Slashdot Mirror
Gmail's 'Self-Destruct' Feature Will Probably Be Used To Illegally Destroy Government Records (vice.com)
An anonymous reader quotes a report from Motherboard: A new update rolling out for Gmail offers a "self destruct" feature that allows users to send messages that expire after a set amount of time. While this may sound great for personal use, activists fear that government organizations will use the feature to delete public records to hide them from reporters and others interested in government transparency. Normally, government emails are available to journalists, researchers, and citizens using Freedom of Information Act requests (and its state-level analogues.) The self destruct feature was announced on April 25 as part of Google's new confidential mode for G Suite. In addition to self destruct, confidential mode allows users to delete messages after they have been sent and places restrictions on how recipients can interact with received emails. "As more local and state governments and their various agencies seek to use Gmail, there is the potential that state public records laws will be circumvented by emails that 'disappear' after a period of time," the National Freedom of Information Coalition wrote in a letter to Google CEO Sundar Pichai. "The public's fundamental right to transparency and openness by their governments will be compromised. We urge you take steps to assure the 'self-destruct' feature be disabled on government Gmail accounts and on emails directed to a government entity."
e-mails can't selfdestruct once my pop-mail client gets them.
I doubt the self-destruct feature will delete the actual email from Google Vault where these FOIP requests are performed.
I for one agree. We absolutely need to keep our government (which we pay for) accountable.
I personally think we need a transparent government much more than a small or weak (which borders with ineffective) government. If government is transparent, open and accountable, then many issues about limiting its power are moot, IMO.
We learn from history that we learn nothing from history - Tom Veneziano
I hope it would be just as illegal to use "self destructing email" to send government email as it would be to erase the email any other way.
As for incoming email, I would hope the government would have an obligation to keep it. If the email is self-destructing, that means they have an obligation to either prevent the destruction or preserve a copy.
If I'm wrong, then by definition the laws that supposedly require email retention don't, in fact, require email retention.
we need to stop this foolishness of non-government mail and file servers, using personal resources for official business, and not properly archiving everything, period, not daily but continuously.
Expensive but worth it.
deleting the extra space after periods so i can stay relevant, yeah.
If you voted for Hillary, you're a traitor.
Huh. Does the same hold if you voted for our comrade in chief.
Hey smart guy where is your proof?
This is right up there with the pedophile ring ran out of a pizza shop accusation.
Ultimately you got to let it go because Hillary lost. She's not in government right now. And no longer relevant, unlike our current Traitor in Chief
If you voted for Hillary, you're a traitor.
I picked the least-bad option that had a chance of winning. President Hillary would not have been good, but it would have been better than the outcome we got.
Any government entity worth their salt *should* have an archive system, like a Barracuda, etc. This allows an auditor (or attorney, public info office, etc) to do searches to fulfill FOIA requests. There are people out there who make a living off of making requests and hoping the city gets caught. It's like a $50k fine from the state here and a good chunk for the troll.
Any govt office that wants to hide stuff is not going to have the archiving system in the first place.
This is what drives me nuts about the "small government" voters. If people think the rich and powerful aren't just going to build a large government apparatus for their own use they haven't been paying attention to the last 2000+ years of history. The question is never, will there be a powerful government, it's always, who will that government work for?
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
It's not as if you or I can actually DO anything about it.
Go on, citizen, stamp the vote card. R or D, your choice.
I have not used Outlook for a few years, but even then automatic email deletions were standard. Gmail is actually late to the party with this feature.
Hillary? Gmail is calling. They have you in mind when this was made
unlikely. This feature would mean government agencies and many regulated industries simply won't be permitted to use gmail as you can't have email that self destruct when you have mandatory data retention.
Stop spreading BS you heard on Fox noise, Dumbass. Everything in your post is utter fabrication.
mnem
SMH
automatic deletion where YOU choose to delete yes, not the sender. outlook/exchange also support recall and remote delete and have for a long time. But the receiving system gets to decide whether to honour that request or not.
Sure, but enterprise email also has a "archive this for x time period separate from the user inbox" for various reporting/legal requirements. The user doesn't get any input into it at all.
It's not always about the user!
Don't move past it. Don't learn or grow. Stay mad. It's funny.
Apparently you don't read the news. See article EVERYONE MUELLER HAS CHARGED IN RUSSIA ELECTION PROBE, ALL 22 OF THEM http://www.newsweek.com/muelle...
Print screen or print that fucker out! Print as a pdf even. Wtf? And they canâ(TM)t control what other email servers save and donâ(TM)t save.
This seems like uninformed nonsense.
As far as I can tell, this "self destruct" feature simply sends a link to a webpage to the recipient. This webpage will be able to be taken down. This wouldn't prevent anyone from taking screenshots, and can already be easily done. But in essence: if someone can read it on their screen, it can be archived on the receiver's side. And probably somehow crypto-signed to prove that you didn't make it up later.
Governments obviously have to (or should) comply with certain IT record keeping standards - similar to what big companies have to do for compliance regulations. IIRC, even Google Suites offers outgoing and incoming email archiving.
Exchange has had this kind of functionality for over a decade and tons of government customers. If it wasn't a problem there, why is it now with Google?
Doesn't anyone see a problem with this?
"As more local and state governments and their various agencies seek to use Gmail..."
For an organisation as large, powerful, influential, and as involved in US politics as Google, it sounds like a really bad idea to have sensitive govt. messages flowing through Google's servers. I mean, why not just use a Chinese, Russian, or EU email service for official govt. communications?
National & state govt's should have publicly accountable email accounts with all messages and accesses fully available for audit and those should be the only email accounts that national and state employees and elected representatives use for work related communications.
Debate is a form of harassment. Do not question my truth.
I have not used Outlook for a few years, but even then automatic email deletions were standard.
So far as the unrelated topic of deleting a sent email, yes Outlook has this ability.
It needs to be enabled, but in a company a group policy can both enable it and lock the setting so the user can't disable it.
By default without that, you get a deletion request and need to respond 'yes' before it deletes the email.
Gmails feature doesn't do anything like that, mainly because if the email leaves googles servers, they have zero control over it and beyond a similar "honor system" method, it's just not possible to do this using email protocols.
This is more like how Snapchat handles pictures with auto-destruct.
Google takes your email and stores it, then sends the recipient an email, not with your message content, but with a URL back to google.
Opening that URL then uses javascript to show an image with your message contents (to make copy/paste a pain), refuses to show the image without javascript (to make script blockers a pain), and deletes the message once viewed or after a certain time.
They probably also employ all the other silly javascript tricks to try and make it as hard as possible to store the image out of the browser, not that those were ever fully functional.
It doesn't take much to get a screen shot by someone who knows what they are doing, but it will stop the vast majority of i-have-zero-clue-computers-are-magic users that make up over 99% of the Internet.
Per this presentation from DHS, any work-related e-mails are considered federal records, and thus subject to record keeping requirements.
It really isn't up to private companies to enforce laws, nor should it be. Granted, with the current US government dedicated to dismantling effective governance, I don't trust the government to do this job. But private companies can't really do anything to prevent it besides lobbying, and I don't trust any private company to be concerned enough to bother with it.
Correct. They are only self-destruct when using Google's platform. Which means only when sent from AND to Google gmail accounts. They may be self destruct for the end users, but you know who they are not self destruct for? Google. They encourage people to send email that's even more sensitive than people already use email for by implying a time-limited duration, then they are the arbiters of what data is private and what isn't. Great scam.
When governments around the world are turning ISPs into federal surveillance departments, I think a self-destruct feature is false comfort. If a government of a country issues a D notice (or NSL), Google won't be destroying any emails despite its 'self-destruct' label. That means a 'self-destruct' label is false advertising: Google decides if the communique is destroyed, not the email.
Self destruct means the sender has control of *my* mailbox?
Oh, fuck off, Google.
Neither Hillary nor Bernie got enough votes to sit in the big chair.
As for our President, Donald Trump, the Commander in Chief, that's another thing entirely. He's certainly no Marxist "comrade".
Hillary, on the other hand, just announced another excuse for her loss: her claim to be a capitalist apparently cost her the votes of many of the Marxists in the Democrat party. Yup. How Hillary has openly admitted that something like 40% of the modern Democrat party consists of evil anti-American Marxist freaks.
Look at it on YouTube.
to restore transparency and accountability.
With huge government involved in everything, the public cannot keep an eye on all thet their government is up to. Average people have lives to live; they have jobs to perform, kids to raise, homes to maintain, vacations to plan, etc. The politicians and bureaucrats know this and count on it. A small central government only involved in international relations, defense, and such can be reasonably monitored and congress can oversee it. A government with hundreds of agencies and thousands of facilities and millions of employees cannot possibly be properly and effectively watched.
that uses this feature _and_ assumes their email is actually unrecoverable should be sterilized; you're just too god damn stupid. you need to realize they're going to have multiple copies of every email ever sent backed up for as long as the company exists. yes, that's right folks, companies back up their data. sure it might be hard in most cases to get access to it (that's the point; that's literally what they're "selling" here.), but the government or whoever needs access to it will be able to get it. once you send something through their system, it will exist for at least as long as the company exists (yes i repeated myself there, but i think people aren't fucking getting this. this feature is pretty much useless).
I doubt that email clients such as thunderbird are going to honor any of these um, ideas.
Mine won't
I have not used Outlook for a few years, but even then automatic email deletions were standard.
No it wasn't. It was highly dependent on the end user's settings. In order for an email to automatically delete itself it would need to be sent with an expiry, the auto-archive feature needs to run, and the auto-archive feature needs to be permitted to delete emails. It was completely dependent on the end user's settings.
C'mon, everyone knows Big Brother Google doesn't really delete your "deleted" emails.
Especially when they're attached to donkeys.
Does anyone do research before going off the deep end?
GSuite for Government is a separate product. There's no indication so far this is even enabled on that offering. The new interface (with the features) is current opt-in on standard GSuite, by the admins. Beyond that, governments using GSuite should have Vault enabled for compliance purposes. Vault doesn't allow users to delete emails before the end of the archive period.
Why is there a preemptive strike against Google when this is basically an administration issue on the governments end? It's not those not using Gmail couldn't selectively purge messages from their local systems.
I am 100% certain google will retain a copy of the message. You just won't be able to see it. Or you could just ask the NSA, FBI or CIA for a copy. There is a reason people want to use private servers.
Literally none of them charged for anything even remotely related to conspiracy or collision, you fucking imbecile.
The end of the Korean War without a shot fired?
Are you really that fucking stupid?
You do realize that there have been plenty of shots fired in the Koren War right? It's been going on since the 1950's....
Literally all of it happened, and is documented in numerous stories from hundreds of news sources.
Search your favorite leftist rag. They buried the articles, but they're there, from CNN to Snopes to Politico to Msnbc.
To: ALL
Hello,
I will be out of the office tomorrow, returning monday.
Please don't get angry for cluttering your inbox. This message will auto delete after 30 days when its message is no longer relevant.
16 of these were Russian "persons" pursuing Russian intelligence goal (sow FUD, amplify existing interval divisions and resentments) , and for the most part outside the jurisdiction of the U.S legal system.Just as (and actually probably to a lessor degree) the US agencies have been influencing politics and culture around the globe for the past 60 years. (especially to fight communism). A few of them were simply charged for making false statements to federal officials, without any real underlying crime, and the rest relate to hiding/obscuring flows of money.
Auto capture mods.
It will take little time for people to write OS/browser tools for performing automated captures when the "open this webpage for the 'email' to be viewed" prompt is seen.
...on the Right to Forget thing.
This isn't the right way to go about this.
If the worry is about government destroying records, what needs to be done is government being forced to conduct business using services that guarantees record keeping. Simple as that.
Gmail is not the only mail server there is out there, people have plenty of choice to use services that already have a self destruct option for years now, so it makes no sense to put the burden on Gmail or any other singular service while taking the functionality out for everyone else just because "government records". Gmail was not created to attend government needs, it was made for a bigger public. If government requires a service with specific traits, they need to have one made custom.
It's a reverse backdoor encryption thing. Just because the police wants to have easier access on potential criminals under investigation that does not justify forcing secure systems to shit all over the privacy and security of their clients.
And quite frankly, stuff like this should be obvious at this point.
As the network admin for a local government entity that uses gmail, and not having had a chance to see exactly how this will work, I have a fair amount of confidence that the 'destruction' may not be permanent. As long as a particular user's account exists, the email associated with that account exists in Google Vault. A user can delete all of their email, but that just means they don't have access to it anymore. As an admin for our Google domain, I am still able to get access to any and all emails.
Yes, if the account is actually deleted, which in our case can only be done by a domain admin, either in our AD or in the Admin Console in Google, then all emails will be gone. Whomever does that, and there are records, will be in serious legal trouble if the account was deleted before the required period has expired, in our case 7 years. Yes, that could hide deeper criminal activity, but as an admin, it is my co-responsibility to keep those laws. This is the same as any other network/server administrator in any government entity anywhere. The trust is there, it's a matter of keeping it.
There doesn't seem to be any serious consequences for people in government retaining incrimination e-mails, either. Well, you might lose an election, but probably not. The loss was caused by the Russkies, or women voters being intimidated by their husbands and fathers, or whatever.
There's no time like the present. Well, the past used to be.
They won't actually delete the e-mail. They'll just mark it that it's supposed to be deleted and who did that. Then later it can come back and the fact they tried to get rid of it.
I'd rather be hanging you from a lamppost in front of your crying wife and children than having this debate.
As they say, first against the wall when the revolution comes.
Enjoy the read, you leftist piece of shit.
Except it will be the jackboots and pretenders like you.
CAPTCHA: cemetery
Think of all the crimes committed using the soil of North America by the criminals!
North America should be evicted !!