Print 55 comment(s) - last by nafhan.. on Apr 17 at 11:36 AM

Google says that Gmail users consented to scanning and practice is part of the normal delivery process

Google has updated its Terms of Service (TOS) to fully disclose to users that their incoming and outgoing emails are automatically analyzed using software. The software is analyzing the emails to create targeted ads that can be served to the user.
Google's TOS reveal that emails are scanned when they are stored on Google services and when in transit.
Google is currently fighting in court on allegations of violating the privacy of hundreds of millions of users. Courts in the U.S. decided last month not to combine several suits into a class action against Google.

Some Gmail users believe that Google is violating state and federal laws with its email scanning practices. Google continues to argue that users of Gmail consented to the activity and that it is part of the normal email delivery process.
The update terms of service spell this out more specifically. The new update reads:
Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.
Google spokesman Matt Kallman said Google's changes, "will give people even greater clarity and are based on feedback we've received over the last few months."

Sources: Reuters, Google

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By Da W on 4/15/2014 9:52:07 AM , Rating: 2
Mark my words, the beginning of the fall of Google begins here.

RE: Fail
By lifewatcher on 4/15/2014 10:23:50 AM , Rating: 2
Only if we do something about it. If most of us do our normal shrug-thing and move on, the "fail" is ours.

Now that the stupid "Do no evil" mask is down, Google has been getting more and more arrogant by the minute...

RE: Fail
By nafhan on 4/15/2014 11:05:43 AM , Rating: 2
Not saying doing this is a good thing, but disclosing what they've been doing all along doesn't seem like a bad thing to me...

I'm also curious: what kind of privacy are you expecting out of free, ad supported web based email - whether it's from Google, MS, or Yahoo?

RE: Fail
By lifewatcher on 4/15/2014 11:38:19 AM , Rating: 2
No. This is not OK, as this is nothing short of bait-and-switch. While you could just move to another email provider, all your contacts will have to be updated with your new address, including credit card statements, blogs, etc. It's a nasty way of doing business. Because of stuff like this, my phone will never again be android-based, as long as I can chose a lesser evil.

RE: Fail
By nafhan on 4/15/2014 12:01:53 PM , Rating: 1
Ah, so you were under the impression they were not providing contextual ads or "scanning" emails. Again, why you were using a free webmail provider for that kind of thing if you had those concerns is beyond me. Also, I never said any of that was OK, but I do think that believing data sent through a third party for free will provide you with some kind of security blanket is ridiculous.

As far as the phone thing goes, if you just pick "not Android" for your smartphone, you're not getting a lesser evil, you're getting a similar, but differently branded "evil". To really get a lesser evil, your only real option (presently) is to stay with Android, but root it and avoid Google's services, and that's going to take some work on your part.

RE: Fail
By GotThumbs on 4/15/2014 12:24:34 PM , Rating: 2
is nothing short of bait-and-switch

Dude, How much have you PAID out of your pocket to Google, for the services you've used?

Just ask for your money back and go elsewhere for your services and products.

RE: Fail
By sprockkets on 4/15/2014 6:06:27 PM , Rating: 1
FYI, Microsoft did it too , and dropped it only with the intro of, and even then, probably because it would look dumb when they attacked google for it.

RE: Fail
By GotThumbs on 4/15/2014 11:54:03 AM , Rating: 1
Apparently there are still more stupid/ignorant people out there who still didn't understand you don't get stuff for free.

The support systems, data sites, developers that Google uses to provide their services (at no charge) cost money to run.

Googles services cost money and unless people want an option to pay a monthly/yearly fee (like Office 365) for those services, then they should simply SHUT UP!

I'm so tired of the idiots who bash Google about the trade of using their FREE Services.

Don't like the trade of free use for targeted marketing ADs? Then don't use the products.

Simply move on and start paying for the services you use.

RE: Fail
By idiot77 on 4/15/2014 11:59:59 AM , Rating: 2
I for one would happily consider paying for Gservices for a fee if they promise not to spy on me or sell information. Maybe a small premium if they agree not to aide the government.

RE: Fail
By GotThumbs on 4/15/2014 12:20:04 PM , Rating: 1
Spy on you?

How so? Give us an example where Google sifted through your emails and stole an idea or emailed you about any of your activities on the web.

It's all done for AD targeting. What else do you think its done for?

I'd really like to know.

Google's computers simply analyse your habits and targets AD's based on your activities, sites visited and email content.

No one person is scrolling through your files/stuff.

You must be thinking of the NSA?

RE: Fail
By nafhan on 4/15/2014 12:17:54 PM , Rating: 2
The monthly fee will make the ads go away, but it's not buying you any privacy. MS/Google/etc. are usually keeping track of the same info either way.

I'm mentioning this because there seems to be a disconnect here. Being a web services customer now is not the same as buying software was a decade ago, but a lot of people seem to think it's the same. You don't own the software and you don't (generally) have control over your data.

If you aren't keeping your data on your machines, there's a good chance someone could be looking at it, and you should consider that to be the case.

RE: Fail
By GotThumbs on 4/15/2014 12:29:47 PM , Rating: 2
If you aren't keeping your data on your machines, there's a good chance someone could be looking at it

I'd say thats kind of a no-brainer.

The only 100% way to protect your self is stay off the web and never step outside your home.

There is always a certain amount of risk one takes on the web and in life.

~Best wishes,

RE: Fail
By nafhan on 4/15/2014 1:15:56 PM , Rating: 2
The only 100% way to protect your self is stay off the web and never step outside your home.
Well that's true... it doesn't have much do with what I said. Webmail isn't terribly private, and there are easy to use alternatives far short of staying off the internet. Please dispute that if you disagree rather than throwing pointless comparisons at me.

RE: Fail
By NellyFromMA on 4/15/2014 1:28:43 PM , Rating: 3
That's the whole problem right there:

You're equating privacy with price by default. Ten years of Google eroding your expectation to privacy can do that.

Just because someone expects privacy (our constitutional right) when they are not told they are an open-book to a service of course does not mean they are out-of-line their thought process, as most cloud-centric service vendors would like to suggest.

Show me all the ads you want for your free service. The frequency and execution of those ads will determine whether I seek an alternative or stay put. Just don't go reading all my personal messages and reading into all my subtle actions in order to develop a psychological profile that can be used to generalize the type of person I am and re-use that profile for other monetary gains.

When I use a service, I shouldn't have to assume the above is taking place; I should know it isn't. That's the digital environment I'd like to be a part of at least.

RE: Fail
By Solandri on 4/15/2014 3:07:16 PM , Rating: 2
That's the whole problem right there: You're equating privacy with price by default. Ten years of Google eroding your expectation to privacy can do that.

No, the problem is people even expecting their email to be private in the first place. Email is sent as cleartext. Anyone with admin privileges or direct access to any of the networks it crosses as it goes from your computer to the recipient's can read it. We old fogies who were on the Internet back in the ARPANET days had a saying: Your email is not like a letter in a sealed envelope, it's like a postcard which anyone who glances at can read. Google didn't erode anything; it's always been this way.

When I use a service, I shouldn't have to assume the above is taking place; I should know it isn't. That's the digital environment I'd like to be a part of at least.

You absolutely should assume it's taking place with anything you send as email, any browsing you do on a non-SSL site, any texts you send, any photos you upload, etc. Because those are all sent as cleartext. Literally anybody who bothers to snoop can grab that data and do whatever they want with it. At least Google et al have the decency to tell you they're doing it to feed you targeted ads.

If anything, Google has made email more private by forcing https to be used when you use their service. Before they did that, anyone between you and a webmail server (e.g. your ISP, someone working at the upstream network trunks, your neighbor stealing wifi from you) could watch your network packets and read your email. Most other webmail services emulated Google after it did that, and made their mail access SSL-only too. This was probably the biggest improvement to email privacy in the history of the Internet, and Google was the one who kicked it off.

If you want your email to be completely private, you need to use something like PGP to encrypt your mails. The catch being that the recipient also has to use PGP. After that, the most secure common form of email is actually from a gmail account to a gmail account. Both ends of those emails are SSL encrypted so only you and the recipient can read the network traffic. Google is the only other party who can read the mails, and their policy is to only have a computer algorithm read it for ads, not a person.

RE: Fail
By NellyFromMA on 4/16/2014 10:13:03 AM , Rating: 2
I tend to agree with you more often than not, but I'm going to have to offer some idealism and also disagree a bit.

I don't think its reasonable to say that everyone who uses the internet should understand all the ins and outs of how it works. That expectation is unrealistic in the same way most people don't even understand how their car works let alone how to maintain it.

With that said, I wholeheartedly believe they SHOULD know that. But, the realist in me knows that trying to operate on the assumption that everyone knows that their communications transmit clear-text is just way above where US citizens knowledge level is at. I believe education is key to the betterment of all things, but realistically, that's just not happening.

Look at all Edward Snowden (love him or hate him) has revealed about our regular digital privacy invasions. Now ask someone a question about privacy expectancy. Generally speaking, the community at large knows nothing about secure comms and its my opinion that if even 50% of teenagers and adults ever do know about this in any appreciable detail in the next decade, that would be a welcome miracle.

No, rather, I think we have a reasonable expectancy that our privacy will be respected, and if our government spent time ensuring the protection of our rights instead of the violation of them, we could feel ensures somewhat to protection instead of have to assume the worst.

Of course, you should conduct yourself carefully and now that we are on this path its clear there will never be any comfort in our expectancy to privacy.

I just don't think that's a good enough reason to not fight for it though. If it's going to be taken away from me, personally, I will yell loud about it. I will make it difficult.

I am quite technical and understand all of what you have said. I can handle doing those things just fine to the extent that I feel it is worth it, which is not at all.

I should have to act as a spy to get the rights entitled to me as a citizen of America. I have nothing to hide. I just don't think that should implicitly mean I am an open book.

My ideal is that people will become upset enough about their privacy being violated that they will stand up and say something about it in appreciable numbers. That may be far too unrealistic, but that's the idealism coming out now. It can't happen if people aren't passionate about it.

RE: Fail
By nafhan on 4/15/2014 3:35:05 PM , Rating: 2
Which country do you live in that has a constitutional right to privacy? As this is a US based website, using the word "our" might confuse some people.

RE: Fail
By NellyFromMA on 4/16/2014 10:13:37 AM , Rating: 2

RE: Fail
By NellyFromMA on 4/16/2014 10:14:20 AM , Rating: 2
Not implying you don't know this, but for reference:

RE: Fail
By nafhan on 4/17/2014 10:31:35 AM , Rating: 2
The fourth amendment limits the governments ability to engage in unlawful search or seizure. This does a lot to protect your privacy, but it's not a "right to privacy". More relevant to the discussion here: the fourth amendment is clearly about interactions between citizens and the government.

The NSA scanning your email may be a fourth amendment issue. Google/MS/Yahoo scanning your email for indexing or advertising purposes, is not.

RE: Fail
By DT_Reader on 4/15/2014 6:58:51 PM , Rating: 2
That's not the point. These lawsuits are misguided: it's not what privacy Gmail users expect, it's what privacy the non-Gmail people they get email from expect - especially since those folks have not agreed to Google's Terms and Conditions.

RE: Fail
By retrospooty on 4/15/14, Rating: 0
RE: Fail
By GotThumbs on 4/15/2014 12:21:51 PM , Rating: 2
Only if we do something about it.


Don't use any Googles services/products.

Next you want me to solve the ACA issue?

Many things are not that hard to solve, you just have to get your head out of the sand IMO.

~Best wishes,

RE: Fail
By DNAgent on 4/15/2014 10:49:22 AM , Rating: 3
How can it be the beginning of the fall? They've been doing this all along, they're just *telling* us about it now.

RE: Fail
By inighthawki on 4/15/2014 11:47:25 AM , Rating: 2
The NSA did stuff for years before the Snowden leaks, but it wasn't a controversy until after it was exposed.

That said, though, I highly doubt this will have an impact at all. As long as you sign up for a free service, you accept their terms of service.

RE: Fail
By Da W on 4/15/2014 12:01:40 PM , Rating: 2
Cause people are getting aware of it now.
Somewhere, somehow, a competitor will offer an alternative that protects privacy. I'd be willing to pay for that.

Microsoft, for one, doesn't rely on advertising as much as Google. Heck since you need a MS id for office 365 (paid), xbox live, xbox music, to log in to windows 8... they to could do without advertising and scaning e-mails and still make money if they chose to.

RE: Fail
By Reclaimer77 on 4/15/2014 5:55:05 PM , Rating: 2
Somewhere, somehow, a competitor will offer an alternative that protects privacy. I'd be willing to pay for that.

What the...

That exists NOW!

RE: Fail
By SpartanJet on 4/15/2014 10:53:30 AM , Rating: 3
Ive done something about it, I'm gogle free now and I don't miss any of it. Nothing is free hopefully people see that now.

RE: Fail
By chrnochime on 4/15/2014 10:57:46 AM , Rating: 2
What do you use instead then?

RE: Fail
By Motoman on 4/15/2014 1:01:35 PM , Rating: 2
It's not hard. Just don't have accounts with such "free" services as Gmail or Facebook, and then you're not wh0ring yourself to the corporations.

You can use the email service provided by your ISP. Or by some other non-giant data mining corporation. Maybe like these guys, that I just found randomly with a search:

It's actually very, very easy to simply not use any of the giant super-popular services that mine you for your identity.

RE: Fail
By nafhan on 4/15/2014 2:18:54 PM , Rating: 2
So... other than not having some ads displayed alongside your email, what does this actually get you?

RE: Fail
By Motoman on 4/15/2014 5:46:36 PM , Rating: 2
It actually gets you not having Google et al using you as their product. Which is the point.

RE: Fail
By nafhan on 4/15/2014 6:13:21 PM , Rating: 2
You're not leaving me convinced that you actually have any legit reasons. It seems like if you're going to get away from Google, you'd want to get away from Google and away from similar companies and services - not get away just to start using a similar service.

RE: Fail
By Motoman on 4/15/2014 7:52:41 PM , Rating: 2

There are alternatives to using Gmail that won't data mine you. You can use non-Google search engines, and/or run in private mode - and especially, don't have a Google/Yahoo/whatever account and be logged in while searching. Don't have to use FB at all. Or Twitter. Or Pinterest. Or...whatever.

It's not hard to avoid being a service to the big corporations. You just have to not do it. Pretty much that easy.

RE: Fail
By nafhan on 4/16/2014 9:36:45 AM , Rating: 2
So, avoiding data mining and collection of your own information is your reason. In the post before that you said avoiding Google was your reason.

Still, if you're using free services, you're getting "data mined". It's just going to be (allegedly) less personally identifiable. In fact, it may or may not be. That will end up depending on which services you use and how they communicate and share information with each other.

I'm not 100% certain that small corporations = trustworthy...

RE: Fail
By Motoman on 4/16/2014 11:34:16 AM , Rating: 2
You should revisit your ESL courses. I did not say "avoiding Google" was my reason. I said "Google et al" - which, if you were literate, you'd be aware means "Google and all others like them."

There are lots of services out there that publicly state in their terms that they *do not* mine your data. Which is 180 degrees separated from Google, which promises you that they *do* mine your data. And if, in fact, one of those other companies does wind up mining your data, you can take legal action against them because they would have been violating the terms of their contract with you.

As opposed to Google et al - who are telling you up front that they're using you as their product, and when you're too stupid to realize that means you shouldn't be their product, you have no legal recourse against them - because you abdicated those rights by agreeing to their terms when you became their product.

Smarts. You should try to get some.

RE: Fail
By nafhan on 4/17/2014 11:36:57 AM , Rating: 2
Trying to insult someone by claiming that they are illiterate and can't speak English on a text only, English, communication medium. That comes across as kind of pathetic, honestly.

Back to the actual discussion, you'll happily pick a random third party based out of India (Zoho), and trust them with your email because they promise not to engage in data mining, and you can sue them or something.

On one hand, I'm curious how you plan to go about making sure the company you randomly select off the internet doesn't mine your data. On the other hand, I'm I wondering how much experience you have with the Indian legal system. From what I hear they tend to bend over backwards for a-hole Americans trying to get money out of them due to IP law issues.

RE: Fail
By Solandri on 4/15/2014 3:43:50 PM , Rating: 2
You can use the email service provided by your ISP. Or by some other non-giant data mining corporation.

That actually decreases your email's privacy, because email is sent as cleartext. Your email goes through three network transmissions before the recipient can read it:

your computer -> your mail server (e.g. gmail)
your mail server -> recipient's mail server
recipient's mail server -> recipient's computer

All of these are normally done in cleartext, meaning anyone with access to any of those networks can read your email.

Google dropped support for non-SSL connections to mail services about a decade ago. The only way to transmit mail between your computer and gmail's servers is with SSL encryption. A lot of the bigger webmail services followed in Google's footsteps and made their service https-only (Yahoo finally did it this year). Most of the smaller ones haven't because while the extra CPU usage of a single SSL connection is not much, the extra CPU usage of thousands or millions of SSL connections is pretty substantial. If the webmail portal at your ISP is not https or you do not use SSL with their POP/IMAP service, then anyone between you and the ISP's mail servers can read your mail.

Requiring SSL secures the first step in the above chain (assuming you use gmail). If the recipient also uses gmail or another SSL-only service, this secures the last third step. If the email is gmail-to-gmail, your mail is as good as completely private (except from Google) because there is no second step. If your email is gmail-to-yahoo, the first and third steps are secure, but the second step is not (gmail's servers communicate with yahoo's servers in cleartext because that's what the Internet email spec calls for).

For the second step, it's the number of network hops which counts, since that represents how many networks your cleartext email crosses. The big services like gmail and yahoo tend to use big upstream providers with direct peering agreements, so your cleartext mail has to cross fewer networks. The smaller ones like your local ISP or cable company tend to use lower stream providers, meaning more hops before your mail gets to its destination. Each hop is yet another network where a bored or corrupt employee could be reading your emails.

So it's not really a choice between a giant data-mining corporation, and no data-mining corporation. It's a choice between a giant data-mining corporation, and who the h*ll knows who is reading your emails. (And when you send email from a gmail account to anything other than a gmail account, it's still who the h*ll knows who is reading your emails. Just less so that if you weren't using gmail or yahoo or hotmail.)

RE: Fail
By Motoman on 4/15/2014 5:49:28 PM , Rating: 2
Not all small email services are cleartext - anyone can buy an SSL cert, and as far as that goes, even if you're using Gmail, you have the same theoretical risk if the person on the other end isn't using SSL.

On the other hand, someone illicitly picking up your emails is likely guilty of wiretapping, or some other applicable offense, and you can prosecute them. What Google et al are doing is perfectly legal - your only recourse is to not let their services use you.

RE: Fail
By atechfan on 4/15/2014 1:40:20 PM , Rating: 2
The only Google service I use regularly is Youtube. There really is no one else even close in that category.

RE: Fail
By KCjoker on 4/15/2014 6:20:59 PM , Rating: 2
Same here...bye bye Google.

RE: Fail
By amanojaku on 4/15/2014 11:41:32 AM , Rating: 4
I'm not so sure about that. As others have pointed out, all of the free providers do this. Ads are how they pay for all that infrastructure, and there's no better ad than a targeted ad. People will continue to allow access to their data and receive ads as long as it means free service.

Additionally, Google isn't the NSA, CIA or MI6. Google doesn't have people reading your mail. It won't punish you for having objectionable email content.

Besides, you had to have known that providers were scanning email. How else do they create spam filters?

RE: Fail
By Motoman on 4/15/2014 12:38:29 PM , Rating: 2
The fall started long ago - you were just too stupid to realize it.

Google et al have *always* been doing this. It's the one and only reason why anyone would provide such free services. Google, Yahoo, Facebook, MySpace, Instagram, Twitter, so on and so forth.

If you think you're using those free're wrong. Those "free" services are using *you.*

RE: Fail
By atechfan on 4/15/2014 1:36:55 PM , Rating: 2
I doubt it. Most people don't seem to care. They happily give everything about themselves to Facebook. I doubt Google being more forthcoming about privacy issues is going to scare the average person away from "free".

If you are talking government intervention, then no, I don't want that. I am not a Google fan, but I hate over-regulation. Let the people vote with their wallet.

RE: Fail
By Nyanyanya on 4/15/2014 8:46:31 PM , Rating: 2
I'd rather Google keep doing this and offering my gmail for free, than use any of the other competing email providers.

bigger brother
By GulWestfale on 4/15/2014 9:54:24 AM , Rating: 2
between this and the acquisition of drone makers it seems that google and facebook are in a race to see who can be the biggest brother of them all... and then turn over the data to the NSA.

RE: bigger brother
By fatedtodie on 4/15/14, Rating: 0
RE: bigger brother
By GulWestfale on 4/15/2014 11:17:46 AM , Rating: 2
i have read the book, and i think what you fail to see wit the current situation is that the collecting of huge amounts of data allows the ones in control to steer public opinion, discredit dissent, and make sure that the current structures of power never change. call it what you will, but they are all just different names for fascism.

RE: bigger brother
By fatedtodie on 4/15/2014 1:35:49 PM , Rating: 1
Actually it was about Communism, but I assume you do not know the difference between the two.

RE: bigger brother
By Solandri on 4/15/2014 3:50:37 PM , Rating: 2
I'd say Huxley's Brave New World was more accurate than Orwell's 1984. In Brave New World, the people are complete tools of the government (substitute corporate overseers if you wish), and they like it.

RE: bigger brother
By fatedtodie on 4/15/2014 4:12:44 PM , Rating: 1
... if you want to go to the Source material that both books borrowed from, go to Yergemy Zamyatin's "We". It shows a more fundamental control the government has, even over names.

But this is a digression of the point that the OP was trying to sound smart and ended up misusing the material, which made him not look smart at all.

But it is nice to see some well read posters.

RE: bigger brother
By mgilbert on 4/15/2014 11:42:33 AM , Rating: 2
I've read the book, and I think you missed the point. Yes, the book was about controlling what people think, but that was just the one example the author chose to represent government abuse in any and all forms. The book is about government intrusion and abuse in any and all forms - and there is plenty of that today.

RE: bigger brother
By fatedtodie on 4/15/2014 1:39:01 PM , Rating: 2
I also remember the book making a huge point about the government waiting until you change your mind back to what they want before killing you. Where in your misreading of the book does that fit with Google and your other conspiracy partners?

Better news would be
By synapse46 on 4/15/2014 10:50:07 AM , Rating: 3
What service doesn't scan your email for ad content, or for other purposes...

What's the big deal?
By cwolf78 on 4/15/2014 3:45:31 PM , Rating: 1
I like Google scanning my e-mails. That they do this was already spelled out in the original ToS. This feature has uses beyond ads such as improved spam filtering and phishing filtering (by being able to scan the entire body of the e-mail instead of just the headers.) And as far as the ads, I run AdBlockPlus so no sweat off my back... and Gmail is free with a ton of useful features.

"We don't know how to make a $500 computer that's not a piece of junk." -- Apple CEO Steve Jobs
Related Articles
Google: Yes, we "Read" Your Gmail
August 15, 2013, 3:30 PM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki