<<< Date Index >>>     <<< Thread Index >>>

[IP] Fwd: [Politech] A criticism of Gmail and a call for encryption everywhere [priv]




Subject: Opposing view of Gmail issues (Cypherpunk tie in)
Date: Sun, 25 Apr 2004 13:11:53 -0500 (CDT)
From: J.A. Terranson <measl@xxxxxxx>
To: Declan McCullagh <declan@xxxxxxxx>
References: <4087CD30.5020800@xxxxxxxx>


Good Afternoon Declan,

        As with much of the online community, I have been discussing this
topic since it was announced by Google, and until recently, I was also of
the opinion that this was a simple contractual choice between the user of
Gmail and Google.

        My opinion was altered by a gentleman in England, who used the
following story to illustrate his point:

        When Google released their toolbar, he, like most of us, installed
it.  What was different was that he installed it with all of the advanced
features (including the tracking options, which Google goes out of their
way to make crystal clear *is* tracking software).  He reasoning was
similar to the thoughts you expressed below: he had nothing to hide, he
believed Google really was stripping identity data from their observations
of his browsing habits, and he did not mind having them "watch".

        One day he had a firewall issue when trying to retrieve a file,
and the person who was hosting it offered to put it on a "private" (i.e.,
unlinked) page for him to grab over HTTP.  He accepted, downloaded the
document, and promptly forgot about it - until this document, which had
extremely personal information on it (personal to the person *hosting* it,
not the person retrieving it) showed up on Google a short time later.  You
see, the toolbar had seen him go to a web page that Google did not have,
and so they indexed it right away.

        Without meaning to, the user of the toolbar had helped Google to
violate the privacy of the person who went out of his way to keep this
document private.  This person knew nothing of the toolbar, and had no
agreement with Google, yet he became the unwilling participant in Google's
web cache.

        The senders of email to users of Gmail are in the very same
position as our friend above: they know nothing of the agreement, they are
not participants in the Gmail program - they have never agreed to allow a
third party to access *their* private thoughts and utterances, yet they
too are caught in the middle.

        As much as it goes against my gut reaction, I must admit that
Gmail has some very serious privacy implications, some of which almost
definitely fall under EU privacy laws.

        The ultimate solution to the problem is close to what was
suggested in the essay below: encryption.  But not by Google.  Encryption
by the senders.  The Cypherpunk cries of "Encryption Everywhere" lands
smack dab in the middle of the plate here - email stays private,
regardless of Google indexing, government snooping, or end user
negligence.  Pity that people will spend thousands of hours, and millions
of dollars arguing over the best way to protect us from ourselves, but
that we won't spend five minutes learning to use a simple encryption
system that could completely erase these very issues.

Yours,

Alif Terranson
sysadmin@xxxxxxx


On Thu, 22 Apr 2004, Declan McCullagh wrote:

[It seems to me that Brad is being kind here by not denouncing the
privacy fundamentalists for trying to ban Google's Gmail in its current
form. It is true that there are potential costs of using Gmail for email
storage (just as there are costs of using your own laptop for that
purpose). The question is whether consumers should have the right to
make that choice and balance the tradeoffs, or whether it will be
preemptively denied to them by privacy fundamentalists out to deny
consumers that choice. --Declan]

-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/