Basically if I send you a message using it, I have deniability. Screen shot all you want, I can simply say I never sent it. If we do go to court over something sent -- you will end up showing a screen shot or a copy and pasted text file. Those will be tough to support in court. Have fun going after an Uruguay tech company for deleted data.
This is different with standard email. A subpoena sent to gmail will reveal ip addresses (sender and receiver), what time it was sent, the fact that you logged in with account 9328439, the fact I logged in with account 298238, someone from google testifying it was sent and read, on and on.
I don't know what google is trying to do -- but what privnote did is really useful and an obvious win.
You're really overestimating what happens in actual jury trials. When I served on a jury, a lawyer presented photographs of evidence as evidence. Like, I'm talking paper printouts of photos that were taken on a cell phone. Juries aren't full of engineers, as a general rule. If the average person on Reddit will see a screen shot of a text message and assume the conversation happened, why wouldn't an average juror? The only burden of proof is if a lawyer can convince the jury a conversation happened.
The underlying mechanism there is generally that the other party doesn't contest that the printout is in fact of a picture from their phone, or that the screenshot from Reddit is in fact of something they wrote.
I'm not a trial lawyer, but I suspect that it's not a great defence strategy to deny basic matters of fact.
My understanding is that judges will lean towards admitting the evidence, and if the lawyers want to bring forth experts or witnesses to undermine the evidence they are welcome to. So a screenshot of a conversation might be admitted, and the opposing lawyer would have to argue or bring forth witnesses arguing that the screenshot was faked.
"If we do go to court over something sent -- you will end up showing a screen shot or a copy and pasted text file. Those will be tough to support in court."
I'm not so sure about that. If you leave enough incriminating evidence in the note itself, it wouldn't take too much to convince the jury or judge. For example, if you write something that only you had knowledge of in the note, then it can be used as evidence to convince the jury that you wrote it.
This site is a good idea but should be viewed as part of an overall strategy.
Not touching the legal bits, but the comparison between privnote and GMail's thing actually help me zero in what bugs me about GMail's.
From these screenshots, Google calls the note an email, integrates it with their email client, and removes some normal email controls for forwarding, etc. That violates people's expectations of email, in terms of recipients' control of their data and vendor neutrality. Those are things I don't want changed about email!
One approach is to decouple ephemeral messages from email or GMail like privnote, which avoids confusion or lock-in. You still should make precise promises, though; I think "disappearing message" is a bad way to say "we delete our copy." Seems 100% feasible but then it's just Google Privnote.
Another option is to keep it integrated but tweak it to try not to mess up email, by making the feature "expiration request" or something, and maybe many clients comply by default but don't force it, except possibly when account owner != user (work networks). That helps cooperating parties without being either vendor-specific or DRM-y. I can even imagine vendors working together on that, especially with handling of user data in focus right now. Senders can try to figure out if your recipient contacts/domains claim support for the feature so you don't try to use it when it's clearly meaningless.
A fear is that Google considers it a feature to mess with the email ecosystem by adding vendor-specific stuff, or that Google'll talk about security a lot and just happen to propose lots more solutions involving more Google lock-in. I'd like to see what comes out of Google I/O to get more of a sense.
Not going to comment on the legal side of things, but I'd recommend PrivateBin over PrivNote. The former is open-source, and can easily be self-hosted, which should obviously be of interest to the privacy-minded folks here.
Basically if I send you a message using it, I have deniability. Screen shot all you want, I can simply say I never sent it. If we do go to court over something sent -- you will end up showing a screen shot or a copy and pasted text file. Those will be tough to support in court. Have fun going after an Uruguay tech company for deleted data.
This is different with standard email. A subpoena sent to gmail will reveal ip addresses (sender and receiver), what time it was sent, the fact that you logged in with account 9328439, the fact I logged in with account 298238, someone from google testifying it was sent and read, on and on.
I don't know what google is trying to do -- but what privnote did is really useful and an obvious win.