I certainly don't like the idea of G crawling and indexing my email. To me, it is really just a way for them to catch up on collecting the kind of demographic data Yahoo and MSN have been collecting for years.

Aren't we too quick to jump the gun?

We still dont know what exactly is being archived nor the privacy measures that are in place.

Lets see it before bury it :)

You need to understand how e-mail works. Unless the people e-mailing you are using strong encryption, such as PGP, ANY e-mail provider can trivially read all your e-mails. Those e-mails are sitting on their disks. If for example you are using your ISP for e-mail, the only assurance you have that the sysadmins aren't reading your e-mail is the ISP's promise that they don't. This is no different than the case with Gmail.

The moral of the story here is if you want e-mail privacy, then make sure you know how to use PGP, and all of your correspondents do also.

>If for example you are using your ISP for e-mail, the only assurance you have that the sysadmins aren't reading your e-mail is the ISP's promise that they don't. This is no different than the case with Gmail.

Actually, it is quite a bit different with gmail - at least as I understand it.

1)You can delete your e-mail any time you want from your ISP server, forever removing it from their reach. Google has said they will maintain an e-mail database even after the account is closed (according to a poster here). So any e-mail that enters a Google account will be a permanent part of history and probably traceable to the user - whether you want it to be or not.

2) You have your ISP's assurance that they WON'T analyze your mail. You have Google's assurance that they WILL. That is quite a difference.

>You can delete your e-mail any time you want from your ISP server, forever removing it from their reach.

Unless of course the ISP is secretly keeping a copy for itself of every e-mail that passes through their system. Technically this is trivial to do.

>Unless of course the ISP is secretly keeping a copy for itself of every e-mail that passes through their system.

That is true. And your comments about the relative security of ANY unencrypted e-mail are certainly dead-on.

rfgdxm1, no I’d say the moral of the story is scanning private emails to deliver targeted advertising for the purpose of profit is unethical. There is a big difference between doing this and offering a free email service such as yahoo or micosoft currently do. They may have advertising on their pages but these ads are not selected based on the content contained within your email message.

Think about it, if such a system is implemented by gMail which targets email readers with specific advertising, what is to stop google from keeping records of common words used in emails for marketing purposes? While such actions as this may already be practiced by google or other companies in secret, its very different when they’re happy to come forward and admit how they will be scanning your email to increase their profit. This is the type of mentality that is destroying the very underlying structure of the internet.

If google can get away with this you can bet every other free email provider will follow in hopes of increasing their advertising revenue. Just look at all the popups and banner ads that already pollute much of the web. Do we really need our email to become a source of revenue for a monopolistic search engine? I don’t think so.

Lastly, do you honestly believe that system admins at ISPs are secretly reading your email? ISPs are unwilling to release the user of a specific IP address to government officials (as was the case with the Canadian Recording Industry Association this week) until they are forced to do so by a court. I highly doubt they are reading emails when privacy is something their customers strongly value. If word got out an ISP was using targeted advertising in a webmail interface you can bet a lot of people would drop them like a hot potato.

You have your ISP's assurance that they WON'T analyze your mail.

Any ISP that uses a server-based spam filter is analyzing your email in the exact same way that Google will be analyzing it. Both the ISP and Google will be analyzing it to determine if it's spam or not. Google's analysis will also be used to serve up a couple ads. Big deal. This is de rigeur for spam filtering.

Beyond that, Google is claiming to offer a better method for searching data in old emails. That may just be an excuse to further justify the content analysis, but the fact is they need to do content analysis for the spam filtering and ad serving anyway. At least they're giving something back with the (reportedly) better search.

The only truly troubling aspect of this IMO is the permanent storage of email. If that turns out to be true, it would be the one thing that stops me from trying Gmail.

>Unless of course the ISP is secretly keeping a copy for itself of every e-mail that passes through their system. Technically this is trivial to do.

We will get used to Gmail quickly as we have got used to their toolbar.

Do we really need our email to become a source of revenue for a monopolistic search engine? I don’t think so.

Of course, Gmail, Yahoo mail, and Hotmail are totally opt-in, so no one is forcing any of this on us. We can take "our email" somewhere else whenever we want.

Lastly, do you honestly believe that system admins at ISPs are secretly reading your email?

Hehehe. Our sysadmin barely has time to read his own email, much less the 300,000 emails we process a day at our small-market ISP.

Can't imagine how many emails a day Yahoo, Hotmail, and Gmail (will) process. Doubt they have enough staff to read those, either.

With carinvore, the feds are reading all your e-mail, and I trust google more than I trust the feds.

I prefer having my own mail server sitting right next to me. And anything important get GPG encrypted.

But I do like webmail accounts for anonymity from the people that I am corresponding with in certain cases. And having a gig of space so that I don't get overloaded by spam, jokes or pictures of someone's pet dog, is a nice feature.

The moral of the story here is if you want e-mail privacy, then make sure you know how to use PGP, and all of your correspondents do also.

Exactly! Unfortunately, Joe Public doesn't realize this. And Google is going to look like they're snoopers.

>The only truly troubling aspect of this IMO is the permanent storage of email. If that turns out to be true, it would be the one thing that stops me from trying Gmail.

I'm assuming this is an option. IOW, if you want it stored permanently, Google will do that. However, if you want to delete all e-mails older than x days, etc. Gmail would also be able to do that.

From G's Privacy Policy:

We serve highly relevant ads and other information as part of the service using our unique content-targeting technology. No human reads your email to target ads or related information to you without your consent.

So they aren't really saying no humans will ever read your mail. They are just saying that humans aren't being used to initially decide what ads get sent to you.

If Google isn't going to ever read any email, how do you suppose they will track the effectiveness of their targeting? I would think fine-tuning the contextual algo would require looking at sample emails containing ads to see if they indeed contain relevanty ads.

Does anyone think that Google has never looked at a webpage serving AdSense in order to evaluate how accurate their contexual matching is?

rfgdxm1 - From the Google Mail TOS:

Residual copies of email may remain on our systems, even after you have deleted them from your mailbox or after the termination of your account.

Beyond ad targeting, don't forget about the "search" feature, in order to deliver "good search" they must take the contents of your email and index it, now what is going to happen with that index? Will they periodically toss it, keep it? Will they classify you according to index signals? How about an HR factor (Human rank)?

This guy is into boats
This gal is into boots

hmmm

Sorry, this thing just has too many "interesting" possibilities.

Residual copies of email may remain on our systems, even after you have deleted them from your mailbox or after the termination of your account.

oh..uh huh.. residuals, its called history.

I was just thinking to myself the other day.
'Gee I really don't get to see enough ads on the internet.
Wouldnt it be nice to get spam -inserted INTO- my mail!"

"The moral of the story here is if you want e-mail privacy, then make sure you know how to use PGP, and all of your correspondents do also."

"Exactly! Unfortunately, Joe Public doesn't realize this. And Google is going to look like they're snoopers."

I'm not attempting in any way to be critical here, but Joe Public probably doesn't want or need to go through the trouble of encrypting his/her email. Sure, if it's regularly business related or something you would absolutely not want anyone other than the recipient to read, use it. I would imagine, based on just what Joe Public writes about, that the contents are pretty boring and benign to anyone else other than the party involved. This is not to say that I would want my boring and benign email read and stored somewhere for eternity either. I just won't use Gmail. Besides, why the heck bother updating all of your contacts with a new address etc.

As for newbies, I would suggest sharing the "spyware" issue with our lesser informed friends and family and let word of mouth keep the Gmail thing from flourishing IMHO.

JPell

The idea of ads in my email is nauseating.

It is like talking to someone on the phone and having the operator breaking in to say, "I overheard you talking about taking the little lady out to dinner. There's a nice place just down the road from you...."

I have little faith in human nature, and to allow this serious an intrusion to my privacy is disturbing.

How many governments are going to be able to resist the temptation to get their hands on this information? How many multinational mega-corporations?

Scary stuff...

WBF

Wouldnt it be nice to get spam -inserted INTO- my mail!"

The idea of ads in my email is nauseating.

In case you all missed it, there will be no ads IN your email. The ads will be displayed off to the right, out of the way ... hmmm ... very much like AdWords on Google's SERPs. There's a screenshot here:

[adwords.google.com...]

willyb - the phone analogy doesn't fly because you're paying for phone service. Gmail will be free, so you should expect to put up with ads. That's been a basic Internet business model for ... what? 5 years now?

And I don't know how to respond to the governmental intrusion (rhetorical?) questions, because that's just a bit too Oliver North/grassy knoll-esque for me.

Like I said, I just wish they'd eliminate that permanent storage of email plan. Bad, bad idea.

Why all the interest? I won't use it. Will anyone from WW?

As for security, isn't there something called Echelon run by the US/UK etc. My understanding is that PGP does not offer much resistance to serious CPU power. If you want real security you need proper encryption (of email attachments). And given that work is progressing on quantum computers, even modern encryption methods may soon be cracked.

I don't care about this stuff, but people who do definitely won't use Gmail, therefore discussion of security is irrelevant.

Kaled.

Maybe if enough word gets around about Gmail it will leave a bad taste in surfers' mouths and they won't bother with them at all... plant a little seed of doubt of what else they are doing that we DON'T know about. That's my hope anyway. I have wasted way too many hours fixing what's wrong with regards to the world according to google, only to have them find something new that was "wrong" with my site. Funny all of the other S.E.'s never had a problem with my sites. I think we have forgotten that we are the ones who supply G with the info to cause their silly little revisions because like another poster stated in a different thread, it's probably more webmasters that use the toolbar than surfers, to keep track of our PR. Mutiny anyone?
JPell

Oliver North was real. The grassy knoll was conspiracy theory at its best :)

Privacy concerns are legitimate. Jeesh, the Govt. and music industry joined forces to track down those evil file sharers using stored personal info thorugh thier ISP's. What more could they accomplish with the data Google is beginning to hoard?

WBF

>I don't care about this stuff, but people who do definitely won't use Gmail, therefore discussion of security is irrelevant.

kaled - Certainly, people who understand security won't use gmail. But millions of people who know nothing about security may use it, exposing more of themselves to view than they ever intended to. So I respectfully disagree with your conclusion that "therefore discussion of security is irrelevant."

With few exceptions, nothing you do on the internet is really private. Joe Surfer doesn't have the first idea of that and the ad concept may scare a few folks... but really G doesn't have the personnel to read peoples emails personally... I don't really have the time to read all mine so I let the filters read them for me first. It's kinda the same. Like BigDave said... all your email you send regularly is being read for certain words anyway and I think that's all G will be doing with their information. A little applied semantics to determine whose ad most closely matches the theme of your mail. Though I don't like the idea of an ad-ridden email client for myself... it's really no different than aol's client browser. I helped someone a few weeks ago "clean up" their laptop and I hadn't seen the aol browser in a while... it's an ad delivery system foremost and the internet comes a distant second. If you use their mail you cant even access it without using their ad-filled client browser and that's with you paying a premium price for service. I think too much is being made of this IMHO.

There is a huge difference between reading and parsing incoming messages. If you have a spam filter installed by your ISP on their mail server, all your incoming messages are parsed (but not "read" in the sense of someone looking at them). All webmail providers parse mail for display purposes. The fact that messages are parsed by an automated process is not a problem.

The problems come about when it comes to profiling. Even if Google delete all your messages, will they have records of which ads an individual Gmail user was served? Are ads served uniquely on the contents of the single message on the screen, or according to a profile built of the contents of all the messages received, or according to the type of advertising you have been served or have clicked on before? Are users going to be categorized? For example, I receive a message from the css-discuss mailing list, plus the WebmasterWorld newsletter in my hypothetical Gmail account. The messages are parsed, and I am shown ads for technology products next to the messages. The third message is from a friend with a picture of his cat. Am I shown cat-related ads, or technology-related ones?

Hmmm... privacy... I'd have thought that people on this board would just wonder what they'd do with links embedded in emails, but hey, you learn each day it seems...

Okay, i'll play along, then - just for the fun of it. Consider the profiling options available when taking a step back:

-> Your websites (Google, AdSense, AdWords, DomainPark)
-> Your newsgroup postings (Google groups)
-> Your personal thoughts and daily life (blogger)
-> Your topical interests (Toolbar)
-> Your specific interests (Search)
-> Your current interests (News)
-> Your purchasing (Froogle)
-> Your personal relations (Orkut)
-> Your personal interactions (Gmail)

Nice package, huh? The Google business isn't built around search, it's built around you, really. Your needs... uhm.. your identity, that is. Sort of like the "personal OS" that Bill never built.

Looking at this list, i'd expect a launch within the area of finance. Or perhaps something that gets a little closer to your whereabouts like, say, geography/maps, local areas, names and addresses, photos, or some cellphone thingy. ... oh, i didn't know they'd looked into that already...you sure about that?

*singing* ..all the nice young men in their clean white clothes... they're coming to take you away haha hoho hihi

...............
Serious now, i'm not much of a paranoid person, and i really don't think the average happy-go-lucky geeks at google knows what they're dealing with here (much less that they are personally inclined to use it the "big brother" way) but information access like that makes the infamous carnivore beast look like nothing but a dead cow. I'm glad Google is a privately held firm and not into politics. I think/hope/assume that they'll keep their ethics for just as long as current laws and regulations allow them to do so.

And yes, i'll get a gmail account too, of course... just to search emails for occurences of common medical and financial terms, and various body parts.. that'll be fun.. hope they have a "html off" option btw ;)

>Certainly, people who understand security won't use gmail. But millions of people who know nothing about security may use it, exposing more of themselves to view than they ever intended to. So I respectfully disagree with your conclusion that "therefore discussion of security is irrelevant."

Baloney. People who know nothing about Internet security at this moment are receiving and sending unencrypted e-mails that are totally insecure. Yeah, they will have no security with Gmail. Which is no different than the current situation. As for those of us who do know about security, we wouldn't care about Gmail. I presume that Gmail would be able to handle PGP encrypted e-mails. Get 'em from Gmail, and decrypt them locally. Perfectly safe to leave them on the Google server if they are encrypted.

And, I assure you that I do know something about computer security. I've had detectives show up at my door fishing for information about a correspondent due to his sloppiness in communications security. I of course routinely and frequently encypt corresponce from those who are so lax in the first place. I just quoted the Fifth Amendment to these detectives, and asked if they had a federal search warrant or a grand jury subpoena. After they said no, I bid them goodbye. Even if they had a search warrant, I had some time back already encypted and archived all they might be interested in. Considering I'd be long dead before even the Feds could crack my PGP encypted data, at that point I wouldn't care if they did. ;)

>I'm glad Google is a privately held firm and not into politics.

That is the state of affairs today. Tomorrow? Who knows. The privately held part is certainly likely to change; perhaps the non-political part could too.

I wonder how everyone would feel about this if Bill Gates announced plans to buy Google :)