Gmail: Criticism

Privacy

Google has one privacy policy that cover all of its services.

Google claims that Gmail refrains from displaying ads next to potentially sensitive messages, such as those that mention race, religion, sexual orientation, health, or financial statements.

Automated scanning of email content

Google’s mail servers automatically scan emails for multiple purposes, including to add context-sensitive advertisements next to emails, and to filter spam and malware.

Privacy advocates raised concerns about this practice; concerns included that allowing email content to be read by a machine (as opposed to a person) can allow Google to keep unlimited amounts of information forever; the automated background scanning of data raises the risk that the expectation of privacy in email usage will be reduced or eroded; information collected from emails could be retained by Google for years after its current relevancy to build complete profiles on users; emails sent by users from other email providers get scanned despite never having agreed to Google’s privacy policy or terms of service; Google can change its privacy policy unilaterally, and for minor changes to the policy it can do so without informing users; in court cases, governments and organizations can potentially find it easier to legally monitor email communications; at any time, Google can change its current company policies to allow combining information from emails with data gathered from use of its other services; and any internal security problem on Google’s systems can potentially expose many – or all – of its users.

In 2004, thirty-one privacy and civil liberties organizations wrote a letter calling upon Google to suspend its Gmail service until the privacy issues were adequately addressed. The letter also called upon Google to clarify its written information policies regarding data retention and data sharing among its business units. The organizations also voiced their concerns about Google’s plan to scan the text of all incoming messages for the purposes of ad placement, noting that the scanning of confidential email for inserting third-party ad content violates the implicit trust of an email service provider.

Lawsuits

In March 2011, a former Gmail user in Texas sued Google, claiming that its Gmail service violates users’ privacy by scanning e-mail messages to serve relevant ads.

In July 2012, some California residents filed two class action lawsuits against Google and Yahoo!, claiming that they illegally intercept emails sent by individual non-Gmail or non-Yahoo! email users to Gmail and Yahoo! recipients without the senders’ knowledge, consent or permission. A motion filed by Google’s attorneys in the case concedes that Gmail users have “no expectation of privacy”.

A court filing uncovered by advocacy group Consumer Watchdog in August 2013 revealed that Google stated in a court filing that no “reasonable expectation” exists among Gmail users in regard to the assured confidentiality of their emails. In response to a lawsuit filed in May 2013, Google explained:

“… all users of email must necessarily expect that their emails will be subject to automated processing … Just as a sender of a letter to a business colleague cannot be surprised that the recipient’s assistant opens the letter, people who use web-based email today cannot be surprised if their communications are processed by the recipient’s ECS [electronic communications service] provider in the course of delivery.

A Google spokesperson stated to the media on August 15, 2013 that the corporation takes the privacy and security concerns of Gmail users “very seriously.”

April 2014 Terms of service update

Google updated its terms of service for Gmail in April 2014 to create full transparency for its users in regard to the scanning of email content. The relevant revision states: “Our automated systems analyse your content (including emails) to provide you personally relevant product features, such as customised search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.” A Google spokesperson explained that the corporation wishes for its policies “to be simple and easy for users to understand.”

In response to the update, Jim Killock, executive director of the Open Rights Group, stated: “The really dangerous things that Google is doing are things like the information held in Analytics, cookies in advertising and the profiling that it is able to do on individual accounts”.

Microsoft ad campaign against Google

In 2013, Microsoft launched an advertising campaign to attack Google for scanning email messages, arguing that most consumers are not aware that Google monitors their personal messages to deliver targeted ads. Microsoft claims that its email service Outlook does not scan the contents of messages and a Microsoft spokesperson called the issue of privacy “Google’s kryptonite.” In response, Google stated; “We work hard to make sure that ads are safe, unobtrusive and relevant … No humans read your e-mail or Google Account information in order to show you advertisements or related information. An automated algorithm — similar to that used for features like Priority Inbox or spam filtering — determines which ads are shown.” The New York Times cites “Google supporters”, who say that “Microsoft’s ads are distasteful, the last resort of a company that has been unsuccessful at competing against Google on the more noble battleground of products”.

Other privacy issues

2010 attack from China

In January 2010, Google detected a “highly sophisticated” cyber-attack on its infrastructure that originated from China. The targets of the attack were Chinese human rights activists, but Google discovered that accounts belonging to European, American and Chinese activists for human rights in China had been “routinely accessed by third parties”. Additionally, Google stated that their investigation revealed that “at least” 20 other large companies from a “wide range of businesses” – including the Internet, finance, technology, media and chemical sectors – had been similarly targeted. Google was in the process of notifying those companies and it was also working with relevant US authorities. In light of the attacks, Google enhanced the security and architecture of its infrastructure, and advised individual users to install anti-virus and anti-spyware on their computers, update their operating systems and web browsers, and be cautious when clicking on Internet links or when sharing personal information in instant messages and emails.

Google Buzz

The February 2010 launch of Google Buzz, a former social network that was linked to Gmail, immediately drew criticism for publicly sharing details of users’ contacts unless the default settings were changed.

Google+

A new Gmail feature was launched in January 2014, whereby users can email people with Google+ accounts even though they do not know the email address of the recipient. Marc Rotenberg, President of the Electronic Privacy Information Center, called the feature “troubling”, and compared it to the Google Buzz initial launch privacy flaw.

Update to DoubleClick privacy policy

In June 2016, Julia Angwin of ProPublica wrote about Google’s updated privacy policy, which deleted a clause that had stated Google would not combine DoubleClick web browsing cookie information with personally identifiable information from its other services. This change has allowed Google to merge users’ personally identifiable information from different Google services to create one unified ad profile for each user. After publication of the article, Google reached out to ProPublica to say that the merge would not include Gmail keywords in ad targeting.

Outages

Gmail suffered at least seven outages in 2009 alone, causing doubts about the reliability of its service. It suffered a new outage on February 28, 2011, in which a bug caused Gmail accounts to be empty. Google stated in a blog post that “email was never lost” and restoration was in progress. Another outage occurred on April 17, 2012, September 24, 2013, and January 24, 2014.[

Google has stated that “Gmail remains more than 99.9% available to all users, and we’re committed to keeping events like today’s notable for their rarity.”

On behalf of

In May 2009, Farhad Manjoo wrote on The New York Times blog about Gmail’s “on behalf of” tag. Manjoo explained: “The problems is, when you try to send outbound mail from your Gmail universal inbox, Gmail adds a tag telling your recipients that you’re actually using Gmail and not your office e-mail. If your recipient is using Microsoft Outlook, he’ll see a message like, “From youroffice@domain.com on behalf of yourgmail@gmail.com.” Manjoo further wrote that “Google explains that it adds the tag in order to prevent your e-mail from being considered spam by your recipient; the theory is that if the e-mail is honest about its origins, it shouldn’t arouse suspicion by spam checking software”.The following July, Google announced a new option that would remove the “On behalf of” tag, by sending the email from the server of the other email address instead of using Gmail’s servers.

Source: Wikipedia

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s