The email below comes to me via Dave Farber’s IP list. I quote it in full with permission of the author, I think the story he tells is quite interesting as it relates to our communications and intentions moving from the ephemeral to the eternal (the title of a chapter in my book). This email was written by JA Terranson, who is on Dave’s IP list, in response to this article by Declan McCullagh on issues of privacy and GMail.
Subject: Opposing view of Gmail issues (Cypherpunk tie in)
Good Afternoon Declan,
As with much of the online community, I have been discussing this
topic since it was announced by Google, and until recently, I was also of
the opinion that this was a simple contractual choice between the user of
Gmail and Google.
My opinion was altered by a gentleman in England, who used the
following story to illustrate his point:
When Google released their toolbar, he, like most of us, installed
it. What was different was that he installed it with all of the advanced
features (including the tracking options, which Google goes out of their
way to make crystal clear *is* tracking software). He reasoning was
similar to the thoughts you expressed below: he had nothing to hide, he
believed Google really was stripping identity data from their observations
of his browsing habits, and he did not mind having them “watch”.
One day he had a firewall issue when trying to retrieve a file,
and the person who was hosting it offered to put it on a “private” (i.e.,
unlinked) page for him to grab over HTTP. He accepted, downloaded the
document, and promptly forgot about it – until this document, which had
extremely personal information on it (personal to the person *hosting* it,
not the person retrieving it) showed up on Google a short time later. You
see, the toolbar had seen him go to a web page that Google did not have,
and so they indexed it right away.
Without meaning to, the user of the toolbar had helped Google to
violate the privacy of the person who went out of his way to keep this
document private. This person knew nothing of the toolbar, and had no
agreement with Google, yet he became the unwilling participant in Google’s
The senders of email to users of Gmail are in the very same
position as our friend above: they know nothing of the agreement, they are
not participants in the Gmail program – they have never agreed to allow a
third party to access *their* private thoughts and utterances, yet they
too are caught in the middle.
As much as it goes against my gut reaction, I must admit that
Gmail has some very serious privacy implications, some of which almost
definitely fall under EU privacy laws.
The ultimate solution to the problem is close to what was
suggested in the essay below: encryption. But not by Google. Encryption
by the senders. The Cypherpunk cries of “Encryption Everywhere” lands
smack dab in the middle of the plate here – email stays private,
regardless of Google indexing, government snooping, or end user
negligence. Pity that people will spend thousands of hours, and millions
of dollars arguing over the best way to protect us from ourselves, but
that we won’t spend five minutes learning to use a simple encryption
system that could completely erase these very issues.