-------- Original Message -------- Subject: Opposing view of Gmail issues (Cypherpunk tie in) Date: Sun, 25 Apr 2004 13:11:53 -0500 (CDT) From: J.A. Terranson <measl@private> To: Declan McCullagh <declan@private> References: <4087CD30.5020800@private> Good Afternoon Declan, As with much of the online community, I have been discussing this topic since it was announced by Google, and until recently, I was also of the opinion that this was a simple contractual choice between the user of Gmail and Google. My opinion was altered by a gentleman in England, who used the following story to illustrate his point: When Google released their toolbar, he, like most of us, installed it. What was different was that he installed it with all of the advanced features (including the tracking options, which Google goes out of their way to make crystal clear *is* tracking software). He reasoning was similar to the thoughts you expressed below: he had nothing to hide, he believed Google really was stripping identity data from their observations of his browsing habits, and he did not mind having them "watch". One day he had a firewall issue when trying to retrieve a file, and the person who was hosting it offered to put it on a "private" (i.e., unlinked) page for him to grab over HTTP. He accepted, downloaded the document, and promptly forgot about it - until this document, which had extremely personal information on it (personal to the person *hosting* it, not the person retrieving it) showed up on Google a short time later. You see, the toolbar had seen him go to a web page that Google did not have, and so they indexed it right away. Without meaning to, the user of the toolbar had helped Google to violate the privacy of the person who went out of his way to keep this document private. This person knew nothing of the toolbar, and had no agreement with Google, yet he became the unwilling participant in Google's web cache. The senders of email to users of Gmail are in the very same position as our friend above: they know nothing of the agreement, they are not participants in the Gmail program - they have never agreed to allow a third party to access *their* private thoughts and utterances, yet they too are caught in the middle. As much as it goes against my gut reaction, I must admit that Gmail has some very serious privacy implications, some of which almost definitely fall under EU privacy laws. The ultimate solution to the problem is close to what was suggested in the essay below: encryption. But not by Google. Encryption by the senders. The Cypherpunk cries of "Encryption Everywhere" lands smack dab in the middle of the plate here - email stays private, regardless of Google indexing, government snooping, or end user negligence. Pity that people will spend thousands of hours, and millions of dollars arguing over the best way to protect us from ourselves, but that we won't spend five minutes learning to use a simple encryption system that could completely erase these very issues. Yours, Alif Terranson sysadmin@private On Thu, 22 Apr 2004, Declan McCullagh wrote: > [It seems to me that Brad is being kind here by not denouncing the > privacy fundamentalists for trying to ban Google's Gmail in its current > form. It is true that there are potential costs of using Gmail for email > storage (just as there are costs of using your own laptop for that > purpose). The question is whether consumers should have the right to > make that choice and balance the tradeoffs, or whether it will be > preemptively denied to them by privacy fundamentalists out to deny > consumers that choice. --Declan] > _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2b30 : Tue Apr 27 2004 - 11:14:37 PDT