<<< Date Index >>>     <<< Thread Index >>>

[ga] Re: [Politech] A criticism of Gmail and a call for encryption everywhere [priv]



Declan Alif and all,

 Thank you Alif for this very good brief review of the technical facts
regarding Gmail and it's horrendous sneaky pitfalls which a user
unknowingly can be snooped upon without prior consent of even
knowledge... And as such exposing that user to identity theft or
worse...

Declan McCullagh wrote:

> -------- Original Message --------
> Subject: Opposing view of Gmail issues (Cypherpunk tie in)
> Date: Sun, 25 Apr 2004 13:11:53 -0500 (CDT)
> From: J.A. Terranson <measl@xxxxxxx>
> To: Declan McCullagh <declan@xxxxxxxx>
> References: <4087CD30.5020800@xxxxxxxx>
>
> Good Afternoon Declan,
>
>         As with much of the online community, I have been discussing this
> topic since it was announced by Google, and until recently, I was also of
> the opinion that this was a simple contractual choice between the user of
> Gmail and Google.
>
>         My opinion was altered by a gentleman in England, who used the
> following story to illustrate his point:
>
>         When Google released their toolbar, he, like most of us, installed
> it.  What was different was that he installed it with all of the advanced
> features (including the tracking options, which Google goes out of their
> way to make crystal clear *is* tracking software).  He reasoning was
> similar to the thoughts you expressed below: he had nothing to hide, he
> believed Google really was stripping identity data from their observations
> of his browsing habits, and he did not mind having them "watch".
>
>         One day he had a firewall issue when trying to retrieve a file,
> and the person who was hosting it offered to put it on a "private" (i.e.,
> unlinked) page for him to grab over HTTP.  He accepted, downloaded the
> document, and promptly forgot about it - until this document, which had
> extremely personal information on it (personal to the person *hosting* it,
> not the person retrieving it) showed up on Google a short time later.  You
> see, the toolbar had seen him go to a web page that Google did not have,
> and so they indexed it right away.
>
>         Without meaning to, the user of the toolbar had helped Google to
> violate the privacy of the person who went out of his way to keep this
> document private.  This person knew nothing of the toolbar, and had no
> agreement with Google, yet he became the unwilling participant in Google's
> web cache.
>
>         The senders of email to users of Gmail are in the very same
> position as our friend above: they know nothing of the agreement, they are
> not participants in the Gmail program - they have never agreed to allow a
> third party to access *their* private thoughts and utterances, yet they
> too are caught in the middle.
>
>         As much as it goes against my gut reaction, I must admit that
> Gmail has some very serious privacy implications, some of which almost
> definitely fall under EU privacy laws.
>
>         The ultimate solution to the problem is close to what was
> suggested in the essay below: encryption.  But not by Google.  Encryption
> by the senders.  The Cypherpunk cries of "Encryption Everywhere" lands
> smack dab in the middle of the plate here - email stays private,
> regardless of Google indexing, government snooping, or end user
> negligence.  Pity that people will spend thousands of hours, and millions
> of dollars arguing over the best way to protect us from ourselves, but
> that we won't spend five minutes learning to use a simple encryption
> system that could completely erase these very issues.
>
> Yours,
>
> Alif Terranson
> sysadmin@xxxxxxx
>
> On Thu, 22 Apr 2004, Declan McCullagh wrote:
>
> > [It seems to me that Brad is being kind here by not denouncing the
> > privacy fundamentalists for trying to ban Google's Gmail in its current
> > form. It is true that there are potential costs of using Gmail for email
> > storage (just as there are costs of using your own laptop for that
> > purpose). The question is whether consumers should have the right to
> > make that choice and balance the tradeoffs, or whether it will be
> > preemptively denied to them by privacy fundamentalists out to deny
> > consumers that choice. --Declan]
> >
> _______________________________________________
> Politech mailing list
> Archived at http://www.politechbot.com/
> Moderated by Declan McCullagh (http://www.mccullagh.org/)

Regards,

--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Be precise in the use of words and expect precision from others" -
    Pierre Abelard

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng.  INEG. INC.
E-Mail jwkckid1@xxxxxxxxxxxxx
 Registered Email addr with the USPS
Contact Number: 214-244-4827