Privacy crusader Liz Figueroa, a California State Senator, has introduced legislation to protect users from snooping email providers. It doesn't mention Google by name, but was clearly prompted by the advertising broker's new email service, Gmail.

The move is in the form of an amendment to SB.1822. Few will find much to object to in the bill, which guarantees consumer's the choice of opting-out from advertisements. After the furor broke, Google co-founder Sergey Brin said he would consider such an option as a response. The provision would apply to instant messaging as well as email. Senator Figueroa has a good record of consumer protection, steering through the Do Not Call legislation.

The relevant portion of SB.1822 is as follows:-

Existing law prohibits a person or entity located in California from initiating or advertising in unsolicited commercial e-mail advertisements, as defined, and prohibits a person or entity not located in California from initiating or advertising in unsolicited commercial e-mail advertisements sent to a California e-mail address.

This bill would prohibit a provider of e-mail or instant messaging services, as defined, that serves California customers, from reviewing or evaluating the content of a customer's e-mail or instant messages, except as specified. The bill would permit a provider of e-mail or instant messaging services to review and evaluate the content of a customer's outgoing e-mail or instant messages with the customer's consent, and would permit a provider to review and evaluate the content of incoming e-mail or instant messages only from another subscriber to the same service and only when that subscriber has consented to the procedure.

This section does not prevent a provider of e-mail or instant messaging services to California customers from filtering unsolicited e-mail for removing spam or for managing computer viruses or other malicious programs

The legislation applies only to California, and may not be enough to satisfy privacy advocates concerned about data retention issues. A clumsily-worded Google "privacy policy" - since revised - at first stated that email would be retained even after a user had closed the account. This has since been clarified to explain that backups take some time to delete - a policy in common with other web-based email providers.

Gmail was hurriedly announced on April 1 and became the subject of late-night TV jokes. The reaction, as Electronic Frontier Foundation Brad Templeton, a consultant to Google, confirms, took the company by surprise, a reaction we found much more troubling than the original announcement.

Co-founder Larry Page - who rather unhelpfully, recently fantasised about implanting Google chips in people's brains - refused to rule out cross-linking data collected under Google's search cookie with the Gmail cookie. As Templeton concludes in a long analysis of Gmail, "there are some real issues here to be worried about", there are "real risks"; and "even the irrational fears over the spooky aspect of advertising being associated with email creates [sic] problems that must be addressed". This most private of companies had little comprehension of how much its users valued their own privacy.

Google isn't the first company to beguiled by its own publicity, and it won't be the last. However, as the world's largest private sector data-harvesting operation,it should be more careful, wouldn't you think? As it is, we now have the first legislative attempt to ensure that Google acts as a responsible corporate citizen. ®

Related stories

Google values its own privacy. How does it value yours?
California Senator seeks Google Gmail ban
Germans garotte Google Gmail over privacy
Google's Gmail hits trademark problem
Big Brother nominated for Google Award
Google mail is evil - privacy advocates
Google launches email, takes the Bill Gates defense
Google founder dreams of Google implant in your brain
Google touts stalking service
Google revives discredited Microsoft privacy policy for Friendster clone
You got Google mail report