Last week Google said Gmail users have no expectation of privacy.
Part of the justification for this is a court case from 1979 stating:
“A person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.”
That’s basically all e-mail, since your average user does not manage his own mail server, and send only to other accounts who manage their own servers. So any e-mail the passes to or from Gmail can be scanned by Google for targeted advertising or anything else.
But we knew this is happening so why would we be worried about it? If it’s transmitted over the internet it’s not private. And we agreed to all of these terms when we clicked the ‘I Agree’ button on the End User License Agreement. And we all read those right?
I think what bugs me most about this issue is how conversations about the law, and what’s right for the country have changed. We each have entered into dozens of hundred page contracts by using software, browsing the internet, or even activating a computer. This is a bit of a change from when we used to discuss the issues of the day in a bar.
The thing is, we all still think about life this way. Our bar may be Facebook or an actual bar, but we don’t think of life in terms of contracts we’ve signed without reading, we think about what’s right. We think about the constitution and the bill of rights, probably the last set of legal documents we actually understood.
We are all bound by decisions we’ve made without understanding them, and it feels like that’s something that ought to change. I think many of us didn’t have an expectation of privacy, at least not a conscious one. In fact if anything we’re a generation of over-sharers.
But the real extent of how much can be learned about a person just from their e-mail or what they post on Facebook is staggering. We understand that anything we write in a public space like Facebook or WordPress or even an internet forum needs to be for public consumption, but what about private notes to loved ones, or even just the many profoundly silly things we do?
I’m not sure what the alternatives are for e-mail. It’s not like we can all start sending letters, and I’m not sure what our expectations of privacy can be in the postal system anyway.
But we do need to think about these issues, and discuss them in the public square, without just saying ‘meh’. And we need to have a longer attention span. After all, technology is only getting more advanced and our next privacy challenge, Google Glass, is just around the corner.
9 responses to “You signed the EULA!”
What’s remarkable about the 1979 ruling you mentioned (Smith v. Maryland) is that it follows another Fourth Amendment ruling, Katz v. United States (1967), which ruled that the audio of a phone conversation *does* enjoy Fourth Amendment protection. That’s why the government makes such a big deal about content vs. metadata: theoretically, content is protected, metadata isn’t.
Except now we’ve got two rulings that contradict each other. The content of communications is protected, but anything given to a third party is not protected. So what about e-mails? That’s content, but it’s given to a third party. It’s all a big gray area, so there’s plenty of wiggle room.
The fundamental problem is that Smith v. Maryland 1979 was misguided from the start, and woefully out of step with technology today. The Supreme Court needs to revisit this issue, and the American people need to make their own expectations about “reasonable privacy” crystal clear.
The fact that we’re citing decisions from over 30 years ago in today’s technological world is disturbing right there, and the contradiction you mention even more so. I’m not sure if the court as it stands today is really equipped to keep pace with the changes in technology, but it will have to respond and revise in some way.
Ultimately it may the users themselves who demand privacy and either produce ways to create it for themselves, or pay third parties to develop it for them. But we have opened a tempting box for any company, the ability to target marketing specific to our desires of the moment. That’s a tough thing to give up.
Thanks for your exposition of the law 🙂
Good writing. You are right that as it stands we have little or no privacy rights on the net. I do wonder whether business models will develop that for a fee will create services that do protect this privacy and use this money to fight subpoenas and more illegal forms of search and seizure. It may be that the marketplace might be the best place to combat this–if they can overcome the “meh” attitude you talk about.
While it might be possible for someone to create this business model, it would be a shame if such a thing became necessary on the web. One of the joys of the web is its wide open nature, and the availability of so many great tools to express yourself (including this website). The fact that a free e-mail doesn’t mean a private e-mail is kinda sad, but maybe paying for privacy is going to be the only way to go. But it could also be a breeding ground for scammers. Thanks for the comment Dad!
Here’s another thought I’m having randomly. Please take it far less seriously than what has been written thus far:
I think pronouncing EULA, yoola is wrong, and doesn’t convey the true feeling of the experience of reading and\or signing one. I propose eh-oo-la. That way it sounds a little more like enema.
Other possibilities are EEE-YEW-luh, the sound one makes when something smells funny. Any other ideas?
This is one reason I’m starting to encrypt e-mails I send to others when I am worried about other people getting ahold of the information. Groups like the NSA would have a pretty good chance of hacking my private key, but any accidental leaks and most third-party attempts to read my e-mail content will fail. The amount of necessary work won’t be worth the reward.
What do you use for e-mail encryption? I am admittedly a bit of a novice at this, just sending my e-mail through g-mail on the web and hoping for the best. But I really am starting to think about ways to change my habits. Thanks Paul!
Everything I do I learned from Jim Fowler and Craig Stark (a post-doc here). I use GnuPG, mostly because it is free and employs a “web of trust” model. If you have further questions, you can e-mail me and we can get into details.
Pingback: Fourth Con Travel Log (Day 1 – Friday) | [BTW] : Ben Trube, Writer