Privacy Complaint Against Google's GMail Service 447
CRCates writes "Privacy groups in the UK have filed a complaint against Google over its new Gmail service. Privacy groups said they were concerned about Google's ability to link a user's personal details, supplied in the Gmail registration process, to Web-surfing behaviour through the use of a single cookie for its search and mail services. "
So? (Score:5, Informative)
also in the BBC (Score:5, Informative)
Gmail - Opt-In (Score:5, Informative)
If you don't want to use Gmail, you have other options through your ISP, other free services, etc.
It just seems to me this is an extension of social networking, but from a business perspective. - target based advertising based on what you surf for based on your cookie.
It seems similar in a way to what Gnome's Nat Friedman wants to do with Dashboard. Based on your email & IM, having the desktop provide you with links to what you're talking about.
To me, the pro's at this point from what we know may outweight the cons - yes they'll target me with ad's based on my surfing behavior, but the ability to index and search my email rather than using "To" "From" and "Subject" headers is definitely a step forward in email management.
Read it. (Score:5, Informative)
I didn't see anything in there about this particular topic, although there is a bit about the fact that they will be using cookies (natch).
Personally, I find it hard to be too concerned about this. My web-surfing patterns are already recorded in a "soft" way via my browser history and a much "harder" way via my ISP's access logs. I can go out of my way to use proxies and make it difficult to trace, etc, but it isn't like you can't figure out what my machine is doing (unless I'm doing some fairly advanced stuff).
Americans, wake up! (Score:3, Informative)
Data Protection Act (Score:5, Informative)
Look, they aren't charging for the service, nor are they forcing you to use it.
Whether its free or not is irrelevant. In the UK, there is legislation (the so-called Data Protection Act [hmso.gov.uk] ) which places tight constraints on how personal data is archived and managed. If the Google mail service falls foul of this act, then it does not matter whether or not the service is free; it is still breaking the law.
Re:So? (Score:3, Informative)
Now it functions very well as a replacement to
Re:Data Protection Act (Score:5, Informative)
Re:Microsoft Exchange? (Score:5, Informative)
It uses 64mb-chunks of disk space, and instead of erasing data from within the chunk, it just flags it as deleted, thereby not fragmenting the filesystem fantastically. That method means it's practically impossible to delete the email.
It has to be kept on their filesystem as the inbox is searchable, and 1gb large - raid arrays just wouldn't cope with that stress (and it'd take 3 days to search your mail). The filesystem is the real genius of google - their system is made of hundreds of terabytes of storage on a distributed system. Thousands of servers running redundantly. When one dies (with that many it's a regular occurance) it gets swapped out seamlessly. The processing on the data also requires huge bandwidth throughput.
To me, it looks like the google boys found a great use for their systems, but the very methods that make them great contradict local law in some areas they're selling in.
Oh, and the rules are that different in europe ;)
Re:The conflict is with EU law (Score:2, Informative)
Re:Legal rights can usually be waived (Score:3, Informative)
I don't think that's the problem. The UK Data Protection Act requires that personal information be purged if the person in question requests it. Google seem to be saying that there is no assurance that this will happen. From Google's privacy policy [google.com] "[Google does not] guarantee the deletion of emails that are archived even if you cancel your account."
It's good that Google are being up front about this but even so, it simply isn't compatable with UK law.
An advantage of not using IE. (Score:3, Informative)
Also if you block all third party cookies, you much less crap to delete anyway.
Re:Privacy policy is here (Score:3, Informative)
This happened as soon as I had to submit my reg form:
Warning: mail(): Could not execute mail delivery program '/usr/sbin/sendmail -t -i ' in
So it would seem registrations aren't really working on their end. Sorry but I wouldn't say SpyMac isn't looking like a viable alternative to something Google can put out (yet)...
Re:Erase the cookie (Score:2, Informative)
Re:Microsoft Exchange? (Score:3, Informative)
HIPAA (U.S. law which includes penalties for disclosing confidential health information)and other regulations have caused serious concerns in the database and data mining research community (contrary to popular opinion not all data miners want to strip you of your privacy). Rakesh Agrawal [ibm.com], Jerry Kiernan [ibm.com] and Ramakrishnan Srikant [ibm.com](major data base researchers, Srikant and Agrawal made groundbreaking contributions to the field of data mining) published recently (well about 2 years ago or so) on Hippocratic Databases (in gzipped PostScript) [ibm.com], where he describes the hard problem of making the database forget information to conform to legal and ethical restrictions.
Re:Lots of ways to get yourself in the GMail datab (Score:2, Informative)
I suppose it could link the contents of the email to your email address/name
(which they could already anyway), but it can't place a cookie of any type on
your system by receiving an email from you. So, the person you're sending to
might be profiled from the email, but that was happening anyway. They made
the choice to subject themselves to it.
You're still personally as safe from that as you ever were.
Re:Not that simple (Score:3, Informative)
It makes the US Patriot act look like a walk in the park. gmail is just a distraction.. whilst we're bickering over that our 'privacy' is lost anyway.
One of its measures is the *mandatory* retention of all communications data within europe (inc. email, phone calls, mobile phone calls, faxes and internet usage). No idea how they're going to do that... it'll require a damn big SCSI disk
Add to that the compulsory fingerprinting of everyone in Europe, the introduction of biometric passports, tracking all travel in, out and within Europe and retaining this data, oh and the government gets automatic right to inspect your back accounts too...
http://www.statewatch.org/news/2004/mar/swscore