Feeds

Google mail is evil – privacy advocates

Permanent retention policy makes Gmail Fed's best friend

  • alert
  • submit to reddit

High performance access to file storage

This week should have seen a public relations triumph for Google. The company began offering a free e-mail service with 100 times as much storage as Yahoo's $59.99 service. Instead the criticism has taken Google by surprise, as privacy advocates who had never before voiced criticism stepped forward. Google has previously responded to privacy concerns by saying, "we're nice, trust us" or pointing users to the company's mission statement of "do no evil". Such trite sentiments didn't work this time; even The Drudge Report piled in.

Google executives had ignored a fierce internal debate over the ethics of the service and on Wednesday afternoon rushed out a jokey April 1 press release, ostensibly to trump a New York Times scoop.

But it isn't so much Google searching email that has caused the anxiety from privacy watchdogs this week, as the company's confused retention policy. What will Google do with that data? Google's cookie is an index for all your searches until 2038, and sits alongside an Orkut cookie that tells Google - or friendly law enforcement officials or marketeers - exactly who you are. Google's Gmail will complete the picture, indexing private electronic discourse under the main Google search cookie.

"Once users register for Gmail, Google would be able to make that connection, if it chose to," Pam Dixon, head of the World Privacy Forum told the Los Angeles Times. "And if Google ever compared the two sets of data there are some people who would be chilled and embarrassed." Richard Smith, formerly at the Privacy Foundation pointed out that "Google kind of makes it easy to connect all the dots together."

Rather than allay these fears, Google's accident-prone co-founder Larry Page refused to rule out a future policy of 'joining the dots'. A simple "No, Never" would have prevented much of the damage. But asked if Google planned to link Gmail users to their Web search queries, Page replied:

"It might be really useful for us to know that information. I'd hate to rule anything like that out."

Google's Gmail privacy policy points out that your email will be retained even after you close your account -

"The contents of your Gmail account also are stored and maintained on Google servers in order to provide the service. Indeed, residual copies of email may remain on our systems, even after you have deleted them from your mailbox or after the termination of your account."

At a time when the American Library Association is advising librarians to destroy records of borrowing as soon as they can, to protect users privacy, it's an odd time to be boasting about infinite retention.

Clearly there's something of a reality gap in the upper echelons of the Googleplex. There's a disconnect between the jokey launch, and the statement that "machines, not humans" will read email that's every bit as unnerving as a President making jokes while citizens are being dismembered.

For archivist Daniel Brandt, it's reminiscent of the Doubleclick privacy scandal.

"Doubleclick bought acquired a company that had names and address in their database, and gleefully announced that now they could monetize their massive cookie and web-bug database by correlating it with names of individuals," he told us. "The privacy advocates jumped all over that one (it was in year 2000 or so), and Doubleclick had to abandon their plans. This time it's the same issue, but it's all within one company."

"While Google brags that no humans will read your emails, the entire Gmail program will involve extensive automated profiling of you as an individual. Google will be sharing the non-identifiable portions of your profile with anyone they choose. If the ownership of Google changes, or there is a merger, the entire personally-identifiable profile will be available to the new owners or partners."

Google has done an extraordinary job of sidestepping human responsibility by deploying machine rhetoric (what we call the 'Bill Gates defense') . But now it has to deal with grown ups, and this is its severest PR test yet. The rationale behind going public is business expansion; but Google can't add services unless people trust it.®

External Link

'Delete your Google cookie before and after'
Gmail "Privacy" Policy
'How I Leared To Stop Worrying' (and love Google) [incomprehensible]

Related Stories

Google launches email, takes the Bill Gates defense
Google promotes Froogle
Google revives discredited Microsoft privacy policy for Friendster clone
Yahoo! Rips! Up! Privacy! Policy!
Microsoft alters Passport Terms to stem Hotmail defections

High performance access to file storage

More from The Register

next story
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Sorry London, Europe's top tech city is Munich
New 'Atlas of ICT Activity' finds innovation isn't happening at Silicon Roundabout
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.