Google: Gmail users have no ‘legitimate expectation’ of privacy

By on


Those who fear the Google machine, get ready to be more scared at the search engine. In a recent filing unearthed by a California-based consumer advocacy group Consumer Watchdog, Google has said that users should never expect that their communications should be kept private – ever.

The comments were made in a brief by Google in its application to dismiss a class action lawsuit against them.

According to the filing:

Just as a sender of a letter to a business colleague cannot be surprised that the recipient’s assistant opens the letter, people who use Web-based email today cannot be surprised if their emails are processed by the recipient’s [email provider] in the course of delivery,” Google lawyers wrote in their brief. Indeed, ‘a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.”

Basically, Google says that any email that goes through its server (via Gmail only, assuming there is a higher level of privacy on Google Apps) could be processed for whatever they want – such as ad delivery.

They also note that it would, apparently, make it a crime to offer basic filtering options like search if it wasn’t dismissed:

In practice, plaintiffs’ theory would prevent ECS providers from providing a host of normal services that Congress could not possibly have intended to criminalize as an illegal interception. For example, an ECS provider could not allow users to sort their emails using automated filters because any such system would require scanning the contents of the emails being delivered to the user, thus running afoul of plaintiffs’ theory. Nor could an ECS provider provide even basic features like allowing users to search their own emails for particular key terms because doing so would, again, involve the scanning of email content.

Consumer Watchdog, however, says that it reveals that Google doesn’t care about user privacy. Its Privacy Project director, John Simpson, said in a statement, “Google’s brief uses a wrong-headed analogy; sending an email is like giving a letter to the Post Office.”

“I expect the Post Office to deliver the letter based on the address written on the envelope.  I don’t expect the mail carrier to open my letter and read it.  Similarly when I send an email, I expect it to be delivered to the intended recipient with a Gmail account based on the email address; why would I expect its content will be intercepted by Google and read?”

In light of the NSA spying programs, it is a bit worrying to hear Google say that you shouldn’t expect a “legitimate expectation” of privacy. Yes, we give them the data – but I think many people assume that it will only be used within Google (or within a particular company). But, if this was given to a third-party without permission or given to law enforcement without due process, then that would be a massive breach of trust.

As Google says, they need access to your data to do basic things such as search – however, it needs to be a reasonable amount. I’m fine for them to read the headers to determine if it is spam or not, but is it alright for them to scan emails to deliver contextual advertising?

So, do you trust Google?

via Gizmodo, RT

Join the Conversation

  • Vintuitive

    Why are GMail users surprised by this? You read the ULA before signing up to the service, right? Every GMail user said they were OK with giving up their privacy when they clicked “agree”.

  • Postulative

    Do I trust Google? No, but I know that they have challenged federal attempts to look at my stuff on my behalf. I do know they look at my stuff, but they do that in the context of targeting ads at me.

    Do I like it? No. But if it’s not Google it’s Apple. Or Microsoft. Or Larry Ellison over at Oracle. The only one of those three who has expressed concern about the NSA’s programs is Microsoft – but according to the NSA Skype stuff wasn’t available until MS bought Skype. Larry Ellison thinks he’s a patriot by telling users to shut up and hand over their data, while Apple has not challenged any orders for user data.

    So no, I don’t like what Google has said here, but it is totally in context with what I know of them. Of course, it makes for a lovely story – but that doesn’t make it shocking. And the fact that they have gone “over and above” what they really need is unsurprising in a court case – you wouldn’t expect anyone to say “well we only really need this, and that little bit, and…”, and box themselves into something unnecessarily.

    Get over it – there is no story here.

  • simon gray

    I’m beginning to worry about Google – it just doesn’t seem to be taking my security as seriously as I would expect it to. I think that Google also doesn’t take browser security seriously. Unlike firefox, there is no master password option, and passwords are easily revealed if a user lets chrome browser remember passwords. There is no way to turn this off on a shared computer, other than turning off remember passwords. Until recently chrome was my browser of choice – now it has to be firefox.

  • Is paid Google Apps mail for business open to data miners as

  • Jon

    well put it this way, you don’t pay for the service so why not put ads in they need to make money. Might I also point out if your emails need major security you would not use a free web based email account.. Anything free must be pay by other means.

    • Geekcheek

      The moto is: Pay…Pay…Pay until you turn blue.