But let's not be naive: if Google will stop reading our emails in order to send us personalized ads, that's because it doesn't really need to. People share just enough outside their email environment for Google to do its thing. Another sign of which those worrying about privacy should be aware.
The only revenue being sacrificed is being able to deliver less contextual ads in gmail, they still know a lot about you so they'll still be targeted ads so their sacrificing marginal contextual targeting vs peace of mind in a large corporate market which are hesitant to use Google's G-Suite products because of their concerns that their emails are being scanned.
Google is smart, if they're doing this it's because they've calculated the increase potential in G-Suite revenue is more than the marginal loss in less contextually specific ads in gmail. Other factors that play a role in the decision is better branding in that Google is no longer spying in your private conversations to sell you targeted ads and the mitigation of potential lawsuits.
Google Will Stop Reading Your Emails for Gmail Ads
Your mileage might vary but for me inbox is by far the most productive way to handle my e-mail.
They are making billions from ads, just look their annual report.
In other words, how much is it worth to fight the perception that gmail is somehow less secure than office 365 because ads (others have pointed out Google apps for business users don't see ads in their work gmail).
I somehow doubt that gmail ads are worth even remotely close to $120 (12 months * $10 per month) per user per year.
In other news: How much is a user worth per year to Google? Assuming not all users are the same, is there a way to predict his much revenue a user can bring for Google?
People still use email for all kinds of business, of course. But their day-to-day personal activities, the kind that marketers care about ("I've taken up kayaking!", "I'm pregnant!") don't usually show up in emails any more, they get posted on social media.
Speak for yourself, I don't like to imagine that at all.
As it is, they're presumably still reading our gdocs, address books, calendars, hangouts, search histories and broswing histories, and geolocations/third party app usage for all the android users. Email data is white noise compared to this.
I'd wonder how IT could be so stupid to put up with this if Microsoft hadn't also made pervasive surveillance mandatory.
So you haven't worked in an industry where you had that data and tried it then? In my experience you are completely, utterly wrong.
That's certainly the bullshit narrative Google wants you to believe.
I disagree with the TOS but we use their services at work. What am I supposed to do? Quit my job?
How exactly does this constitute a choice to share my private information with them, and what thing that I want am I getting in exchange, exactly?
And so it goes. Coupled with AI and the amount of data they are able to feed into the AI engines, I am guessing this won't regress their ad targeting.
They have also managed to supplant it with other avenues. Google Travel, Google Calendar and other apps have explicit permission to read your email, Google serves email images off their own servers which gives them a tracking beacon and behavioural data across cohorts. All this adds a level of indirection but still gives them access to behavioural data and user intent.
Based on the numbers in the article like doubling their "large business" user base in the past year, I think Diane Greene will lead them to generating huge revenue in the Enterprise sector. Also, I think freemium versions of Google software, directed at consumers, will be increasingly popular in the future.
Microsoft's "premium" push is actually moving toward more invasive surveillance.
They've been ramping up the marketing doublespeak about their "telemetry" in the last 12 months. Maybe that is a sign they'll back off sometime soon, but so far, it's "Full steam ahead, users be damned."
I suspect the scanning of emails hasn't yielded the personalization once hoped. And the bad publicity outweighs any future potential.
I vaguely remember Google had to put their foot down to disallow such use, that's how popular those filesystems became.
One of the most powerful advantages of Gmail vs the competition is it's superbly powerful spam filtering and search features - I doubt it's worth losing that powerful image in order to get a few more users to pay up.
Just like the biggest advantage and product feature ProtonMail has is privacy and encryption - it would be a bad product decision to remove encryption from all free customers in order to get them to pay up.
The alternative is to offer a fully functional free* model that focuses on your strength, and charge customers for extra - extremely useful and important, but non product essential - features.
* Some would argue that Google's model is not free, as you are paying for it with your data, but that is a different discussion and outside the scope here.
Economies of scale; the market for that data would not exist if individuals collected it themselves to sell. Hence would break down.
Phrased another way; this data about 1 person is relatively valueless.
(I like the rest of your example BTW; just disagree with your conclusion)
It's likely the value Google got out of scanning your email wasn't worth that much in terms of modelling profiles for ads.
Probably because having both your search history and "anonymized" Google analytics, plus the sea of data that comes from owning Android is more than enough data that Google/Doubleclick needs.
From a purely capitalist perspective I'd bet the utility of them scraping this data no longer outweighs the privacy costs.
But at the same time Google is still scanning attachments for child porn and likely other data out of national security interests. And they still can access your data on a case-by-case basis which from a FISA perspective is a rubber-stamp away from accessing your data from 2 hops away from someone who may or may not have done something bad.
I personally will not weigh using Google vs any other email service in terms of privacy any different after this measure. But I still appreciate their efforts to reduce the "standard pratice" nature of scanning private email. If I do use anything Google-related I will not associate my personal identity in any way with the service, which is still requirement for Google play.
You can still use a fake gmail account and prepaid Google gift cards bought with cash to disassociate your identity from using the service. Although that's still well beyond the investment the majority of people are willing to make.
I will still cheer on Google's efforts to make those of us who care about privacy live's easier. I'm not naive enough to ignore how their business model works but that doesn't mean they always have to take the easy route and hand everything over without considering the costs - as many ISP/Telecom companies seem to do.
I'm hardly new to his stuff and to say it's trivial is nonsense. Most people make it trivial but it's not trivial to associate identities of people who put basic effort into obscuring them.
Merely disconnecting your primary profiles from your online activity is enough to throw most mass-surveillance/drag-net stuff off, aka 99.9% of advertising firms and most government programs.
If you're an activist or someone interested in keeping your internet activity private then the bar is far higher (and the targets of which are ever expanding as governments and private organizations get better at this stuff). FBI agents, or likewise in your country of residence, have plenty of forensic tools at their disposal to connect disparate identities. It takes some real time investment and requires being super careful to evade these measures. But I'm not talking about that here. I mean the average person in 2017.
I've personally done the total anonymity stuff as an experiment so I know what that takes.
Having studied many documents from the various global national security organizations and being fortunate to have dated a defense attorney in the past who engaged with police surveillance reports on a daily basis for their work I'm convinced that even basic privacy measures such as never using your real identity when using internet services, creating full legitimate sounding backstories (and subsequent online profiles) for your fake identity, and changing the ID you use often enough will throw off most basic surveillance measures.
I'm not doing anything to get people really invested in uncovering my online identities, as most people aren't, which is what I'm talking about.
The simple fact is the vast, vast majority of people reuse the same username (and passwords) across the internet and use their real name and emails everywhere. So it's really not hard to track people online from an LEO or 4chan doxxing perspective.
But I'm not convinced you have to be isolated from the utility of most online (cloud) services. You just have to invest in using them intelligently to not associate your actual identity with the services.
Ad companies aren't interested in deanonymizing people anyway. They are looking for low hanging fruit and there are more than enough people to fill databases who fit this profile. So I'm not that concerned about those who don't.
Some people have nervous habits like moving the mouse around, clicking/tapping on whitespace, scrolling up and down, etc. Some always/never use the scrollbar. Some always/never open links in new tabs. Some tend to put the adjective before/after the noun in their searches. Some will rapidly open up the first 5 search results in new tabs. Some always disable instant search, and some of those change their settings to 20 or 50 or 100 results. Some use search features like the calculator, searching for "weather", stock symbols, etc, and others never do.
Seems to me that there is a huge monetary aspect to matching online activity with real identity.
"deanonymizing" is trivial but ad tech is poison to any level of "privacy", filter bubbles and fake news propagation.
Consumer preferences change over time, so google is far more interested in the thing I bought yesterday than the thing I bought 4 months ago, so being able to read my emails is still a current interest of theirs.
Hmm. Could you sell it on the open market? If so--if the margins for the ad-supported model like Google's are in fact as big as they appear--why isn't there a Google competitor who provides exactly the service you describe: some kind of opt-in system where they collect data (via, say, a browser extension), sell it to advertisers, and pay you a cut?
One generic answer to "why does the market not offer [some seemingly reasonable thing]" is inefficiency: maybe there's some cartel system at work where all major advertisers are hoarding the revenue for themselves. But I find that pretty unconvincing, since the whole market _seems_ to be otherwise quite competitive, and with low barriers to entry.
Perhaps a more likely theory is that if you were to offer a "we pay you for personal data" competitor, you'd face massive fraud--a la click fraud--in which attackers would pretend to be real users in order to get paid for searching (or whatever), and that the subsequent need for identity verification would become so burdensome as to eat away any profits.
Anyway, an interesting thought exercise, but I think one can broadly conclude that either:
1. There are real obstacles to paying people the "fair" price for their data, such that the current system is in fact fairer than it appears.
2. The entire market is unfair due to a cartel or similar (though like I said, I find this fairly unconvincing).
3. This is a great idea and you're the first to have it, so you should start a company that does exactly this. ;)
surely the profit would be too small to fool anyone
One of the obvious advantages of the Gmail model seems to me to be that free email is less fungible than cash, though of course abusers resort to spamming and other practices to monetize the resource.
Sounds like a sleazy salesman to me.
The thing is: never, not even once, has Google offered me an ad with goods and services I was interested in.
- If I'm searching for technical documentation, I couldn't care less about all the random consultancies or shitty-SaaS-of-the-day trash that populate the ad slot(s).
- If I'm looking for technical details on a piece of malware or vulnerability research, the last thing I want to see on the page is a goddamn AV junkware full-frontal.
- If I'm searching for details on some car models ... why the fk is google shoving insurance ads on my screen real estate?
And so on. As far as I'm concerned, online advertising is a stripmined toxic dump. Only the shittiest swindlers and shadiest extortion artists remain.
Brand marketing. It may not work on you, but it works in general.
Personally I consider myself pretty imune to marketing but when you think "who else should I check to switch my car insurance to" then that brand is going to pop up if it's been fed to your brain enough. Indeed when you're looking at a list of similar offers the one that's associated with a name you already know will seem somehow more trustsworthy, it's an insidious finagling of a brand in to your brain drip by drip. Why do they do it? It works.
1. the site was actually what I typed in the address but forgot to add .com etc
2. by accident
[this is exactly happening]
On the other hand, if its about offering me good and services which other companies want me to become interested in, then we have a different deal going on.
Hmm. I could actually see that working, as a spinoff of concierge services offered by companies like American Express.
my accountant preparing my tax return for free in exchange for...
...a sleazy salesman [to] sneak a peek at them and find new ways to sell me stuff.
Your accountant prepares your tax return for free. They also have a lot of boxes of flyers provided to them by people who want to sell things. After preparing your tax return, they use their knowledge of your return to choose which flyer to put into the envelope. They then send that envelope back to you, and when you open it to read your tax return, there's a flyer for something else paperclipped to the front with a note saying "Thought you might find this interesting."
(In particular, the accountant is only one who sees the information in your tax return.)
We have to stop this madness of thinking that "John READS my diary" means the same thing as "The function fread() READS nitems objects". Those don't mean the same thing except in a metaphorical sense. It's insane.
Some one wrote fread, it could've been john, and john absolutely could be reading your email. Look at the what happened with ubers god mode.
That said the value of gmail for me exceeds the risk of people I care about reading my email getting access or having access. However my(and probably your) subjective view on the value of your emails is absolutely subjective.
But then again, in the context of the story, it doesn't change anything. Google still has access to your email. That it is not "reading" for the purpose of ads is just a minor thing that doesn't impact your privacy/security in any way (in the terms that you are describing).
You do have protections against someone reading your email at Google. Both from a expectation of privacy, but also from a company perspective. You also do have some non-expectation of privacy (if, for example, the US government wants to read your google email, they can ask for it and they eventually will).
The day someone with a brain and an opinion on Kim Kardashian at Google reads your email, there is a HUGE difference from when Google is "reading" your email for ads/spam/spelling/whatever.
You don't want to blur that line being wishywashy with language. You want to know that difference. The fact that it could happen is why you need that clear separation between "machine reading" and "a person reading".
And those protections are bullshit.
I have no guarantee that they are not reading my email. If a bot has access, a person has access, and people abuse their access all the time.
In fact, there have been cases of googlers reading peoples email. And I'm not blurring any line, I'm stating: Gmail can, has been, and will be abused. To pretend that is not the case is, frankly, naive.
You're correct that the possibility exists, but any Googler inhales heavily and makes sure their paperwork is in order before accessing prod. The warnings that are displayed are not unlike those when you're removing a nuclear core on a starship. It's scary. They want it that way. You need a damned good reason to even look at subject lines in the inbox (like fixing a bug involving subject line rendering that only appears with a user's specific subject line, for instance), and clicking a message is almost certainly a walk. Like, within the day.
They do take this seriously. I wouldn't call it bullshit. The protections I observed were in place before Snowden, so I imagine it's even more rigorous now.
A) they can be bypassed, as they have been in the past
B) they can be compelled to hand that data elsewhere
So I'm calling bullshit. Until it's impossible for them to look at my data, then they aren't taking it seriously.
What is your technical solution for operating Gmail without any Googler having the ability to access some aspect of your data? It's email on the Web. Handling that e2e is pretty much intractable, and cleartext or nearly-cleartext with online keys has to exist somewhere even without the Googley things they do to data. I might posit that building a functional service with that requirement would be impossible for the Gmail case and many others (but I'm ready to be proven wrong).
really? your firsthand experience is nice, but your ignoring that those methods don't work.
> What is your technical solution for operating Gmail without any Googler having the ability to access some aspect of your data?
They can use any of the current zero-knowledge encryption methods. This isn't anything new and has been around for a long time. There's no need for Google to have those keys.
Encryption isn't a new problem for email, it's already a thing.
Yes, Google does not offer you protection against the Government. That is a true statement. But that doesn't mean that it's all or none. There are so many privacy rights before "a warrant request". And news flash, unless you are extremely good at securing your own mail server, even then you are not protected against a warrant.
Those checks are not bullshit. Every single security system "can be bypassed".
I never said that Google just sends everything over to them, but they can come and access my data without me ever knowing, and that's a problem. Just because there are (imo broken) checks in place does nothing to negate that fact.
Those checks are provably bullshit by the previous breaches. If they weren't bullshit, there would never have been breaches.
"invasions of privacy" is not a use case. Give me details. By whom? Your partner? Your coworker? 4chan? Your mayor? Russia? What information are they getting from you? Why? It's very likely that whatever use case you come up with, you are better defended with 2auth gmail than with whatever other solution.
That's a problem with the web. In 15 years, and not counting legal government requests, there were what? 3 cases of email data breaches that were caught? 5? That's your "provably bullshit"? What do you use on your life that has a lower failure rate than this?
yes it can. zero-knowledge encryption is already a thing.
> Name one web technology that is government intrusion proof.
Apparently the iPhone is. pgp encryption is another one. I'd suggest brushing up on basic security before saying things like that.
> "invasions of privacy" is not a use case.
> By whom?
By anyone that I don't authorize. Sure, that could be my partner, coworker, any government authority, etc.
> What information are they getting from you?
Are you serious? If you don't even understand that threat model, then again, I'd suggest looking in basic security models.
> you are better defended with 2auth gmail
2auth gmail is orthogonal to the issue. That's an security method. Currently Google does that but still can grant access to anyone they want. That's a problem that 2auth doesn't address.
> not counting legal government requests
Why not? Why remove a legitimate security issue from the discussion?
> 3 cases of email data breaches that were caught
I have no idea how many have been caught, once again, that's orthogonal to the issue. How many examples doesn't matter. It's that they do have access and can do it whenever they want.
> What do you use on your life that has a lower failure rate than this?
That's a completely illogical argument. "We shouldn't ensure privacy/security because other things in life fail more often" makes no sense.
If you are referring to the San Bernardino phone thingy, the FBI withdrew the request exactly because they did access the phone by themselves. It just cost more money.
> pgp encryption is another one
lol. Isn't there tons of reports claiming that PGP leaks too much metadata? And that the NSA is collecting those? And that there's no reasonable way to use PGP without leaking those (like hidden-sender whatever).
> > "invasions of privacy" is not a use case.
> Why not?
Because I want specifics. Just saying someone "invaded your privacy" doesn't tell me anything. Tell me a full story: entity X did Y to know Z from W. And show me how using gmail made W more unsafe on that case. And what I'm trying to tell you, is that there are two cases:
- legal government related. In which case Google can't (and won't) protect you. It's a fair claim. If you are doing something that the US government wants to know about, don't use gmail. But most things won't protect you from that anyway. Ask Dread Pirate Roberts about it. :)
- non-government related. In which case you are better protected with gmail than most things you can reasonably do. Ask Hillary Clinton. :)
> That's a completely illogical argument. "We shouldn't ensure privacy/security because other things in life fail more often" makes no sense.
Where did I say we shouldn't ensure privacy/security? What I'm refuting is your claim that "it's bullshit because it failed once". Gmail does a better job than most other things. Most things in your life fail more often than that. And most things don't evolve security/privacy wise as well as gmail does.
As far as I saw, that was just speculation. Any source on that? I'm inclined to believe it, but if true: why do they want the encryption removed rather than just snooping that data on the sly? It's better if your victims think they are secure.
> lol. Isn't there tons of reports claiming that PGP leaks too much metadata? And that the NSA is collecting those? And that there's no reasonable way to use PGP without leaking those (like hidden-sender whatever).
Possibly. But if so, I haven't seen them. Sources please.
While meta-data is absolutely useful, contents are even more useful. Just because something has one security issue doens't mean that we should give up security altogether.
> Because I want specifics
What specifics? Do you want me to make up a story about how someone could use information to attack someone else? or to use existing examples: http://www.cnn.com/2013/10/04/world/americas/silk-road-ross-... https://cpj.org/blog/2017/06/how-surveillance-trolls-and-fea... These are just 2 examples I pulled from a 5 minute search.
This isn't anything new. Having access to communication is pretty much the basis for espionage. If you don't see how that applies.... I'm not sure I can help you.
> legal government related. In which case Google can't (and won't) protect you
That's my point. They can protect you, they choose not to. Zero-knowledge encryption is still a thing. Just because Google doesn't use it doesn't mean it's not possible.
> non-government related. In which case you are better protected with gmail than most things you can reasonably do. Ask Hillary Clinton. :)
Only if Google can't access that data. If they can, it's much easier to bypass encryption and just ask Google to hand it over. Google can solve this problem but chooses not to.
> Where did I say we shouldn't ensure privacy/security?
When you say that gmail should be trusted. There are clear privacy/security holes with their model that you are ignoring. That's what this whole discussion is about.
> What I'm refuting is your claim that "it's bullshit because it failed once"
A) It didn't just fail once.
B) Failing just once proves that the system is not secure, and needs to be fixed. Failing multiple times from the same attack vector proves that they aren't taking security/privacy seriously, because they won't fix the root problem.
> Most things in your life fail more often than that
... so? Whether thing A fails more often than thing B has no bearing on whether thing B can and will fail.
1. Targeted ads catch my attention better. Frequently I don't even notice or remember irrelevant adds.
2. Targeted ads are almost always, SEOed (if you will) to me; that is, they seem relevant, they offer the solution needed to fix the precise problem I'm discussing in the email chain, I click, I read, I would buy, but I realize that the product offered is nothing like what I've been reading about on the landing page.
3. Targeted adds are much more effective at convincing me to spend money on stuff or services that I could have lived without.
Sure, I should toughen up mentally against ads, but until I do, I protect myself from ads that will manipulate me and one way to do that is to prefer irrelevant ads when I need to see them.
Practically, once add service knows I am women, it insist on showing me ads for menstruation cups everywhere I browse. I also find juxtaposition of baby accessories and relaxation bullshit on metal, programming or games site mood killing. When they know less about me, I actually get less weird more neutral less crappy ads.
Umm - you should avoid getting information because it might influence you to buy things ? There's nothing wrong with what you said, in an ideal world ads would be just that - informing the customer about your product - and influencing their decisions with information. The psychological marketing tricks to make a thing more attractive is also a value add.
Problem is it's easy to be misleading, create disinformation and it can be very profitable - that's what leads to shitty borderline fraudulent ads we have.
UMMMMMMmmmmm - yes?
If you wouldn't let a salesperson barge into your house, interrupt your reading to try and convince you to get discount eye surgery, why would you let that happen in visual form?
in an ideal world ads would be just that - informing the customer about your product
This is not anything like an 'ideal' world. One human has such limited attention, that you could spend every second of your lifetime attending to a different product and do nothing else, and you still wouldn't cover them all. And companies still wouldn't be happy with this ridiculous limit case, they'd still want a greater share of your attention and wallet. You, us, individually, mean nothing except a source of coins.
If we want to mean anything to ourselves, defence against the dark arts is necessary.
The psychological marketing tricks to make a thing more attractive is also a value add.
The psychological marketing tricks to make a thing more attractive is abusive and parasitic. Ideal brains would search for what they need, and buy the most fitting thing. Human brains which can be manipulated are a weakness we all share - and we should all be kind enough not to abuse this fact of each other any more than we have to.
That's not really how things work - there are certain things you need to accomplish other things where your reasoning partially applies but even then it's debatable. But then there are things you do for pleasure - and how you value those things can be completely separate from their physical properties.
For example there was a study where they gave people 5 vine samples, a cheap wine with 5$ price tag, same wine with a 45$ price tag, 90$ vine and the same 90$ vine with a 10$ label, and a correctly labeled 35$ vine. They found that reported enjoyment and measured fMRI activity went up with price even for same vine. Plenty of similar studies that show similar effects for branding, etc. So these things actually create value even if they don't physically change the product - you end up enjoying it more and it's purpose is your enjoyment.
I mean most of the high end stuff ends up being blowing smoke up your ass to make you feel good about paying 2-10x markup, even when the quality is superior they bundle the bullshit and inflate the price extra because they know you'll pay.
Being manipulated can also add measurable value to you. For example if a doctor gave you a sugar pill for some condition and the placebo effect helped you get better - would you say that it added no value just because the sugar pill physically did nothing ?
Corollary: if you can't show a relevant ad, HOW ABOUT NOT SHOWING AN IRRELEVANT AT ALL?
Ads are an insidious and highly effective form of psychological warfare. They play on human fears, insecurities, neuroses and instinctual weaknesses in order to part people from their hard-earned time and resources.
You might say the ads just bring their attention to needs they didn't know they had. I would say the opposite, that they create needs where there none existed to begin with.
You need to give up on your content the day you started using gmail, no matter what the TOS says.
I actually host my own email but every time I send a message to somebody using one of these webmails it gets indexed and monetized.
But I would argue that it's a technical problem first and foremost, email security is mostly a joke. If I need to send sensitive things through emails I can always use PGP to actually protect it, instead of relying on the goodwill of the email provider not to peek into the message. If people really valued their privacy they'd be doing something similar.
I'm pretty sure that's the empty set.
The next time you want to buy, say, 9 celebs in open relationships.
This is what ads are. This is what we adblock. This is clickbait, lies, manipulation, visually distracting, space wasting, untrustworthy, barrel scraping garbage.
"Ads inform you about products" in the same way slime mould informs you that your house is too damp. The best individual course of action is not to buy what the mould is selling.
In actuality: they are a waste of my time and mental space
Having said that, I've never clicked on an ad in Gmail since 2004 or so.
They are about the only people I've ever seen express this view seriously.
I'm not trying to say that all ads give you that benefit - most are just a waste of screen space, compute and bandwidth.
EDIT - I am not sure why I am being downvote, I legitimately don't get his point and figured I would for more info rather than just calling him out as a troll or something. Is there something obvious I should know?
I believe some Buddhism teaches something along the lines of: personal possessions are bad, and freedom is found in not owning anything.
I think OP is saying: advertising goes directly against that line of thinking. It is actually tempting a Buddhist to buy more stuff, thus going against their religion.
The spam filter (hopefully) probably doesn't store that much about me, but an ad targeting bot could be a lot more problematic.
Gmail provides me with a free email service. They already have the full text of all my emails. If they want to use that data to help decide what ads to serve me, I have no problem with that so long as that data isn't shared with anyone else without my consent.
I think its fair for you to accept the terms, if you know what you're getting in return. The problem here is that you will never know exactly what information is stored about you, and how personal it is, and you have zero control over it. Also simply by sending YOU an email, I'm also entangled in the data collection scheme.
On the contrary. I know what emails are stored in my inbox just as well as Google does. I can also search through that information and delete it if I so choose, so I do have control over it.
They also have a lot more information about you than just your email, especially if you use their search.
Do you have any way of verifying this? I am not accusing google of anything, I just find this to be an interesting level of trust to have with a free online service.
In the absence of any evidence that they _are_ sharing my private information with others, I see no reason not to trust them in this regard.
Really? Good luck suing them if they decide to sell your data. They certainly won't lose much revenue from fleeing customers if they think up a creative new way to monetize your data with "select business partners"; Google (and Facebook et al) spent the last decade entrenching themselves infrastructure for far too many people. They have far too much power and inertia to lose much in the short or medium term.
> trust them
Privacy policies change. Even if Google has good intentions about protecting your data today, you're gambling that those intentions will not change in the future. You don't know who will be hired/fired at Google in the future, nor do you know how the current (or any) management will react should the company have a particularly unfortunate run of bad finances or other troubles. Never-mind that humans often act irrationally for stupid reasons so any prediction about future behavior has to have a huge error bar.
However, that isn't the big problem with trusting Google to not share your pattern-of-life with a 3rd party: you're assuming it will be Google's choice, or that they will even have any de facto influence over the long-term fate of your personal information. Your trust doesn't make Google infallible; the best security teams can only make hacks less likely. Warrants, legislation, and quasi-legal-but-hard-to-ignore orders from governments happen. Prism (and other mass surveillance programs) still exist. Concentrating valuable data at one location makes it more valuable, so the scope of potential threats to your data increases as more data is collected.
The world is not as just. Trusting that your data will magically stay safe at Google forever - or even just the near future - is only possible if you first pretend that Googles security is and always will be perfect, that the programs Snowden/Drake/Binney/etc warned us about never existed, that no current or future Google employee will ever become disgruntled (or crazy), and probably many more potential threats that haven't been invented yet.
 or mundane data like your email
I don't think that's true. Sure, they wouldn't be out of business overnight, but depending on how serious this hypothetical breach of trust is, it'd certainly hurt them a lot.
> Warrants, legislation, and quasi-legal-but-hard-to-ignore orders from governments happen
My threat model does not currently include the NSA or the US government. I don't anticipate that changing in the near future, but if it does then you're right; I'll certainly need to stop using Google services. (And probably all cloud services in general.) Or at least "air gap" them from the portions of data I want to keep secret.
> pretend that Googles security is and always will be perfect [...] that no current or future Google employee will ever become disgruntled
While I consider myself to be more security conscious than the average citizen, I _still_ trust Google's security practices (against both internal and external threats) far more than I trust my own. If my data on Google's services gets compromised, I think it's far more likely that it'll be because someone stole my password and 2FA tokens than because somebody hacked Google.
As with anything, I realize there's certainly a security/usability tradeoff to be made. For the moment though I'm quite confident that the extra utility Google provides is worth the risk, at least for my purposes.
That just seems silly
I didn't even say not to trust google, I just questioned the level of trust.
It's a common phenomenon across a variety of social media when a certain few companies are questioned on their practices.
It's all very tribal.
Google has already secretly given people's info away. They've admitted to getting and complying with NSL's already.
Also, email is transmitted in plain text. Sending an email is more like shouting to your friends in the street, rather than putting a letter into an envelope mailed to the recipient. Thus, I don't think an explicit consent is needed.
That said, I understand that fair use of such information is a concern.
These days Gmail will transfer your email protected by TLS if possible. Not shouting at all.
On the other hand, a program which analyzes mail to ascertain the tastes, interests, and personal plans of the participants is mining much more sensitive data, and it's compiling/storing it off-site long-term, and it's very specific to the individuals involved.
All of us who've used Gmail know how creepy it can get. Send a couple of mails about marriage and suddenly you start seeing targeted ads about engagement rings or other marriage-related things. Google stores this forever and they'll say "Ah, we know this guy was talking about marriage 10 years ago; traditionally, marriages fail after 5 years, we've detected a tense tone in his mails to his wife, BEEP BOP BOOP, DIVORCE LAWYER AD IS RELEVANT".
This inference is not only dubious (ethically and technically), but anyone observing your browsing while you're logged in will see these ads and may assume that you're seeing those ads because you've been searching for information on divorce, not because Google's inference is overzealous, although it may very well be. Search and replace with anything else: new credit cards/bankruptcy lawyers, research on a medical condition/ads for related medicines, etc.; the potential for creepy inference is endless, not to mention the concrete surveillance value provided to literal spies (via PRISM), nor the risk of compromise/abuse outside of the ad space. They don't have to get and process your entire mail archive; they just have to draw their inferences from Google's own inferences in your compiled taste/interest profile.
That's much more serious than a throwaway analysis of whether a mail contains spammy properties or not.
Have you actually seen anything like this? In my experience the ad targeting seems like extremely shallow keyword analysis.
The idea is that once you have any apparatus in place, and funds allocated to the maintenance/operation there of, you will find that people come up with creative ways to use that apparatus to either cement their position in the company or to improve career prospects. This applies to lots of domains, the obvious one being the government. Once you have a drone program, you'll find that someone somewhere WILL find a way to justify its usefulness.
My main problem with data collection is the permanent nature of it, where someone somewhere at some point in time, possibly when the computational costs become feasible, will come up with a seemingly innocuous use of the data that will spiral out of control. Also, is Google hack-proof? Judging by the lawsuits around the self-driving division, apparently its trivial to steal data if you're on the inside.
I personally use AdBlock so I don't see Google ads very often, but I have been creeped out by ads in the past, and I have had Google infer interests in changes to relationship status based on mail content (e.g., offering engagement rings).
I believe they have manual filters to try to stop inferences that are too offensive from being made (e.g. suggesting a divorce), but those, of course, can never be perfect, and it doesn't mean they aren't making the inference or maintaining the data necessary to do so; it just means that they are blocking it from showing up.
I'm not really saying this is either good or bad. The question was why people care less about reading emails to filter for spam than they care about people reading emails to develop a consumer's ad profile. These are some reasons why.
It isn't always accurate, I know a girl that is very not pregnant but gets these things anyway. She babysits occasionally and I suspect that combined with her Baker's card and Walgreen's card give the mass marketing gurus all the information they need to know that she sometimes cares for kids.
They were doing this in early 2000s, can't imagine how sophisticated the same type of system is now.
Also what’s the likelihood of the NSA blocking your flight or making you disappear in the night? You probably should fear crossing the street more in terms of statistical likelihood of harm.
I get the privacy/freedom arguments however the hyperbole around this stuff is getting ridiculous as the fears are badly supported by actual data and statistical significance.
More people drowned in swimming pools last year than were “disappeared” by the NSA but there seems little hysteria around swimming pools. I pretty sure most of us don’t know a single person on a no-fly list.
Some high levels of paranoia around here it seems.
Yes, they did. Probably just tobacco companies alone.
> It takes a government to do that.
Since corporations are creatures of government, that's true by definition of everything corporations do.
A response as silly as it was predictable. Show me a Gulag Archipelago written about the tobacco industry and we'll have some grounds for further discussion.
Since corporations are creatures of government, that's true by definition of everything corporations do.
So if no one writes world class literature about your crimes, they didn't happen?
That works well enough on HN, as seen in the moderation in this thread, but not in real life.
For example your username might differ in order to access a shared calendar.
Also you can generate application passwords for an account. So you can create an SMTP-only application password for your fastmail account.
Fastmail becomes terribly expensive once you realize you need multiple accounts (not just aliases) for different people in the family. At least for me, paying a few hundred dollars on Fastmail (or anywhere else) for email is really way too expensive. I've also written to Fastmail asking for flexible pricing options, but they responded that they're not even considering any changes on pricing/flexibility for the near future.
Edit: If one doesn't need custom domains and office suites, I'd recommend only Posteo! That company is way ahead of others in being better for all humans (read on their website about all the things they do).
Leaving this aside, other factors do favor ProtonMail. The people who run it seem to have their minds and hearts in the right place as far as privacy is concerned.
Another huge problem is the lack of two-factor authentication. How can a security-oriented service not offer TOTP or even SMS 2FA.
Turns out it was a Fastmail bug, and they promptly fixed it.
Some find FastMail’s spam filtering better than Gmail’s, some worse.
* Train the built in Bayesian filter fully
* Setup SPF
* Setup DKIM
* Point MX records at Fastmail directly (rather than forwarding via some other service)
More of a pain than GMail which often "just works", but still relatively simple to setup. I suspect ultimately more robust than using mail forwarding on consumer GMail (the rules of which constantly change and it gets less powerful, if you don't buy GSuite and point your whole domain at it).
Sounds excessive. Does this include any special features beyond privacy? I pay 1€ per month for a privacy-respecting mailbox at posteo.de
Is there some sort of Gmail camera thing I'm not aware of?
"Incoming messages are scanned for the purpose of spam detection unless you disable spam protection for your account... To make message searching fast, we build an index of your messages (this is a table, just like you would find at the back of a reference book, in which you can look up a word to quickly find the emails in which it appears).
No information from any of these activities is used for any other purpose, or to compile any kind of profile on our users."
Although Im not questioning fastmail ability to provide secured email service. Yet I cannot help think why I would rely on a small player for email. I would ask what is the probability of fastmail service getting hacked say compared to gmail.
(Somebody has right pointed out that ) Ad relevance to your email is not same as reading - thinking in same vein should also lead us to believe even (spam) classification can be termed as reading.
If Fastmail were, say, 1% of Google size, it would still be #2, which is a pretty good ranking on any market. And if you don't lose features by switching to the #2, please do it, for the sake of competition – Give freedom a chance.
I'm using Fastmail for my 3-ppl business. We lack no feature, we get used to it, we pay them (cheap), we don't leak our source code to GitHub and other browsing habits or contacts to Google Analytics/G+, it's just good management of the company information. We are the annoying guys who can't click "Connect with Facebook" nor "Connect with G+" and that makes providers keep the login/pw auth. Plus it funds a company so you might still have a choice in 5 years. And we show VCs that writing "privacy" on commercial documents yields customers.
Cost to us? Zero.
Fastmail and gmail both have mature bug bounty programs, which mean they will pay out cash to anyone who finds and reports a way to hack them: https://www.fastmail.com/about/bugbounty.html
This shows that they are willing to put money behind their claims to security and probably puts them in the top few % of difficult to hack websites above eg windows live mail.
Also, it's a mistake to think a company will be more secure because it's larger. If anything, I'd say it's the opposite; large companies tend to have complex websites with vastly more attack surface.
Of course, every email provider is vulnerable to certain governments.
My opinion is tracking, ads are all fine on the primary website, but if you follow me around the web, tracking my every move, I'll stop using such services and try my best to prevent the tracking.
Fatmail has a reptuation for not doing this, Google doesn't.
If ad companies fix something please fix the I searched for something and bought it but I get adds for it for the next 4 weeks. That bugs me.
But hey, they don't seem to have used that data.
( = edit for grammar)
I've already paid for Youtube Red and couldn't be happier.
About $60 a year
I have about 8 accounts that I use.
I'm considering moving; Rackspace has pretty good hosted email for $2/user/month. We use it at work - webmail is acceptable though nothing to write home about, and their IMAP implementation is solid so you can just use a client.
But you pay $480/year for 8 email addresses? Ouch.
I have received exceptional support over the years, including them calling me twice when I reported an issue. My account is worth $5/month and I live in Fiji.
I've had to contact support a few times in the last few months for coworkers email issues. We're a very small company paying $5 per month.
https://admin.google.com/AdminHome then help button --> Contact support
> Google Cloud does not scan your data or email in G Suite Services for advertising purposes. Our automated systems scan and index your data to provide you with your services and to protect your data, such as to perform spam and malware detection, to sort email for features like Priority Inbox and to return fast, powerful search results when users search for information in their accounts. The situation is different for our free offerings and the consumer space.
If you look at the terms for G Suite (the paid business product), that is a top selling point. Businesses who pay for G Suite don't want Google using their data for anything, and Google complies.
Edit: in response to comment below, here are the main docs describing, including the Data Processing Amendment:
I think these are the terms and I don't seem to see this guarantee, but IANAL
Outlook.com offers "Premium" which removes ads. If you stop paying you just get the ads back but your account is otherwise unaffected.
Gsuite on the other hand removes ads, but if you stop paying then you lose access to your email and additional messages may bounce.
Apples and oranges.