Google says people can’t expect privacy when sending to Gmail

Google says Gmail users can't expect privacy

Gmail privacy. Image courtesy of ShutterstockIf you care about privacy, it’s time to drop Google.

That’s what Consumer Watchdog is recommending following Google’s admission that people shouldn’t expect privacy when they send messages to a Gmail account, any more than people would were they to send a business letter that could be opened by an assistant.

Here’s how Google put it in on Page 19 of a brief filed recently in federal court [PDF] and reported on by Consumer Watchdog, a US consumer advocacy group, on Monday:

"Just as a sender of a letter to a business colleague cannot be surprised that the recipient's assistant opens the letter, people who use web-based email today cannot be surprised if their emails are processed by the recipient's [email provider] in the course of delivery.

"Indeed, 'a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.'"

The brief was a motion to dismiss, which Google filed in connection with a class action suit over its automatic scanning of email.

Plaintiffs in the class action suit contend that Google’s automated data mining is an illegal interception of their electronic communications, without their consent, that violates federal and state wiretap laws.

Google uses this automated scanning both to filter out spam and to serve up targeted advertising to users.

The company contends that anybody who uses its services has consented to the scanning, in exchange for the email services.

Google points out that courts have determined that all email users, in like fashion, “necessarily give implied consent to the automated processing of their emails.”

In the brief, Google cites Smith v. Maryland, a 1979 Supreme Court decision that upheld the collection of electronic communications without a warrant – specifically, information collected off of a pen register installed at a telephone company’s central offices.

Consumer Watchdog has posted the court papers for the suit here, albeit in highly redacted form.

Gmail privacy court doc

Consumer Watchdog called Google’s statement a “stunning admission” and warned people who cared about their privacy not to use Gmail.

John M. Simpson, Consumer Watchdog’s Privacy Project director, said in the group’s news release that comparing email to a business letter is a “wrong-headed analogy”. Really, when users send email, they expect their privacy to be on par with using the postal system:

"I expect the Post Office to deliver the letter based on the address written on the envelope. I don't expect the mail carrier to open my letter and read it.

"Similarly when I send an email, I expect it to be delivered to the intended recipient with a Gmail account based on the email address; why would I expect its content will be intercepted by Google and read?"

Google and privacy have made uneasy bedmates – a situation exacerbated when Google changed its privacy policy in January 2012, collapsing the walls that kept data from its different offerings discrete, as it explained in a blogpost:

"Our new Privacy Policy makes clear that, if you're signed in, we may combine information you've provided from one service with information from other services.

"In short, we'll treat you as a single user across all our products, which will mean a simpler, more intuitive Google experience."

Ten months later, EU regulators responded, asking Google to shape up the new privacy policy, which most of them found too vague and too tough for users to opt out of.

Google has defended its handling of customers’ email data in the past. Here’s what it said earlier this year in a statement to CNET:

"We work hard to make sure that ads are safe, unobtrusive and relevant. No humans read your e-mail or Google account information in order to show you advertisements or related information."

Google spyEmail privacy, of course, has taken on marked attention in the wake of reports of US surveillance by the National Security Agency, on top of both the business suicide of encrypted email provider Lavabit and the pre-emptive closure of encrypted email service Silent Circle – both done to avoid government seizure of email data.

Giving up the Google habit is hard, but doable. If the idea of going Google-free appeals, I suggest reading the story of Tom Henderson’s Google divorce for a blueprint of how one man did it.

Is Google’s statement that users can expect no privacy the last straw for you, privacy-wise?

Please do let us know, one way or the other, in the comments below.

Image of binocular view and spy courtesy of Shutterstock.