blog dds

2004.06.25

Google Mail and Privacy

I recently subscribed to Google mail, to obtain a reasonable alias (I thought I could get my loved dds initials, but it turned I would have to use at least 6 characters). However, I doubt I will use the service, because I really don't trust Google to search through my personal email data. I have 300MB of email now, representing about 18 years of email discussions. (I routinely remove all attachments, which I file separately, so the size of my emails is relatively modest). If I trusted Google, I would like to upload all my messages to their servers, and utilize Google's awesome search capabilities. However, the truth is, I see too many ways for the service to be misused.

First of all, my data would be available to numerous Google system administrators, operators, and researchers. Currently, my email is only available to system administrators while in transit; once delivered it stays secure on my personal workstation. With Google mail all my email contents would be located at the Google premises in perpetuity. It only takes one employee to misuse it, and Google's impressive search capabilities can make such misuse very easy. The powerful Google search through my email would find passwords, credit card numbers, details of financial transactions, medical data. 18 years ago my email was stored on a VAX-780 an was also accessible to a couple of system administrators, I personally new and trusted. Even then I was careful what email discussions I would file, and which email messages I would delete. Once I started to run my email client on a local message store I personally managed I became a lot more relaxed on what I would file. Having enjoyed the privacy of a personal data store for more than 10 years, there is no way I would go back to the older model, especially when the data is kept by a large organization with hundreds of employees.

In addition, I believe that the system's privacy can be easily broken. There is no need for Google to explicitly cooperate with law enforcement agencies (or worse) for my data to be scanned for their needs, because the system already has a suitable Trojan horse available as part of its design. The name of the Trojan horse is targeted advertising. If I wanted to locate terrorists stupid enough to use Google mail for their email conversations, all I would need to do would be to pay Google to place ads for "Cheap private flying lessons" and a book titled "How to legally obtain a US passport in 60 days" in email messages related to the keywords "explosives, nuclear, biochemical, bomb". I realize that Google's ad placement mechanism is more complex than that, but I think if it can be used to display nappy ads to adults searching for children books, it can also be manipulated in the way I described.

Finally, there is the issue of storage capacity and email attachments. Although 1GB may sound like a lot, it really isn't. I would really like to avoid filing my email (I now maintain 181 folders in 11 directories), but the reality is that most of the pain does not come from filing the plain-text messages (these I can file with exactly 5 keystrokes), but from handling the attachments. I would like to view Google mail as an all or nothing proposition; I would not use it for storing only part of my email. Now, attachments can be huge (I often receive 3MB Powerpoint presentations, or 0.5MB Word documents for what could be described in a couple of plain text paragraphs) and they would quickly accumulate above the 1GB Google mail limit. Viewing MS-Office attachments over a web interface would be tricky, but even more bothersome would be the idea of keeping the attached documents on the Google servers. Attachments often contain data a lot more sensitive than the conversational text of an email message: tender documents and evaluations, financial statements, business plans, student evaluation results, and family photographs. Would I trust these to be stored on a remote service? I do not think so.

Read and post comments, or share through   


Creative Commons License Last modified: Friday, June 25, 2004 11:06 am
Unless otherwise expressly stated, all original material on this page created by Diomidis Spinellis is licensed under a Creative Commons Attribution-Share Alike 3.0 Greece License.