Slashdot Mirror
Gmail's 'Self-Destruct' Feature Will Probably Be Used To Illegally Destroy Government Records (vice.com)
An anonymous reader quotes a report from Motherboard: A new update rolling out for Gmail offers a "self destruct" feature that allows users to send messages that expire after a set amount of time. While this may sound great for personal use, activists fear that government organizations will use the feature to delete public records to hide them from reporters and others interested in government transparency. Normally, government emails are available to journalists, researchers, and citizens using Freedom of Information Act requests (and its state-level analogues.) The self destruct feature was announced on April 25 as part of Google's new confidential mode for G Suite. In addition to self destruct, confidential mode allows users to delete messages after they have been sent and places restrictions on how recipients can interact with received emails. "As more local and state governments and their various agencies seek to use Gmail, there is the potential that state public records laws will be circumvented by emails that 'disappear' after a period of time," the National Freedom of Information Coalition wrote in a letter to Google CEO Sundar Pichai. "The public's fundamental right to transparency and openness by their governments will be compromised. We urge you take steps to assure the 'self-destruct' feature be disabled on government Gmail accounts and on emails directed to a government entity."
I for one agree. We absolutely need to keep our government (which we pay for) accountable.
I personally think we need a transparent government much more than a small or weak (which borders with ineffective) government. If government is transparent, open and accountable, then many issues about limiting its power are moot, IMO.
We learn from history that we learn nothing from history - Tom Veneziano
So it's not actually your pop-mail client, right?
Because if it is, then they can. All they need is you.
deleting the extra space after periods so i can stay relevant, yeah.
we need to stop this foolishness of non-government mail and file servers, using personal resources for official business, and not properly archiving everything, period, not daily but continuously.
Expensive but worth it.
deleting the extra space after periods so i can stay relevant, yeah.
That assumes the email has the content. Not just a link to the content hosted on Googles servers.
This is what drives me nuts about the "small government" voters. If people think the rich and powerful aren't just going to build a large government apparatus for their own use they haven't been paying attention to the last 2000+ years of history. The question is never, will there be a powerful government, it's always, who will that government work for?
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
I have not used Outlook for a few years, but even then automatic email deletions were standard. Gmail is actually late to the party with this feature.
unlikely. This feature would mean government agencies and many regulated industries simply won't be permitted to use gmail as you can't have email that self destruct when you have mandatory data retention.
automatic deletion where YOU choose to delete yes, not the sender. outlook/exchange also support recall and remote delete and have for a long time. But the receiving system gets to decide whether to honour that request or not.
Sure, but enterprise email also has a "archive this for x time period separate from the user inbox" for various reporting/legal requirements. The user doesn't get any input into it at all.
It's not always about the user!
Which is what this uses, BTW (a link).
Hopefully they require more than just email retention - the emails only contain a link to the self-destructing message. The retention rules should apply to all electronic communication.
Apparently you don't read the news. See article EVERYONE MUELLER HAS CHARGED IN RUSSIA ELECTION PROBE, ALL 22 OF THEM http://www.newsweek.com/muelle...
This seems like uninformed nonsense.
As far as I can tell, this "self destruct" feature simply sends a link to a webpage to the recipient. This webpage will be able to be taken down. This wouldn't prevent anyone from taking screenshots, and can already be easily done. But in essence: if someone can read it on their screen, it can be archived on the receiver's side. And probably somehow crypto-signed to prove that you didn't make it up later.
Governments obviously have to (or should) comply with certain IT record keeping standards - similar to what big companies have to do for compliance regulations. IIRC, even Google Suites offers outgoing and incoming email archiving.
Exchange has had this kind of functionality for over a decade and tons of government customers. If it wasn't a problem there, why is it now with Google?
Doesn't anyone see a problem with this?
"As more local and state governments and their various agencies seek to use Gmail..."
For an organisation as large, powerful, influential, and as involved in US politics as Google, it sounds like a really bad idea to have sensitive govt. messages flowing through Google's servers. I mean, why not just use a Chinese, Russian, or EU email service for official govt. communications?
National & state govt's should have publicly accountable email accounts with all messages and accesses fully available for audit and those should be the only email accounts that national and state employees and elected representatives use for work related communications.
Debate is a form of harassment. Do not question my truth.
I have not used Outlook for a few years, but even then automatic email deletions were standard.
So far as the unrelated topic of deleting a sent email, yes Outlook has this ability.
It needs to be enabled, but in a company a group policy can both enable it and lock the setting so the user can't disable it.
By default without that, you get a deletion request and need to respond 'yes' before it deletes the email.
Gmails feature doesn't do anything like that, mainly because if the email leaves googles servers, they have zero control over it and beyond a similar "honor system" method, it's just not possible to do this using email protocols.
This is more like how Snapchat handles pictures with auto-destruct.
Google takes your email and stores it, then sends the recipient an email, not with your message content, but with a URL back to google.
Opening that URL then uses javascript to show an image with your message contents (to make copy/paste a pain), refuses to show the image without javascript (to make script blockers a pain), and deletes the message once viewed or after a certain time.
They probably also employ all the other silly javascript tricks to try and make it as hard as possible to store the image out of the browser, not that those were ever fully functional.
It doesn't take much to get a screen shot by someone who knows what they are doing, but it will stop the vast majority of i-have-zero-clue-computers-are-magic users that make up over 99% of the Internet.
Per this presentation from DHS, any work-related e-mails are considered federal records, and thus subject to record keeping requirements.
It really isn't up to private companies to enforce laws, nor should it be. Granted, with the current US government dedicated to dismantling effective governance, I don't trust the government to do this job. But private companies can't really do anything to prevent it besides lobbying, and I don't trust any private company to be concerned enough to bother with it.
Correct. They are only self-destruct when using Google's platform. Which means only when sent from AND to Google gmail accounts. They may be self destruct for the end users, but you know who they are not self destruct for? Google. They encourage people to send email that's even more sensitive than people already use email for by implying a time-limited duration, then they are the arbiters of what data is private and what isn't. Great scam.
I doubt that email clients such as thunderbird are going to honor any of these um, ideas.
Mine won't
I have not used Outlook for a few years, but even then automatic email deletions were standard.
No it wasn't. It was highly dependent on the end user's settings. In order for an email to automatically delete itself it would need to be sent with an expiry, the auto-archive feature needs to run, and the auto-archive feature needs to be permitted to delete emails. It was completely dependent on the end user's settings.
C'mon, everyone knows Big Brother Google doesn't really delete your "deleted" emails.
Does anyone do research before going off the deep end?
GSuite for Government is a separate product. There's no indication so far this is even enabled on that offering. The new interface (with the features) is current opt-in on standard GSuite, by the admins. Beyond that, governments using GSuite should have Vault enabled for compliance purposes. Vault doesn't allow users to delete emails before the end of the archive period.
Why is there a preemptive strike against Google when this is basically an administration issue on the governments end? It's not those not using Gmail couldn't selectively purge messages from their local systems.
16 of these were Russian "persons" pursuing Russian intelligence goal (sow FUD, amplify existing interval divisions and resentments) , and for the most part outside the jurisdiction of the U.S legal system.Just as (and actually probably to a lessor degree) the US agencies have been influencing politics and culture around the globe for the past 60 years. (especially to fight communism). A few of them were simply charged for making false statements to federal officials, without any real underlying crime, and the rest relate to hiding/obscuring flows of money.
Auto capture mods.
It will take little time for people to write OS/browser tools for performing automated captures when the "open this webpage for the 'email' to be viewed" prompt is seen.
...on the Right to Forget thing.
This isn't the right way to go about this.
If the worry is about government destroying records, what needs to be done is government being forced to conduct business using services that guarantees record keeping. Simple as that.
Gmail is not the only mail server there is out there, people have plenty of choice to use services that already have a self destruct option for years now, so it makes no sense to put the burden on Gmail or any other singular service while taking the functionality out for everyone else just because "government records". Gmail was not created to attend government needs, it was made for a bigger public. If government requires a service with specific traits, they need to have one made custom.
It's a reverse backdoor encryption thing. Just because the police wants to have easier access on potential criminals under investigation that does not justify forcing secure systems to shit all over the privacy and security of their clients.
And quite frankly, stuff like this should be obvious at this point.
As the network admin for a local government entity that uses gmail, and not having had a chance to see exactly how this will work, I have a fair amount of confidence that the 'destruction' may not be permanent. As long as a particular user's account exists, the email associated with that account exists in Google Vault. A user can delete all of their email, but that just means they don't have access to it anymore. As an admin for our Google domain, I am still able to get access to any and all emails.
Yes, if the account is actually deleted, which in our case can only be done by a domain admin, either in our AD or in the Admin Console in Google, then all emails will be gone. Whomever does that, and there are records, will be in serious legal trouble if the account was deleted before the required period has expired, in our case 7 years. Yes, that could hide deeper criminal activity, but as an admin, it is my co-responsibility to keep those laws. This is the same as any other network/server administrator in any government entity anywhere. The trust is there, it's a matter of keeping it.
There doesn't seem to be any serious consequences for people in government retaining incrimination e-mails, either. Well, you might lose an election, but probably not. The loss was caused by the Russkies, or women voters being intimidated by their husbands and fathers, or whatever.
There's no time like the present. Well, the past used to be.
They won't actually delete the e-mail. They'll just mark it that it's supposed to be deleted and who did that. Then later it can come back and the fact they tried to get rid of it.
Think of all the crimes committed using the soil of North America by the criminals!
North America should be evicted !!