Forum Moderators: open
California's Senate has voted to support a bill to limit a new e-mail service by No. 1 Web search company Google over concerns it could threaten the privacy of users.
Really - If they outlaw automated reading of emails, then there goes all that spam logic..
I really bet that Senator has kicked some advisors butt on that one.
Um, and how would any system be allowed to receive e-mail, if that really was the phrasing they put in a law? ;)
However, one thing that did get through was forcing Google to delete emails when requested by the user.
Now that is a good thing. Could you imagine if someone sent you a bunch of illegal content and you couldn't delete it?
Yaa-ikes.
Can you not do that now? How weird
California passed a law that already existed. Well great job guys!
Forgive me if I have trouble waking up for this news.....
For an encore why don't they pass a law that says their Electoral College votes will not count as they have proven themselves to be totally out of touch ;)
55 votes in the hands of Californians............scary!
But according to Reuters GMail can still work:
The bill by Democratic state Senator Liz Figueroa would require Gmail to work only in real-time and would bar the service from producing records.
This BBC News item about it is also interesting:
I had to laugh cringingely at the last bit though. Ouch!
The final decision on whether it becomes law falls to California Governor Arnold Schwarzenegger who can approve it or decide to terminate it.
>>Can you not do that now? How weird
I don't see why this is still even an issue. There is a "Send to Trash" action which moves the email to the "Trash" view. Then, when you are in the "Trash" view, you can select "Delete Forever" and the message gets deleted. This is similar to how EVERY OTHER email service does it, just worded a bit differently! The only real difference is that Google specifically states in their Privacy Policy that "residual" occurrences of your messages may be kept in backups. Again, this is the same as EVERY OTHER email provider. The only difference is that Google is specifically stating it. You can bet your butt that Google isn't going to go into its backup tapes and delete your message just because you requested them to. NO ONE will do that. I can see it now: "Frank, load up the last seven backup tapes and find these emails. The user wants all traces deleted." Right.
The real issue here is that Google described specific processes and procedures in their policies that allow the (until now, ignorant) public is finally understanding processes and procedures that have been going on "behind the scenes" for years if not decades. Yahoo Mail and HotMail will certainly have to comply also, won't they.
This is nothing more than FUD being generated by bureaucrats who don't have anything better to do.
what you write about Google's policies may be true NOW, but some of what say is in the terms was added only after privacy advocates made a stink.
Sure people can read the policy.... and Google has reserved the right to change that policy at any time. It is sad that we need a law that says you have to delete it if the user says delete, but companies have stated that they feel they have the right to override the users request if it is in their own commercial interests (I believe even G said something like that early on as well), so a law is necessary.
The real issue here is that Google described specific processes and procedures in their policies that allow the (until now, ignorant) public is finally understanding processes and procedures that have been going on "behind the scenes" for years if not decades. Yahoo Mail and HotMail will certainly have to comply also, won't they.
This is not the real issue. Other services are much more restrictive in the amount of space available, which means that even if they cannot delete residual copies of deleted mail, the chances that the residuals will disappear within a reasonable time frame are much greater.
Some of them even have policies -- Earthlink, for example, will not or cannot retrieve, under any circumstances, a deleted email after 24 hours following the user's deletion. This makes a big difference.
Consider that the FBI wants your email. They go to Earthlink and they can only get deleted email that was deleted within the last 24 hours. Then they go to Google, and they can get deleted email that was deleted -- how long ago? We don't know! The FBI asks Google, is this email that was deleted 30 days ago retrievable? Remember, it's a felony for Google to lie to the FBI (ask Martha Stewart!). If Google can truthfully say to the FBI that something is not retrievable, then the FBI goes away and everyone is happy, and no laws are broken.
Whether this is done with a flag on the file, or by actually deleting the backups, is a technical issue that's addressed at the level of the operating system. It is not technically impossible to make something unretrievable even if backups exist somewhere. My point is that this is more of a corporate policy issue than a technical issue. Google will not set a policy on this issue, so the law proposes to impose one on Google.
Another issue that SB 1822 addresses is the issue of what Google can do with the personally-identifiable information available to them from Gmail. This includes a lot of information -- all the incoming email addresses could be databased along with the keywords that were scanned. Nothing in Google's privacy policy applies to those of us who are expected to reply to a friend who uses Gmail. We haven't consented to anything. Sure, we can refuse to respond to any and all Gmail addresses, and there are people who are promoting this approach. But what if Gmail becomes more popular than Yahoo mail and Hotmail combined? What are we supposed to do? Stop using email altogether?
The proposed law says that Google cannot extract this incoming information, which in its raw form is personally identifiable and very valuable to those in the data mining business (think of social network diagrams), and save it for future use. Google can only use it in real time for a scan of content for the purpose of serving ads based on it, and other limited purposes. Google should have covered this in their Gmail privacy policy, which unfortunately only applies to those with Gmail accounts, and has nothing to say about the rest of us. In other words, half of Google's privacy policy is missing, and once again Sacramento has to set things straight because Google either overlooked this, or is trying to get away with something.
Yes, the bill is watered down from its original version. A privacy advocate told me that "Senate leadership made it clear to us that if a two-party consent provision were in the bill, it would not pass out of committee." Compromise is the entire essence of the legislative process, and politics is the art of the possible. Professionals in public policy move on when something looks impossible, and try a different approach. I commend Liz Figueroa for her continuing efforts.
For instance, it would ban the anti-spam practices of some of the world's most effective e-mail systems -- and in this case, I'm not even referring to Gmail!
Take OddPost, for instance, a generally-well-loved and highly regarded Webmail service that's been around for a year or two. It fights spam by using a common technique -- Bayesian analysis -- that involves having users mark any misdirected individual e-mails as "Spam" or "Not spam." Over time, the system skillfully learns of unique spam fingerprints per user and adjusts its junk filter accordingly.
I use Bayesian filtering (via POPfile) on my own mail, and it's more than 99% effective.
However, given Figueroa's asinine bill, this would become outlawed, because a profile is being built up on each person. This is, of course, a necessary component of the Bayesian anti-spam technique... because it learns over time, for instance, that I receive a lot of OPT-IN e-mail newsletters about online marketing but I NEVER voluntarily receive newsletters about anti-fat drugs. In contrast, a friend of mine who is a nutritionist may actually opt-in to herbal supplement e-mail newsletters and such but NEVER voluntarily receive online marketing newsletters. Bayesian filtering, then, adjusts to the personal profile of what one considers to be spam and not-spam.
This profiling is outlawed under Figueroa's bill.
* * *
A MUCH more intelligent and effective proposal would have been a tightening of disclosure requirements and heightened penalties for sharing or snooping into personal information without the direct consent of the account holder.
But hey, this is politics... driven by sound bites, not effective policy, apparently.
Evenif you "leave message on server" it is you, the user, who are choosing to leave the emails stored for greater than 180 days.. not the service. It is quite a different animal.
I did not read the bill.... I apologize if I have missed the obvious because of laziness...
The bill by Democratic state Senator Liz Figueroa would require Gmail to work only in real-time and would bar the service from producing records.
Their algo's are going to have to become pretty fast, as they won't be able to do it once, but everytime a user visits the email.
But yah, for bayesian spam control you wouldn't be able to product records. Yaaa-ikes. Brain dead legislation.
I don't understand how the law will prohibit bayesian analysis as you describe - when you POP the mail it is downloaded to your own system and the filering/learning is done client/side, no?
With ALL of THOSE services, mail is spam-filtered on the server side, and so with Bayesian analysis data regarding filtering history must be also maintained on the server side (otherwise, you wouldn't be able to access your account from any browser on any computer!)
So, for those millions of folks, one of the most effective methods of spam filtering -- Bayesian analysis -- is thus prohibited by Figueroa's law.
Heh heh... Figueroa's Law. That has a nice ring to it. Just as "Moore's Law" has nearly entered the vernacular, I'm wondering if "Figueroa's Law" will become synonomous with clueless and harmful legislation.
>Can you not do that now? How weird
As an interesting aside, it's well known that Outlook and Outlook Express don't delete your e-mail, if you've ever looked at your "Deleted Items.dbx" you'll notice it's surprisingly large for an empty folder (and can be extracted back out).
Perhaps Senator Figueroa should block MS? ;P
>outlaw automated reading of emails
>Um, and how would any system be allowed to receive e-mail, if that really was the phrasing they put in a law? ;)
LOL! I wonder if she actually owns a computer?
I don't know who is more stupid.
now they have every email you ever posted and deleted plus
every site you ever visited, is there anything i am missing,, lol
dont really know if they track the ip on the gbar but imagine what you could track without the law in place.
bet ya the cia would love to buy google, lol..,,,,
[epic.org...]
From G's privacy policy [gmail.google.com]:
We will never rent, sell or share information that personally identifies you for marketing purposes without your express permission
So it's already illegal for them to pass on your details. Any new company would have to write a new privacy policy and make all users aware of it.
Your searches are stored in cookies. Cookies are to databases as fish are to bicycles.
How could they indentify a particular IP? I can't even identify my own because it changes each time I reconnect. It's what we call a dynamic IP [google.com].
track the ip on the gbar
No.
