Should we care if Google reads our emails?
Opinion: Google automatically parses your private emails to better target you with ads. This act is the subject of a US class action
Google HQ in Dublin: “We take our users’ privacy and security very seriously; recent reports claiming otherwise are simply untrue.” Photograph: Cyril Byrne
How private do you expect your emails to be?
Most of us would surely insist they should be completely private, the contents visible only to the sender and the recipient. Google, provider of free email service Gmail to 425 million people, thinks otherwise.
According to a recent American court filing by Google lawyers, disclosed by consumer advocacy group Consumer Watchdog, Google says those who send email to users of web email services such as Gmail have no right to expect that email content will not be examined by a third – in this case, automated – party.
In its filing in response to a consumer class-action lawsuit that states Google routinely violates user privacy, the company argues, “Just as a sender of a letter to a business colleague cannot be surprised that the recipient’s assistant opens the letter, people who use web-based email today cannot be surprised if their communications are processed by the recipient’s [email] provider in the course of delivery.”
Google then quotes the findings in a 1979, pre-internet era case that refers to postal correspondence: “Indeed, ‘a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties’.”
As yet another Google-related privacy brouhaha erupted over the disclosure, the company was quick to respond – in a statement notable for its opacity: “We take our users’ privacy and security very seriously; recent reports claiming otherwise are simply untrue. We have built industry-leading security and privacy features into Gmail – and no matter who sends an email to a Gmail user, those protections apply.”
But here, Gmail’s “industry-leading security and privacy features” are not at all the issue, just as most reasonably sentient people who use email would acknowledge – in contrast to Google lawyers – that an email is not at all like a handwritten letter mailed in a sealed envelope and processed by the post office.
Indeed, those Gmail security and privacy features are there to ensure that no third party, similar to a letter-reading “recipient’s assistant”, can read your email without you giving them permission, your account username and your password.
Tampering with the post
A more analogous comparison would be an argument that, because we choose to post a letter, we have no reasonable expectation that An Post would not open and read the letter and use its contents to, say, send us advertisement enclosures on behalf of a client. Letter-senders would be outraged at such an idea – and An Post would be in violation of data protection and privacy laws.
The issue at the heart of the US lawsuit is whether Google is violating a user’s privacy for essentially doing just that – but in an automated way. The broader issue is whether you or I care – or should care – that smart software somewhere in Google’s vast server farms “reads” our Gmail and then serves up advertisements that correlate to keywords in those emails. And that this practice is being expanded in new ways, aggregating data we provide across other Google services.