Privacy Complaint Against Google's GMail Service

CRCates writes "Privacy groups in the UK have filed a complaint against Google over its new Gmail service. Privacy groups said they were concerned about Google's ability to link a user's personal details, supplied in the Gmail registration process, to Web-surfing behaviour through the use of a single cookie for its search and mail services. "

How can they do this?

[Pingular]

It hasn't even been launched yet, it's in beta. I'd imagine the people in this beta have signed some kind of agreement where they say they cannot do anything if they are adversly affected by Gmail, so what's the problem? Of course it's a different matter when it's launched to the public.

Erase the cookie

[Anonymous Coward]

Erase the cookie. Don't use the service. How do you know Yahoo! doesn't read all it's mail?

Welcome to paranoia.

Tit for Tat

[Fortress]

Seems to me that if they give you a free gig of space, some targeted ads aren't too much to pay. Why not use some other mail and store it on your PC if you feel this is too invasive?

Re:How can they do this?

[darien]

Presumably this group wants Google to get it right before it's released to the public! Which seems fair enough to me. Isn't that what being in beta is for?

Er...

[Inuchance]

If you don't want them to have your personal info, then don't provide it! GMail is a service, not a requirement.

Can I file a complaint against MS now?

[jamonterrell]

Since by the same measure, Microsoft can track a user by the personal information given through the passport/hotmail registration procedure through every website you visit using THEIR browser, every program you run on THEIR operating system, every document you read/write with THEIR office application.
Innocent until proven guilty. When they start using this for an invasion of privacy, then you can complain, at this point they haven't even offered the service, how can you complain that they've invaded your privacy.

Besides, if you don't like it, don't create an account and go back to wearing your tinfoil hat. They aren't using strongarm tactics to force you to use their product.

Jamon.

Why shouldn't google be able to link data?

[Chris_Jefferson]

I'm still not entirely sure what everyone's complaint is here. You don't have to join Gmail to use google. They openly admit that they may combine data (unlike everyone else who do combine data but refuse to tell anyone about it)

If you don't want google using your data, don't give it to them. Personally, I'm happy for google to have all my data if it will improve my browsing and emailing experience, and that is my personal choice to make.

What people should be complaining about is insurance and credit card companies which buy incomplete and incorrect sets of data and judge your credit rating based on it (it's happened to me). Now thats dodgy.

One rule for some...

[plumby]

It seems like most of the comments so far are along the lines "it's voluntary, google should be allowed to do what they want."

It would be interesting to see the reaction on /. if this had been a Microsoft service.

Re:Two Cookies Would Fix it

[System.out.println()]

You DO realize you're talking about the company that has cached the Internet, correct? And in RAM, no less (if I recall correctly - maybe it was just the most used pages that are cached in RAM.)

Not that simple

[GreenCrackBaby]

The article is very clear: privacy groups aren't just arguing that Google is violating privacy, they are arguing that Google is violating the law (by violating privacy).

It seems that European privacy law is much more strict than US law, and by retaining a subscriber's email even after they have deleted it or cancelled their account Google is breaking those laws.

Huge difference.

Re:Erase the cookie

[sgtron]

Hotmail, Yahoo, GMX.. they all *read* your email.. let me explain. All these services have "anti-spam" measures in place. They scan all your email for certain terms that would identify it as spam. Now, what is Google doing differently? They also scan your email, not only for spam words, but for ad keywords. I don't see the big problem here honestly. If you don't want your email scanned for spam terms or ad words, just use a real isp and run your own anti-spam software.

Fighting initial reactions...

[Valejo]

When I first heard about the privacy concerns involved in the Gmail project, my initial reaction was to trust Google no matter what to "Do no evil." However, perhaps we should put aside our love for the company and ask critically whether this breeches acceptable advertising practices. For me, I'm uneasy with the idea of saving "deleted" mail.

Re:One rule for some...

[System.out.println()]

If this had been a Microsoft service, it would be (crappily) integrated into the OS and locked out from any other competitors.

Privacy Groups

[Fortress]

Any one else think it's odd that a privacy group is complaing about a service that isn't available to the public yet? I'm all for privacy, but let's pick the reasonable battles. It will be repeated ad nauseum here, but you don't HAVE to sign up for Gmail.

I would much rather that privacy groups spend their finite resources fighting the stuff we don't have the option of avoiding, Big Government and such.

Seems like any other organization, privacy groups have to justify their existence by creating problems where none exist.

Knee Jerk reaction

[AlecC]

This seems to me to be very much a knee-jerk reaction. Provided that Google is up-fromt will all this, why shouldn't I be given the opportunity to opt-in to such a service? I entirely agree that this should not be done secretly - but Google is very upfront. Surely it is not an invasion of privacy if I explicitly accept that Google will scan my mail as part of paying for the service.

I like Google Adwords. Given that advertising is an endemic part of life, and is not going to go away, Adwords is the way I want it. Let Google take all the advertising revenue with Adwords, and may the popup merchants go broke. If Google want to offer a paid-for non-Adwords service, I shall think about it - and probably not buy it.

As to keeping some of your email when you delete it - I don't think this is intentional. AFAICS Google has a "weak delete" policy - they try to recover deleted space, but if they don't recover it all, too bad - disks are cheap. So there may well be old copies of your emails hanging round. What the hell - they are not indexed, so it will take a deep search to find it. Do Yahoo, Hotmail & Co guarantee a destructive overwrite when they delete your mail? I doubt it - in which case they might have an old copy lying round on their disks.

So, privacy people, don't spoil what looks like it might (subject to confirmation, of course) be a useful, opt-in service because of arcane potential privacy problems.

Re:Hello?!

[Martin Blank]

Thank you.

I have several credit cards attached to my frequent flier program. I get a couple more e-mails and a couple more snail mails a month, but for no additional effort on my part (except for skimming through a couple of offers each month), I get a few thousand extra frequent flier miles each year. It's not enough for a free flight on its own, but it can push me over the edge if I'm close enough.

They have all kinds of information on me -- spending habits, information on where I live and where I travel -- but I entered into the contract willingly. I gave up a small part of my privacy in exchange for a benefit to me.

Every service "reads" your mail

[rjstanford]

I mean, think about it. Let's say that you have webmail with one of the other major providers. Somebody sends you mail. You reply. They reply. Now your email has a couple of levels of ">" in it. Wouldn't it be nice if they highlighted those in different colors or something?

Oh, wait - they already do that? (Note: at least, this was common the last time I bothered with webmail which was some time ago). Guess what - that's "reading" your mail as well. In fact, they're just changing your display - without changing the verbal contact of your message - to make it more convenient for you.

Isn't that also a (reaching, but legitimate) description of providing targetted advertising? I mean, how many times have people here on /. said about ads that if they made sense, they wouldn't mind 'em? Guess what - that's targetting. And how they're supposed to make sense and be timely without some kind of processing is beyond me.

As for the article's complaint, it seems to focus around the fact that when you "delete" an email, Google doesn't guarantee that it goes away immediately. Their message seems to be talking about cache updates though - if they were willing to amend it with a service guarantee that within xx hours your email would be deleted, that would probably do the trick. Of course, then people would be arguing that they needed to provide complete file-trashing (triple overwrite, etc) as well, even though your regular email client and ISPs email account probably don't do that.

I think its just a case of being too cautious in their terms of use. In this case, being too honest where the other major providers are being "honest enough," and not worrying about caches, et cetera. Of course, they may be planning to use your old email for nefarious purposes, but somehow I doubt it. Either way, they should clarify their statement.

Email is not private

[lordbios]

Email in its basic form is not, nor has never been, private. There have never been any promises that email was private. I remember from the first time I used email that it was always likened to mailing stuff on a postcard, not in a sealed envelope. It's also not like Google is trying to hide the fact that they are scanning your emails. It is right out in the open in the terms of agreement. If you don't agree, don't sign up...

Re:Microsoft Exchange?

[Rick Zeman]

Anyway, the shorter point is, this kind of thing happens. The reason is happens is liability. If a criminal organization is using Google's GMail system for planning a robbery, or if a terrorist group decides they want to attack rail systems in Europe and wants to do so by using random public terminals to sign into email accounts that someone else hosts, it's a problem. If law enforcement comes looking and Google has to say "Oh, sorry - we respect privacy so much that we absolutely and permanently delete all traces of all email the second you touch the delete object!", it will not be a pleasant thing. The investigators will not be happy.

That's an interesting point. They might not be happy, but so? Does anyone have a legal (vs. moral) obligation to retain every piece of data Just In Case There's A Terrorist Hiding Under The Bed? Same with corporations. There's no law saying you need to have an email retention period of x, right? Companies do it for business reasons, not because it's mandatory (and in many cases [hello, Microsoft] it's come back to bite them in the ass).

excuse me?

[Vlion]

I don't feel like like getting my email data-mined.

Thats basically what Google wants to do with your email, if you havn't figured it out already.

And I'm not going to join the horde in Google adulation- Google seem to be quite happy to mine your data six ways from anywhere. I definatly don't want all of my email and searching centralized like that to a company that whilst is a techical genius, seems to have some moral issues regarding personal data and the use thereof.

I'm not going to have a gmail account until that policy gets changed. Go privacy group in UK !!!

Government wiretaps

[Anonymous Coward]

I wonder how long it is before google are happily releasing personal information under Patriot Act orders. I know they might have no choice in such a case, but why store information that could be used to oppress American citizens when such an order does happen?
Google need to get some sense in this tyrannical age.

Re:How can they do this?

[orthogonal]

I'd imagine the people in this beta have signed some kind of agreement where they say they cannot do anything if they are adversly affected by Gmail, so what's the problem?

The problem is those pesky "inalienable" (or "unalienable" as one source writes it) rights: inalienable simply means that something can't be given away or sold -- alienated -- even if you want to give it away or sell it.

Just as you can't, regardless of contract, sell yourself into slavery in most countries, Google's GMail quite possibly violates European law (but not U.S. law, which protects privacy very little if at all).

So a contract is no defense, as contracts for illegal activities are unenforceable.

Re:Not that simple

[Chris_Jefferson]

It would be interesting to see if they are simply the first people to admit this.

Do you think AOL, Hotmail, Yahoo! mail and every other ISP in the world dig through their backups when you quit and make sure they delete all copies of your mail? I'd be very, very, very surprised if they do.

April Fools

[doublesix]

Is it just me or is this whole GMail thing an April Fools prank gone horribly wrong?
Read the Google news release again:
The inspiration for Gmail came from a Google user complaining about the poor quality of existing email services, recalled Larry Page, Google co-founder and president, Products. "She kvetched about spending all her time filing messages or trying to find them," Page said. "And when she's not doing that, she has to delete email like crazy to stay under the obligatory four megabyte limit. So she asked, 'Can't you people fix this?'"
The idea that there could be a better way to handle email caught the attention of a Google engineer who thought it might be a good "20 percent time" project. (Google requires engineers to spend a day a week on projects that interest them, unrelated to their day jobs). Millions of M&Ms later, Gmail was born.
Kinda fishy.

Privacy in the UK?

[Anonymous Coward]

This is the country that has one video camera
for every 14 people, yes? At least people get
to _choose_ whether they want to use GMail or
not...

The conflict is with EU law

[viralbus]

As it is clearly stated in the article, the problem is with EU law, which among other things states that individuals are in charge of information about them; this means that they can request to see all information held about them and to get it deleted. Storing private emails after the user has deleted them seems to run counter to this law.

Furthermore, in many EU countries there are certain rights that you cannot sign away in a contract, so Google cannot just point to the terms and conditions.

The solution might be to prevent EU residents from signing up to Gmail.

Re:Er...

[DroopyStonx]

Hahaha, it's funny how you people say, "It's a service, not a requirement," but when invasion of privacy actually happens to you it's suddenly not okay.

Example: Tivo. Tivo isn't required, but people got all up in arms because they captured info about what people watched (which is kind of a bullshit thing to do). They aren't exactly identifying YOU, just your data, so it's not REALLY an issue. Either way, it's still not cool to know that something you bought that is yours is sending data about the shit you watch to someone else.

Just because a company violates privacy issues doesn't make it "okay" simply because it's "a service, not a requirement," because you know as well as I that there are a ton of braindead computer users who sign up for things not knowing what they are.

At least SOMEONE is concerned about this

[goldspider]

Like I said yesterday [slashdot.org], it's time people stopped thinking of Google as a purely benevolent, community-oriented provider of goodness, and started to think of them as a company out to make money (especially with the impending IPO).

We don't give Microsoft a free pass, and it's time we stopped giving Google the benefit of the doubt. This whole GMail thing REEKS of privacy abuse potential.

Re:Er...

[caitsith01]

This is similar in a sense to the 'if you've got nothing to hide, you shouldn't mind having a video camera in your house/giving a DNA sample/signing this confession/having Palladium in your computer/letting the government see what you're watching on DivX' type reasoning, and with all due respect it is bunk.

The point is not that something bad is definitely going to happen as a result of Google's policy. The point is that this moves the _presumption_ from automatic assumption of privacy to an automatic assumption of non-privacy, which is a dangerous precedent, especially if this is even a small fraction as popular as the search engine itself.

This reasoning, which I have seen a number of times already in GMail discussions, also smacks of 'if you don't like it, move to Russia,' or in this case, Hotmail.

Lots of ways to get yourself in the GMail database

[Anonymous Coward]

OK fine. So you don't have a GMail account, but what if you send mail to one?

Your boss: "I'm on the road - send me your status report IMMEDIATELY to yourboss@gmail.com"

Recruiter: "I have a job for you - send me your resume at somerecruiter@gmail.com..."

Hosted at Yahoo?

[cgenman]

Does anybody else find it creepy that this article is posted at Yahoo?

I don't want to jump on the SlashThink wagon, but does anyone storing e-mails on a free remote server have an expectation of privacy about automated searches and indexing? After all, your e-mail has to be read by machine at some point or another, or it isn't an e-mail. And is should be backed up. The only thing I can see about this is Google stuck their foot firmly in their mouth about basically accepted industry practices.

Unable to delete the past...

[lewko]

It's hardly a new problem on the Internet that one can't delete messages from the past [c2.com]...

Re:So?

[Anonymous Coward]

> Yea, THERE'S a reputable organization reknown for their datacenters, data integrity, and long-term stayability.

> How long will this service last at SpyMac? A month?

You don't get it. Spymac don't offer imap or advance search, hence 1Gb is useless there.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Tit for Tat

[orthogonal]

Seems to me that if they give you a free gig of space, some targeted ads aren't too much to pay.

"Seems to me, Mr. Jefferson, if England gives you the security of their navy, a little taxation without representation isn't too much to pay."

"Seems to me, Mr, Franklin, if we can give up a little liberty for security, that isn't too much to pay."

"Seems to me, Mr. Churchill, giving up 'a distant country of which we know nothing' in order to get 'peace in our time' isn't too much to pay"

Do you write no email that is personal enough that you'd object to Google looking through it in order to serve up ads?

If you're willing to give up your privacy for mere convenience, what else are you prepared to give up?

How much for your right to vote? A gigabyte of space? Two?

How much for that freedom of speech -- I mean, when did you last need that? And freedom of assembly, will you throw that in too, for say, three gigabytes?

You're not hiding anything in your email, so you're probably not hilding anything your house either -- let's install some free anti-crime cameras in your bedroom -- for your protection of course.

Did I miss the memo telling me that Americans had become so lazy we can't even get up off the couch to protect our privacy anymore?

Alles in Ordnung, Herr Reichsminister!

Re:Erase the cookie

[Sethb]

It gets even dumber. People have privacy concerns about Google scanning the e-mail to deliver the AdSense ads, and now this, but they're sending their e-mail around the internet, through god knows what relays, in plain text? Uh, here's an idea, if you're worried about privacy in regards to your e-mail, wrap it in GPG/PGP and be done with it. You don't send important correspondence on a postcard, do you?

To much tin foil in the air

[cyberlotnet]

Whats the diffrence between Hotmail, Yahoo, Every other free email provider out there And Google..

Nothing, google is just upfront and honest about whats happening to your emails.

They have to "scan" through them to provide virus and spam protection.

They will use there distributed approach to searching to provide fast web based email services. This means your email could be on 100's of there servers at the same time. When you hit delete it might take a while for it to be removed from all systems.

Here a company steps forward and is 100% honest about what they are doing and we flame them.

No wonder we have to deal with lame support and excuses from companys every day.

Re:Knee Jerk reaction

[admbws]

On subject of deletion, I was thinking a similar thing myself.

The term in question is,

"Residual copies of email may remain on our systems, even after you have deleted them from your mailbox or after the termination of your account."

On most filesystems, deleted files are not deleted completely, they remain physically on disk and, provided the now-free space has not been subsequently overwritten, could potentially be retrieved with appropriate tools. This is what Google means by "residual copies", and I wouldn't be at all surprised if that is the case with Yahoo!, Hotmail or any other free email provider, Google is just being honest about it! Good on you Google!

Re:Tit for Tat

[Fortress]

Wow, I think you're getting fired up on a non-issue here. Your rights aren't being violated, if you feel that Googol's scanning your mail for ads is invasive, then don't sign up. The analogies youhave madew are all coercive, whereas Gmail is voluntary.

I can CHOOSE to give up my right to privacy in this matter to a company I trust without giving up my Right to Privacy in general, let alone my free speech, voting and assembly.

You seem to be strong on rights. What about Googol's right to offer a service for no money in exchange for policies they lay out in their eula? They are by no means being coercive, they have no monopoly on email and are merely trying to float a new internet service. They are not even being deceitful about it, as we all know about their advertising policy before the service is released to the public.

This is not some mandatory big government service here, merely a private company trying something different.

Re:How can they do this?

[los furtive]

Beta tests technical issue not privacy issue.

That's a narrow view of things. Beta tests are for ANY issues that arrise, whether they be usability or functionality. The likeliness for usability changes to occure as a result of beta testing are much lower than in alpha testing, but they are by no means excluded (they just piss of the developers more).

And the issue of privacy is certainly a usability issue.

Re:Tit for Tat

[Anonymous Coward]

Are you really this obtuse or are you trying to make a point?

Those examples aren't even remotely the same. Analogy is the weakest form of argument for a reason, perhaps you should figure out what that is.

Re:Tit for Tat

[Theaetetus]

Do you write no email that is personal enough that you'd object to Google looking through it in order to serve up ads?

Do you Yahoo? Do you notice their auto-quoting feature that adds the > brackets in different colors? Do you write no email that is personal enough that you'd object to Yahoo looking through it in order to serve up that feature?

The point, and the answer, is the same. There is no person reading your email at the company, merely an automated script, and it's looking for keywords. Additionally, the results are blindly served back up to you through the same automated process. If you talk about 'golf balls' in your email, you'll see 'golf ball' ads. However, the golf ball manufacturers don't get a note in the mail saying that orthogonal@gmail.com is interested in their services. No one gets that note, not even anyone at Google. The manufacturers do get charged for the ad, and know merely that 1 person looked at their ad (or more likely several hundred looked at their ad each week/month, the same way that the ads work now).

So what privacy have you given up?

Finally, unlike your other examples, there is no requirement to use Gmail, and no clear benefit to using it over other services except for the specific features it provides - Google's searching through your archived emails. As many have pointed out, there are hundreds of other email providers, and several, including Spymac.com, are offering or will be offering 1 gig storage. If Jefferson could choose the benefits of England's navy, France's navy, Spain's navy, etc., then that would make more sense in your example... But wait, he did, and he chose France, who had terms more acceptable to him.

-T

Re:Lots of ways to get yourself in the GMail datab

[robin_j]

OK fine. So you don't have a GMail account, but what if you send mail to one?

Again I would imagine that it is your concern whom you send mail to, if you don't trust a mail domain then you should not send mail to it. This is valid not matter what domain you are sending to.

If you are going to argue about the sender not being aware of what is going to happen to their mail remeber that's the same when you send to Hotmail or whatever, it's up to you to read the fine print when you send mail to someone.

Re:At least SOMEONE is concerned about this

[wheany]

Around here there are people who think that Microsoft is evil. There are also people who think that Google is evil. These groups might have some overlap.

Slashdot is not a collective mind. You are not the only free thinker.

Crybabies

[lo_fye]

Boo hoo!
Somebody call the whaaaaambulance!

First: If you read the EULA before you checked the box, you'd know about how they're going to use the info. So, it's not an invasion of your privacy. You told them they could do it! You 'signed the contract'.

Second: They're not trying to hide what they're doing AT ALL. They should be commended for that. It's stated right there on the main page.

Third: You should know by now that privacy doesn't exist. If you need to hide something, don't hide it on a cheapass server owned by someone else. Get your own co-located box and encrypt your mofo-email! PGP, baby. Or get a Hushmail account.

Fourth: It really is a genius revenue model. Minimally invasive. Text-ads are acceptable. Unlike Hotmail & Yahoo, Gmail won't have any annoying banner ads or pop-ups. That is awesome.

Re:At least SOMEONE is concerned about this

[mdfst13]

"Microsoft is just trying to make money too. So why then do people around here believe Microsoft is EVIL, when they have the choice to simply use something else (like LINUX)."

Microsoft actively tries to destroy companies that it thinks might interfere with their monopoly. Further, it uses its monopoly position to force deals upon other companies (for example, if you sold *any* PCs with Microsoft OSes, you had to pay a licensing fee even for those machines that did *not* have the Microsoft OS installed). Google has never done anything like this, AFAIK. Microsoft leverages its monopoly by requiring people who accept one piece to accept others (e.g. their EU case). Google offers people the *option* of using this service (and it is possible that they may not be able to offer the *option* in Europe if this is a real limitation; more likely, they will just tweak their service to bring it in line).

It's not making money/not making money. It's living honorably when you're at the top. Google traditionally has; Microsoft traditionally has not.

Re:How can they do this?

[paganizer]

Okay...
it's really simple.
If Intel implants a tracking number in the CPU's, buy AMD.
If A bios manufacturer hard-codes DRM into it's motherboards, don't buy those motherboards.
If (free) Gmail violates your privacy, don't use (free) Gmail.
what exactly is the problem?
has some government come foreward and announced that all citizens MUST use gmail as their only e-mail or something?

Re:Nobody's forcing you...

[InodoroPereyra]

If someone has a problem with the way the advertising is done, then they shouldn't use it. It is not like Google is hiding all of this information from their users. I strongly disagree:

• If Google terms of service violate European law, it is appropriate for Europe based people to complain.
• Google listens. If they are taking a wrong turn, it is wise to let them know.
• So, if a company offers to do something illegal to its customers, do you think the company is untouchable, because you are not forced to be its customer ? This is just nonsense.
• Yes, they are honest, and you can probably trust their current management. But what will happen to your personal data in future under new management ?

It's funny. Your same argument has been used to death by microsofties before: what's wrong with microsoft ? Nobody forces to use their products. Yeah ...

Damn you, Slashdot!

[feidaykin]

I saw that headline and I thought, "OH my god I can sign up already? 1GB here I come!" and bashed gmail.com into my keyboard with great fury in an effort to get my free gigabyte, and what do I see but a FAQ that tells me they are in a closed testing phase.

Dumb slashdot gets me all worked up over nothing. Now granted, I suppose I could do things like, read beyond the headline, but, well, it's slashdot.

Anyway, yeah, privacy complaints, sure. For a service that nobody can use yet. You know, I'd like to register a privacy complaint for Duke Nukem Forver, there's some nasty DRM in that. And I think my sky car is bugged with a hidden camera.

You know, I honestly don't know why I'm even typing this crap. I mean, I'm trying to be funny I guess, but ever since they took the funny karma bonus away, you know, what's the point? The Slashdot FAQ tells me that I have to be smart, not just a smart ass. Well, sorry Taco, I don't know how to do that. So I, like the smartass I am, will now click the "Submit" button, and watch my karma cook!

Re:Not that simple

[Anonymous Coward]

If this is the case, the solution would be to block all IP's with restrictive privacy laws from using gmail and saying they aren't allowed to use it otherwise.

Google's system works on redundancy. That's the only way they can do their thing.

I guess if this is a real snafu the answer is that the Google technology is unsuited for things like email. A blow to google, but personally I'm not interested in gmail anyway.

I would like to see some proof that the datamining algorithm Google uses to parse emails for adwords guarantees anonyminity. I'm pretty sure completely safe datamining is not a reality right now, but it is proven to be theoretically possible. Do people datamine without giving a care about privacy? Oh yeah they do. Should Google do the same just because everyone else does it? I would like to think they shouldn't. They have the ability to make an anonymous algorithm, if they haven't done it the time is just not right to start mining emails.

Re:How can they do this?

[MillionthMonkey]

Okay...
it's really simple.
If Intel implants a tracking number in the CPU's, buy AMD.
If A bios manufacturer hard-codes DRM into it's motherboards, don't buy those motherboards.
If (free) Gmail violates your privacy, don't use (free) Gmail.
what exactly is the problem?

The problem is when-

• All CPU manufacturers include tracking numbers
• All BIOS manufacturers hard-code DRM into their motherboards
• All (free and non-free) web-based mail services violate your privacy

This "vote with your feet" argument works for pizzas, but not markets where there are high barriers to entry. A web-based email system isn't a very good example (who can't code up one of those over a weekend?) but the other two are.

Re:At least SOMEONE is concerned about this

[Richthofen80]

purely benevolent, community-oriented provider of goodness, and started to think of them as a company out to make money

why are the two mutually exclusive? Why can't google make a good service, and be paid for providing that service?

It is not from the benevolence of the butcher, the brewer, or the baker, that we expect our dinner, but from their regard to their own self-interest. We address ourselves, not to their humanity but to their self-love, and never talk to them of our own neccessities but of their advantages."

-- Adam Smith

Re:NSA

[rjelks]

Privacy isn't just an issue of "Big Brother." Identity theft is a real concern here in the US.

"More than 27 million Americans have been victims of identity theft in the last five years, a survey released today by the Government estimated, including nearly 10 million in the last year alone. " (Source: NYTimes, September 3, 2003)

"According to the [2003 FTC] survey, 67 percent of the respondents said their credit card accounts had been misused in the past year. Another 19 percent said thieves had tapped into their checking or savings accounts." (Source: NYTimes, September 3, 2003)

"Around 80% of computer crime is committed by 'insiders'. The 20% that is not done by insiders, manage to steal $100 million by some estimates; $1 billion by others." (Source: Web Crime Statistics. www.intergov.org)

Europe has much stricter privacy laws and as a result, they have much less identity fraud. I'd welcome more restrictions in the US about privacy. The bottom line is, Google does business in Europe, and their privacy statement may conflict with their laws...complaint filed.

-

Re:Tit for Tat

[rainman_bc]

So under your premise then, when you go to MacDonalds, and they have marketing material up on the wall, it's indentured servitude?

You're using Google's servers FOR FREE. You are in their place of business. Seems perfectly normal to me that they would show you an ad by using keywords in your email. Better that than seeing an X10 or Casino ad popup every time you browse a page.

You must have learned this term in school and have been dying to use it for a month now. Your point is not very pragmatic.

Re:At least SOMEONE is concerned about this

[Catbeller]

Repeat after me, We are all free thinkers...

So, if... we do question Google's future use of private information... we are... groupthinkers? And if we don't, we are... free thinkers! Got it. Thanks. Free is good, groupthink bad.

Slavery is freedom, ignorance is strength, up is down, we are saving Iraq for noble purposes...

It's because they know your search history

[seaton carew]

...and can link it to YOU as soon as you "register" for Gmail.

I felt pretty dumb, having given them my prime email address (myfirstname@mylastname.net), then realising afterwards that through the magic everlasting cookie I had just enabled Google to link every search I had ever done back to ME personally. Like, DUH!
Heck, I don't even know what "interesting" data might be in there, but seeing as it's about ME, I damn well ought to be able to get access to it (under UK law).

More here [google-watch.org].

That is what people are getting annoyed about - not the email service itself, just the registration process.

Re:At least SOMEONE is concerned about this

[Anonymous Coward]

Microsoft is just trying to make money too. So why then do people around here believe Microsoft is EVIL, when they have the choice to simply use something else (like LINUX).

Thank you for helping me illustrate Slashdot duplicity. Around here, some companies with dubious policies that make money are good, but certain other companies with dubious policies that make money are bad.

You're seeing the world in black and white, which is a fool's view.

Obviously if one company is "just trying to make money" and there are free alternatives, that doesn't mean the company is evil.

However, if the company is trying to make money by selling baby-skin purses, and the alternative is to use a synthetic leather purse, then I think it's safe to say the company is evil.

Repeat after me: it is quite possible to try to make money without being evil, and it is also possible to be evil without trying to make money. The two are unconnected.

See? It is not contradictory to think Microsoft are evil and Google not evil.

Re:How can they do this?

[throughthewire]

...you can generally be more confident that this information is more transient than it will be on the Gmail system

Confident? That's a very dangerous assumption if you're that concerned about your privacy. I maintain quite a few corporate e-mail systems, and one of the biggest problems is convincing people to delete anything - even crap. It's not uncommon for the executives to have mailboxes which exceed 1GB.

I have every business email I have sent or received in the last six years. My assumption is that every email I send is more than likely still out there.

Don't want your messages to be readable by the 'wrong' people? Encrypt 'em real good, or don't use email.

"Don't send anything over email that you wouldn't want published on the front page of USA Today." [albion.com]

Re:PGP anyone?

[Bitseeker]

That's exactly the problem on two fronts:

1. User's seem to think email is private. It's nothing more than an electronic postcard. Who in the general public thinks a postcard is private?
2. Why don't email clients have built-in PGP/GnuPG? It should be completely transparent to users and just work in order to get everyone to use it.

Re:Lots of ways to get yourself in the GMail datab

[Octagon Most]

"OK fine. So you don't have a GMail account, but what if you send mail to one?"

Additionally, it won't actually be that easy to tell if you are sending to a gmail.com domain. For example I own my own domain and simply redirect email to my ISP email account rather than pay for email hosting. So if you send email to any of my email addresses (something @ mydomain.com) you have no idea where it is actually going. Not currently to any webmail service, but in the future, who knows?

Re:Tit for Tat

[William Tanksley]

But nobody's giving up privacy -- we're talking about a company that publicly states that it does what every mail server has to do as a matter of course.

Yes, they parse your email. That's part of SMTP (HELO, mcfly). They store it; that's part of webmail. They go through it; that's part of syntax highlighting. They index it; that's part of search capability. They may not wipe it out when you delete it; that's part of the cost of a distributed system.

Google isn't the only one that does ANY of this; all of the others do as well, including your ISP and _certainly_ including the big webmail providers (because they ALSO throw in advertising). The difference is that Google tells you EXACTLY what they're doing.

This is honesty, plain and simple. They should be rewarded for it.

-Billy

Re:How can they do this?

[jarich]

It's very different.

You pay money for your CPU and this service is free.

I take great exception to someone tracking me and having me pay for the technology. (I know, but let's ignore my ISP for the moment).

But if someone wants to provide a free service, then you get what you pay for. Be sure you read the terms of service. If you don't like it, use something else.

Intel put their tracking into something you paid $$ for. That's different.