Yes, Gmail users have an expectation of privacy
Consumer groups are up in arms today over a motion Google made in June to dismiss a class-action lawsuit alleging that Gmail violates federal and state wiretapping laws by scanning emails at the server level. Google’s full filing runs 39 pages, but it’s just one argument about halfway through that’s causing all the trouble:
Just as a sender of a letter to a business colleague cannot be surprised that the recipient’s assistant opens the letter, people who use web-based email today cannot be surprised if their emails are processed by the recipient’s [email provider] in the course of delivery. Indeed, “a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.”
This line has been widely misinterpreted to make it seem like Google is saying Gmail users have no expectation of privacy when they use Gmail, and the outrage is thick. Consumer Watchdog put out a press release calling the line a “stunning admission” that “Google has finally admitted they don’t respect privacy.” And as the story’s circulated through the media, the comparisons to Edward Snowden, PRISM, and the NSA are flying fast and furious. Which is exactly what the personal-injury lawyers who filed the case seem to want.
From there, Google’s argument starts broadly and moves towards the specific — that’s where the “a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties” line comes in. That’s a quote from the 1979 Supreme Court case Smith v. Maryland, in which the court upheld what’s called the “third-party doctrine,” saying that once you involve a third party in communication, you lose legally enforceable privacy rights. (This is an extremely controversial notion, but for right now, it’s the law.) Google’s argument is that people who email Gmail users are necessarily involving Gmail’s servers in the mix, kicking the third-party doctrine into effect. This is pretty basic stuff.
Then, in the very next paragraph, Google points out that email processing is a basic part of email itself, with citations to several state court decisions.
As numerous courts have held, the automated processing of email is so widely understood and accepted that the act of sending an email constitutes implied consent to automated processing as a matter of law.
And then, two paragraphs after the Smith v. Maryland quote, Google’s lawyers spell out their exact argument in utterly simple terms:
Non-Gmail users who send emails to Gmail recipients must expect that their emails will be subjected to Google’s normal processes as the [email] provider for their intended recipients.
Non-Gmail users. These words appear roughly 300 words after the Smith v. Maryland quote that’s causing all the fuss, but it appears no one read that far.
Panic tweakers still have plenty to freak out about
So that’s that. It’s very much true that Google needs to do a better job of communicating and enforcing the steps it takes to protect its customers’ privacy, especially as it continues to amass data about every human on the planet. And it’s a fact that the third-party doctrine as laid out in Smith v. Maryland is no longer good law — the Supreme Court didn’t know about the internet and smartphones in 1979. Panic tweakers still have plenty to freak out about, in general.
But taking to arms before even reading and understanding 500 words of a legal filing? Surely we can avoid that.
Read next: Google won’t approve facial recognition Glass apps until it has “privacy protections in place”
Warm Regards / Ganesh Srinivasan
Sent from my iOS device
An Ardent Apple Fan – http://anardentapplefan.wordpress.com/
We Showcase Your Story – Tell Us Your Story – https://weshowcaseyourstory.wordpress.com/