into jail when they read the text next to the address on a postcard?

legal fail.

The law, contrary to most geeks, understands the difference between random events and systematic, intentional, for-profit activities. And frankly, if you don't understand the difference between a postal worker who looks at a postcard every now and then, and some automated system that scans every postcard going through the entire postal system, then I'm not sure I can explain it to you, because I'd probably have to start by explaining the meaning of "the".

The second important point is that the privacy of communications does not and should not depend on sender and receiver having to encrypt or otherwise secure their communication. The privacy of your communication is a right. If you can secure it by technical means, you wouldn't need the right. The right exists precisely because of the imbalance between an individual and his means to secure his communications, and huge entities like corporations and the government and their capabilities to break this security.

I also reject that the gmail privacy statement applies to an e-mail that I as a non-gmail user send to you. We may possibly discuss about the case that you're using an @gmail.com address - but you don't necessarily do. Many people forward their mails to their gmail accounts from a non-gmail address.

Re:So who did Google piss off?

[PPH]

Probably the NSA. Not directly, but this is the push back to all of the bad press they have been getting since the Snowden leaks. Hold Google and other service providers feet to the fire and they'll go to Congress begging to have the laws relaxed.

Oh, and once you've got your relaxed laws, Google, you'll be happy to share all that scraped data with us, right?

NSA?

[DoofusOfDeath]

What's the relationship between (a) wiretap laws, and (b) the reasonable expectation of privacy?

Because if the NSA didn't need a court order to obtain my emails from Google, do the same factors imply Google had a right to scan those same emails?

Or are different legal issues at play in those two cases?

There is a problem ... and a solution.

[technosaurus]

Either by regulation or agreement, if the scanner comes across the string "[DO NOT TRACK]" anywhere in the mail, scanning should stop and that data should be discarded... That would be the non-evil way to prevent unconsenting 3rd parties from being tracked.

Re:Virus scanning is a service

[gandhi_2]

For the VAST majority of all Gmail users, that has been the known deal since they started.
It was free email, with automated targeted advertisement. This isn't news to any of us who remember when Gmail was a new thing.
It is THEIR free system, and people are free to chose another provider.

Do you think that server farms, huge pipes, high-end sysadmins, and high-end developers are free? For the purposes of free Gmail, as was ALWAYS a part of the deal, their targeted ads ARE just as necessary as parsing envelope headers.

Re:So who did Google piss off?

[organgtool]

This is typical anti-company behavior by the federal government.

This is part of a class-action lawsuit that was initiated by a group of private citizens, not a government entity.

Regardless of the discussion if they are right or wrong, Google was not bothered in the past, so apparently they pissed someone off at the federal level and now they are out to shut them down. ( and i'm sure extort them on the ride ).

Nobody is going to shut Google down. At worst, they have to pay a relatively small fee and send out a revised Privacy Notice that outlines their data collection methods more explicitly.

I bet they were asked to do something way out of line and declined and now will pay the price with complete shut down. But that is just theory.

No, it is not a theory. Theories are based on evidence and the only thing you've spouted is pure conjecture.

Re:Virus scanning is a service

[kwbauer]

And as many others have pointed out, the judge's logic is flawed as it would also outlaw the use of secretaries and interns reading mail (electronic or otherwise) for executives, politicians and, most likely, Judge Koh himself. Once you send correspondence to someone then they are free to do what they want with that correspondence including having others scan it for content. Granted, sometimes they are limited by confidentiality but then they wouldn't be soliciting that correspondence to be sent via unencrypted email.

If a gmail user has given permission to Google to scan the user's email for the purpose of giving the gmail user targeted ads is in violation of wiretapping laws, then the judge or his interns and secretaries are also in violation of similar laws regarding the US Mail. Also, email is the modern equivalent of the US Mail*, not the phone system so it shouldn't really be subject to wiretapping laws in the first place. it should be subject to the laws that cover the US Mail*.

*Substitute your local government Postal Authority if not in the US.