Interesting - as an advertiser I generally recommend using the email address "sent from" as your main source of targeting but combining that with specific keywords within the gmail campaign can be super helpful at finding people at the exact right time.
I should probably get fitted for a tinfoil hat because my immediate reaction was, "Oh shit! They must've developed something now that tracks you better and is less obvious."
Definitely, they probably realize they get better targeting by using demographic metrics like Facebook does - age, wealth, gender, interests, likes, etc - than they do by scanning email contents for keywords.
Actually, you can buy some paint that blocks all RF signals. It's absurdly expensive but quite effective. There aren't many ways to get signals out of a room painted with the stuff.
If you're thinking "Why not just build a faraday cage?" then you're thinking the right thing.
It's fun, isn't it? It's one of those things that costs way too much to be practical but you can't help but try to think of ways to get the cost down. Mini-SpaceX in a useless domain.
I've always thought that would be cool, then just have a fiber connection for communications and either air gap your main power or provide your own via solar and wind.
Ermmm we used the copper nanotube paint once on an office and, well, it sucked. Bad. Cell phones only worked in this small corner of the office, and wifi was chaotic. Something about signals can't get in, but they also can't get out, so they collide ...
If Howard had known of this paint, then he wouldn't have had to put Mylar all over his house and look like a kook! Jimmy wouldn't have had to do so much to help him out... maybe he'd still be alive!
I have one of those and it's kind of a PITA. I actually didn't realize it blocked RF until after I bought it. It's annoying because I can't just tap my wallet on the MUNI gates or the card reader at work, I have to open up the damn thing and press the edge of the card poking out of the card holder against it and hope it works (sometimes it does, sometimes I have to pull out the card).
I probably just have too much junk in my wallet, but I can't ever just tap the wallet against an NFC reader anyway. It either doesn't read anything or it reads one of the other low-power NFC cards contained (I think I have 3-4). For quick access to a single card maybe you can get a lanyard or one of those retracty thingies people wear around their belt loops?
Well, if I was doing security at your company, I'd probably want employee credentials to be visible at all times, which would also happen to take care of your problem.
Employee credentials should not be visible when the employee isn't inside a secured area. If you work at a site with a Security Officer, try inviting them out to lunch and not hiding your credentials. See if they care.
Then my very next thought is, "Who is going to notice my house-sized faraday cage, who are they going to tell, and what are those people going to do in turn?"
Actually RF shielding paint is very poor. Manufacturers advertise them with "99.5 %" or so, which equates a measly 20 dB. Additionally, correctly applying these is quite difficult, and incorrect application greatly diminishes the shielding. (You also need to cover everything, including ceiling and floor, not just the walls). Even when correctly applied, the attenuation is so weak, a cell phone will still work. Shielded facilities are built differently and are far more expensive than shielding paint.
RF dead chambers are bloody expensive for a reason: you can't emulate them by pasting some paint on a wall.
If you need continuous use, two rooms. One that acts as an "airlock" with an outer door that is open only when the door to the other room is closed. Battery operated fans and lights used as necessary.
Note that the "inner room" might be as small as a ammo crate depending on your use case.
One of my first jobs was building shielded boxes for a sensitive RF measurement setup. Containing the RF output from something like a laptop is hard. I lined the inside of the boxes with copper beryllium mesh (attached with glue, since nails become little antennas), soldered all the joints to ensure electrical continuity, and put a copper beryllium gasket all around the lid to make sure there was continuity when the box was closed.
My educated guess would be that given the proliferation of services offered by Google, it indeed has many more sources of information on each individual, and having email as one of them perhaps proves less beneficial today as it did when Gmail was first introduced. Now there is the Android OS which gives information about apps you use, locations, activities, and online searches, map queries, bookmarks, sentiments via G+, etc. So, it can disable auto-scanning of emails perhaps as a PR move (or, should I hope it is going to eventually evolve its email service to include encrypting emails, and this is one step in that direction??).
The article explains it plainly: they weren't getting the message to business people that Gmail on Google Apps isn't scanned despite free Gmail being, so they stopped scanning Gmail altogether.
I agree - I read the article. But having many sources to feed the ads probably made the decision to announce universally that emails are no longer going to be scanned easier to do in the first place.
Didn't they also get caught a couple of times scanning the email despite saying they weren't? I know there was a lawsuit alleging that they scanned the email of many university students after saying they wouldn't [0], which I think was settled for high 3 or low 4 figures per person, although I'm not sure (and wasn't a participant).
Note that this is not what the article says. It says that they stopped scanning Gmail for ads, but does not say they stopped scanning email for non-ad purposes.
To be more accurate the article says they stopped scanning for ads that appear inside gmail. Whether they still scan emails in the free gmail for use outside gmail is unknown, but I may be being pedantic...
(disclosure, I work on gmail, although nothing related to ads)
I can't find a citation, but I'm fairly confident that that's never been the case. Ad targeting from emails has always been siloed to within gmail. To quote the post:
>Consumer Gmail content will not be used or scanned for any ads personalization after this change.
Yep, I agree. Email is not really a good channel for analysis anyway since it has a very high signal-to-noise ratio. A lot of kids who've grown up in the texting era think that email is for old fogies and rely solely on shorter-form messages via Snapchat, Facebook, Instagram, and/or SMS, so their emails are almost pure noise and no conversational content.
Google's new problem is "How do we get access to the contents of these new communication channels so we can continue to read peoples' conversations?". Those new channels are walled gardens and you can't just create a new email client and say "Switch to GInsta for your Instagrams! We give you 2GB of storage!" Unlike the switch to Gmail, the switch to GInsta would represent a hard barrier to the "true" Instagram network.
Google is becoming the new MS; losing relevance with the younger crowd who are all about "social" platforms, and becoming more and more an enterprise sales model. What happens when Facebook goes after web search?
" But instead of scanning a user’s email, the ads will now be targeted with other personal information Google already pulls from sources such as search and YouTube. "
It's also prob not the best source of features (in a ML sense) for choosing ads.
When you read an email, your intent is either to understand what the sender is asking you (new email), or get the info you asked for (response to your email).
In the majority of cases a contextual ad is 1. pretty weird, 2. pretty against your primary intent.
Might as well showing you ads related to your recent browsing history, imo.
I see it as an opportunity to use ML to improve targeting. Ad clicks could be used as the training data since users are less likely to click on non-relevant or inappropriate ads. This would help with avoiding inappropriate keywords, e.g. death in the family.
"They have such a strong baseline of the predilections of their users, and by association with those they regularly communicate - by their overlapping interests and behaviors, googles ad dossier on any given user is complete enough to no longer read the drivel one sends to another to predict your future choices.
Perhaps you should ;) Google is a corporation, my immediate reaction was "They must've developed something more profitable" - and they have, they're continuing to compete with MS/AWS for business customers.
Exactly. From the article: "But instead of scanning a user’s email, the ads will now be targeted with other personal information Google already pulls from sources such as search and YouTube."
The smartest reaction I've read so far. But if you learn to know the Director of Cloud, miss Greene, it gets less scary. She believes in a eat-or-be-eaten world as we live in today, an argument like energy friendly data centers would still be a thing. She might've just done it because it's the right thing to do.
We must keep an open eye though for the moment when she gets fired and replaced by a shark, like when she got fired from VMWare.
That or they will have someone else read the emails for them... like the NSA. Also, all "cloud" emails older than 6 months don't require a warrant to be obtained [1].
Good for them. Though it goes without saying email is insecure. If enterprise clients dislike an algorithm scanning their email contents, maybe they should also consider that email generally has unencrypted transit and storage.
I remember there was a recent paper that dealt with this, too, but I can't find it right now. But it basically demolished this argument that it's impossible to stop spam if the email is encrypted.
That blog post doesn't actually say anything about how they do spam filtering on encrypted emails. Everything they talk about is bog-standard spam filtering, including comparing against known spam and Bayesian filtering, both of which are impossible to do on encrypted emails. It's not clear if they're doing reputation analysis, which is the other big anti-spam measure impossible on encrypted email (I suspect it's the main component of their "we're not telling you what we're doing"). The SPF/DKIM/DMARC and blacklist checks are the only things you can reliably do on encrypted email.
They do say "In future blog posts, we will cover the challenges of preventing ProtonMail from being used by spammers and the challenges of doing spam filtering with end-to-end encrypted emails which we cannot read", but I can't find any such blog posts.
It can probabky be done if you're using a email client. Webapp (like gmail)? Probably not feasible because of how much data you need to download every time.
Encrypting email to a single recipient is (a weak) proof of work.
There's a big difference between sending 10k copies of a plaintext email, and retrieving a public key and encrypting to 10k recipients - not to mention that filtering out all non signed/not-signed-by-trusted-key should be a decent start for a whitelist/greylist.
I'd be curious if anyone ever got gpg-encrypted spam?
Another approach would be to have to pay the equivalent of USD 5-10 cents in some email crypto currency in order to allow an unknown sender to put their email on my inbox. If I reply or add the sender to my whitelist the fee is automatically refunded to the original sender and future messages between both parties would won't require a transaction fee any longer.
If they're not using it for ads, there's a good chance that it's in Google's best interest to not know the contents of people's email. It lessens the impact of a potential breach, and it greatly simplifies their responses to gov't requests to 'we have no method to access this data, you must contact the account holder directly'.
So much for the argument "how else is Google going to make money if it isn't reading your emails?!"
Companies can make money without tracking you 24/7 and reading all of your private content. They just choose not to, because it's easier, and then spread the propaganda that those things are "needed" to stay in business.
To be fair, your “basic privacy rights” have nothing to do with this, it's about simplifying Google's efforts to sell services (which weren't actually effected by this anyway, but perception is a different thing than reality) to enterprise customers.
As the founder and CTO of Blekko search engine, one would imagine that you would be familiar with Google's personalized advertising policies: https://support.google.com/adwordspolicy/answer/143465?hl=en (Found through a quick Google search)
How do you know? That's the problem with closed source software, and software that runs in someone else's computer. You have no idea what it does. You aren't in control. Someone else is deciding what code runs on your computer. That's a problem.
Cue discussion of how with open source you don't really know either, since nobody can read and find out all the backdoors in the source of the whole system.
I'd argue it's extremely naive to not have that world-view. Especially given all the evidence of closed-source software doing things like this in the past.
How do you know they were ever reading your email to begin with? Maybe they were never reading your email and this is just a publicity stunt to backtrack on an unpopular decision that they never actually made.
Except web-based (or "cloud" now I guess) services like gmail are not running on your computers (apart from the javascript, but you can see that so you should be happy).
In this case it is google's code running on google's computers.
> In this case it is google's code running on google's computers.
Which is mostly based on Free Software, starting with GNU/Linux. The Affero General Public License is intended to disallow this loophole of "it is only running on our servers, hence we are technically not distributing it, so we do not have to release the code": https://www.gnu.org/licenses/agpl-3.0.html
Big companies can't hide this stuff forever, you can eventually figure out, it is just better business-wise for them to just state they read your emails for ads, it can cost them a lot if they don't, plus most people don't really care.
A few weeks ago a friend and I were talking exclusively through WhatsApp about a trip to London(in Portuguese with our very unusual jargon), I didn't do any search for anything related it was all within our conversation, a couple days later Facebook had a post on my timeline saying: "heading to London? Check what your friends did there".
I don't remember reading anywhere that WhatsApp reads your conversations for ads, but it was clear to me that's where they got the information, it was spooky at first.
WhatsApp doesn't read your conversations for ads because it can't. Message content is end-to-end encrypted. You must have leaked your plans through some other medium inadvertently.
This is called retargeting and is even worse from a privacy perspective: now your data is going through multiple layers of ad buying tools, analytics, ad exchanges, aggregators, ad networks, etc.: http://2bd2y2367xnj3kpntjsifzmf-wpengine.netdna-ssl.com/wp-c...
That is actually an interesting argument, that they don't lie about this because if it ever came out they would be in deep shit.
Speaking of which, I had a similarly creepy moment just yesterday. I was watching an episode of the Simpsons, and wanted to Google the Bart blackboard gag in the intro because I didn't get it. Just I type the first word and it immediately suggested the rest. Very creepy because I wasn't watching through any Google service (on an Android phone though).
Does that mean that Google now has no more use for Gmail, and soon millions of people will be scrambling to cover yet another product sunset?
That would certainly cause an enormous loss of goodwill, but.... imagine this scenario:
Google has some slow growth quarters, they need to keep the numbers up for shareholders. They start to examine what they can squeeze. Gmail costs them X (hundreds?) millions per year, but doesn't gain much from it...
Certainly its unlikely, as it is also a SSO tool, etc. Still....
I significantly doubt it. It's ubiquitous internally. It's a major selling point of GSuite. It'll likely remain one of Google's biggest ad-serving faces outside of Search.
They may get rid of one of their applications (gmail OR inbox), but I doubt they'd get rid of the entire platform. They'd lose more revenue than they'd recover.
I never understood the argument that some automatic scanning for keywords is like "reading" your mail. By that same logic isn't Gmail's spam filter still "reading" your mail? It is classifying your mail based on content after all...
It's like my accountant reading my receipts to create my tax return versus a sleazy salesman sneaking a peek at them to find new ways to sell me stuff.
It's more like your accountant preparing your tax return for free in exchange for aggregating data about your receipts and offering you goods and services you may be interested in.
Let's split the difference. It's like your accountant preparing your tax return in exchange for using that tax return to develop a model of your spending habits. The value of this model is more than the cost of them doing your tax returns, and in fact is such that if you were simply to collect that data yourself, sell it on the open market, and spend a portion of the proceeds on the tax prep service, you would end up with profit, and the tax prep service would still exist.
> The value of this model is more than the cost of them doing your tax returns
It's likely the value Google got out of scanning your email wasn't worth that much in terms of modelling profiles for ads.
Probably because having both your search history and "anonymized" Google analytics, plus the sea of data that comes from owning Android is more than enough data that Google/Doubleclick needs.
From a purely capitalist perspective I'd bet the utility of them scraping this data no longer outweighs the privacy costs.
But at the same time Google is still scanning attachments for child porn and likely other data out of national security interests. And they still can access your data on a case-by-case basis which from a FISA perspective is a rubber-stamp away from accessing your data from 2 hops away from someone who may or may not have done something bad.
I personally will not weigh using Google vs any other email service in terms of privacy any different after this measure. But I still appreciate their efforts to reduce the "standard pratice" nature of scanning private email. If I do use anything Google-related I will not associate my personal identity in any way with the service, which is still requirement for Google play.
You can still use a fake gmail account and prepaid Google gift cards bought with cash to disassociate your identity from using the service. Although that's still well beyond the investment the majority of people are willing to make.
Regardless privacy comes at a cost these days. Good OPSEC > trusting cloud services privacy policy. You can either not use the services or invest in protecting your data when using them.
I will still cheer on Google's efforts to make those of us who care about privacy live's easier. I'm not naive enough to ignore how their business model works but that doesn't mean they always have to take the easy route and hand everything over without considering the costs - as many ISP/Telecom companies seem to do.
I disagree with you, but from the perspective that my email contains the history of every transaction I have ever made, all of the newsletters I sign up to, and, for another 3 days, ~50% of my conversations, since I do a good chunk of my communicating over gChat.
Consumer preferences change over time, so google is far more interested in the thing I bought yesterday than the thing I bought 4 months ago, so being able to read my emails is still a current interest of theirs.
Amazon's receipt emails stopped including an itemized breakdown. Perhaps this is for customer privacy or perhaps so Google can no longer scrape Gmail users' purchase histories.
Eh? That assumption of "not associating my personal identity" doesn't actually work. Your profile IS your personal identity, and can be associated trivially. If not algorithmically, then via one connecting piece of information supplied by various databases and no such agencies. You're living in a dream.
> Your profile IS your personal identity, and can be associated trivially.
I'm hardly new to his stuff and to say it's trivial is nonsense. Most people make it trivial but it's not trivial to associate identities of people who put basic effort into obscuring them.
Merely disconnecting your primary profiles from your online activity is enough to throw most mass-surveillance/drag-net stuff off, aka 99.9% of advertising firms and most government programs.
If you're an activist or someone interested in keeping your internet activity private then the bar is far higher (and the targets of which are ever expanding as governments and private organizations get better at this stuff). FBI agents, or likewise in your country of residence, have plenty of forensic tools at their disposal to connect disparate identities. It takes some real time investment and requires being super careful to evade these measures. But I'm not talking about that here. I mean the average person in 2017.
I've personally done the total anonymity stuff as an experiment so I know what that takes.
Having studied many documents from the various global national security organizations and being fortunate to have dated a defense attorney in the past who engaged with police surveillance reports on a daily basis for their work I'm convinced that even basic privacy measures such as never using your real identity when using internet services, creating full legitimate sounding backstories (and subsequent online profiles) for your fake identity, and changing the ID you use often enough will throw off most basic surveillance measures.
I'm not doing anything to get people really invested in uncovering my online identities, as most people aren't, which is what I'm talking about.
The simple fact is the vast, vast majority of people reuse the same username (and passwords) across the internet and use their real name and emails everywhere. So it's really not hard to track people online from an LEO or 4chan doxxing perspective.
But I'm not convinced you have to be isolated from the utility of most online (cloud) services. You just have to invest in using them intelligently to not associate your actual identity with the services.
Ad companies aren't interested in deanonymizing people anyway. They are looking for low hanging fruit and there are more than enough people to fill databases who fit this profile. So I'm not that concerned about those who don't.
It's not trivial to match any arbitrary profile with an offline identity, but it is possible to cluster pseudonymous profiles into "almost certainly the same individual" by patterns and peculiarities in how they use their devices. If the same patterns later show up for an identified user, they can be linked with high probability.
With the sites Google runs plus running their own JavaScript on a sizable fraction of other people's web pages, they can pick up a lot of patterns, many of which would be inaccessible to police and intelligence surveillance.
Some people have nervous habits like moving the mouse around, clicking/tapping on whitespace, scrolling up and down, etc. Some always/never use the scrollbar. Some always/never open links in new tabs. Some tend to put the adjective before/after the noun in their searches. Some will rapidly open up the first 5 search results in new tabs. Some always disable instant search, and some of those change their settings to 20 or 50 or 100 results. Some use search features like the calculator, searching for "weather", stock symbols, etc, and others never do.
> if you were simply to collect that data yourself, sell it on the open market, and spend a portion of the proceeds on the tax prep service, you would end up with profit, and the tax prep service would still exist.
Economies of scale; the market for that data would not exist if individuals collected it themselves to sell. Hence would break down.
Phrased another way; this data about 1 person is relatively valueless.
(I like the rest of your example BTW; just disagree with your conclusion)
> if you were simply to collect that data yourself, sell it on the open market, and spend a portion of the proceeds on the tax prep service, you would end up with profit
Hmm. Could you sell it on the open market? If so--if the margins for the ad-supported model like Google's are in fact as big as they appear--why isn't there a Google competitor who provides exactly the service you describe: some kind of opt-in system where they collect data (via, say, a browser extension), sell it to advertisers, and pay you a cut?
One generic answer to "why does the market not offer [some seemingly reasonable thing]" is inefficiency: maybe there's some cartel system at work where all major advertisers are hoarding the revenue for themselves. But I find that pretty unconvincing, since the whole market _seems_ to be otherwise quite competitive, and with low barriers to entry.
Perhaps a more likely theory is that if you were to offer a "we pay you for personal data" competitor, you'd face massive fraud--a la click fraud--in which attackers would pretend to be real users in order to get paid for searching (or whatever), and that the subsequent need for identity verification would become so burdensome as to eat away any profits.
Anyway, an interesting thought exercise, but I think one can broadly conclude that either:
1. There are real obstacles to paying people the "fair" price for their data, such that the current system is in fact fairer than it appears.
2. The entire market is unfair due to a cartel or similar (though like I said, I find this fairly unconvincing).
3. This is a great idea and you're the first to have it, so you should start a company that does exactly this. ;)
Interesting. How do they protect against clickfraud, though? Paying the user seems to me (somewhat naively, because I'm not super familiar with clickfraud) to increase the incentive for abuse, since you don't have to run a malicious website to do it.
One of the obvious advantages of the Gmail model seems to me to be that free email is less fungible than cash, though of course abusers resort to spamming and other practices to monetize the resource.
gmail can still advertise to me in the hypothetical scenario above, but if they want to do so in a targeted way, they would have to buy my data from me first.
my accountant preparing my tax return for free in exchange for...
inviting
...a sleazy salesman [to] sneak a peek at them and find new ways to sell me stuff.
Your accountant prepares your tax return for free. They also have a lot of boxes of flyers provided to them by people who want to sell things. After preparing your tax return, they use their knowledge of your return to choose which flyer to put into the envelope. They then send that envelope back to you, and when you open it to read your tax return, there's a flyer for something else paperclipped to the front with a note saying "Thought you might find this interesting."
(In particular, the accountant is only one who sees the information in your tax return.)
Anecdata: in the past 5 years or so the number of relevant or interesting search ads Google has shown me can be counted with one hand.
- If I'm searching for technical documentation, I couldn't care less about all the random consultancies or shitty-SaaS-of-the-day trash that populate the ad slot(s).
- If I'm looking for technical details on a piece of malware or vulnerability research, the last thing I want to see on the page is a goddamn AV junkware full-frontal.
- If I'm searching for details on some car models ... why the fk is google shoving insurance ads on my screen real estate?
And so on. As far as I'm concerned, online advertising is a stripmined toxic dump. Only the shittiest swindlers and shadiest extortion artists remain.
>- If I'm searching for details on some car models ... why the fk is google shoving insurance ads on my screen real estate? //
Brand marketing. It may not work on you, but it works in general.
Personally I consider myself pretty imune to marketing but when you think "who else should I check to switch my car insurance to" then that brand is going to pop up if it's been fed to your brain enough. Indeed when you're looking at a list of similar offers the one that's associated with a name you already know will seem somehow more trustsworthy, it's an insidious finagling of a brand in to your brain drip by drip. Why do they do it? It works.
Here's a real life example. It's like Credit Karma who prepares your tax return for free, but then uses the info to help target you for ads on credit cards, loans, etc.
It's more like your accountant preparing your tax return for free in exchange for aggregating data about your receipts and offering you goods and services you may be interested in.
Hmm. I could actually see that working, as a spinoff of concierge services offered by companies like American Express.
If its about offering me goods and services that I may be interested in, then ad blocking is a useful feature for both me and the advertiser. If I am not interested in any goods or services then no offering or aggregation is needed.
On the other hand, if its about offering me good and services which other companies want me to become interested in, then we have a different deal going on.
can your accountant prepare your taxes without looking at your receipts? no. can webmail provider provide you email service without asking your emails? sure he can
I don't understand why seeing an ad is so bad. So a sleazy salesman is more annoying because they are in your way. But if you're going to see ads anyway, I'd rather they be relevant!! Can soemone explain why given that there will be ads either way they actually prefer irrelevant ads?
Relevant ad is euphemism for "ad that makes you buy stuff you would happily not own otherwise". Since ads in general work (they make people buy more or different stuff) and you can not objectively evaluate whether you was influenced by ads, it is rational to avoid them.
Practically, once add service knows I am women, it insist on showing me ads for menstruation cups everywhere I browse. I also find juxtaposition of baby accessories and relaxation bullshit on metal, programming or games site mood killing. When they know less about me, I actually get less weird more neutral less crappy ads.
>Relevant ad is euphemism for "ad that makes you buy stuff you would happily not own otherwise". Since ads in general work (they make people buy more or different stuff) and you can not objectively evaluate whether you was influenced by ads, it is rational to avoid them.
Umm - you should avoid getting information because it might influence you to buy things ? There's nothing wrong with what you said, in an ideal world ads would be just that - informing the customer about your product - and influencing their decisions with information. The psychological marketing tricks to make a thing more attractive is also a value add.
Problem is it's easy to be misleading, create disinformation and it can be very profitable - that's what leads to shitty borderline fraudulent ads we have.
Ads are not information. They are not factual. Psychological marketing does add at value to me, just like being manipulated in person does not add value to me.
Like I responded below, psychological marketing effects like branding, exclusivity, etc. have been shown to increase peoples enjoyment of products in multiple studies.
Being manipulated can also add measurable value to you. For example if a doctor gave you a sugar pill for some condition and the placebo effect helped you get better - would you say that it added no value just because the sugar pill physically did nothing ?
Umm - you should avoid getting information because it might influence you to buy things?
UMMMMMMmmmmm - yes?
Obviously?
If you wouldn't let a salesperson barge into your house, interrupt your reading to try and convince you to get discount eye surgery, why would you let that happen in visual form?
in an ideal world ads would be just that - informing the customer about your product
This is not anything like an 'ideal' world. One human has such limited attention, that you could spend every second of your lifetime attending to a different product and do nothing else, and you still wouldn't cover them all. And companies still wouldn't be happy with this ridiculous limit case, they'd still want a greater share of your attention and wallet. You, us, individually, mean nothing except a source of coins.
If we want to mean anything to ourselves, defence against the dark arts is necessary.
The psychological marketing tricks to make a thing more attractive is also a value add.
The psychological marketing tricks to make a thing more attractive is abusive and parasitic. Ideal brains would search for what they need, and buy the most fitting thing. Human brains which can be manipulated are a weakness we all share - and we should all be kind enough not to abuse this fact of each other any more than we have to.
>Ideal brains would search for what they need, and buy the most fitting thing.
That's not really how things work - there are certain things you need to accomplish other things where your reasoning partially applies but even then it's debatable. But then there are things you do for pleasure - and how you value those things can be completely separate from their physical properties.
For example there was a study[1] where they gave people 5 vine samples, a cheap wine with 5$ price tag, same wine with a 45$ price tag, 90$ vine and the same 90$ vine with a 10$ label, and a correctly labeled 35$ vine. They found that reported enjoyment and measured fMRI activity went up with price even for same vine. Plenty of similar studies that show similar effects for branding, etc. So these things actually create value even if they don't physically change the product - you end up enjoying it more and it's purpose is your enjoyment.
I mean most of the high end stuff ends up being blowing smoke up your ass to make you feel good about paying 2-10x markup, even when the quality is superior they bundle the bullshit and inflate the price extra because they know you'll pay.
1. Targeted ads catch my attention better. Frequently I don't even notice or remember irrelevant adds.
2. Targeted ads are almost always, SEOed (if you will) to me; that is, they seem relevant, they offer the solution needed to fix the precise problem I'm discussing in the email chain, I click, I read, I would buy, but I realize that the product offered is nothing like what I've been reading about on the landing page.
3. Targeted adds are much more effective at convincing me to spend money on stuff or services that I could have lived without.
Sure, I should toughen up mentally against ads, but until I do, I protect myself from ads that will manipulate me and one way to do that is to prefer irrelevant ads when I need to see them.
I'm curious how you make a living and whether the business you're in relies on advertising to sustain itself. Perhaps I'm reading too much into your post, but I detect a value judgment that businesses trying to be businesses (i.e., selling you stuff) is a bad thing.
Ads are an insidious and highly effective form of psychological warfare. They play on human fears, insecurities, neuroses and instinctual weaknesses in order to part people from their hard-earned time and resources.
You might say the ads just bring their attention to needs they didn't know they had. I would say the opposite, that they create needs where there none existed to begin with.
We have to stop this madness of thinking that "John READS my diary" means the same thing as "The function fread() READS nitems objects". Those don't mean the same thing except in a metaphorical sense. It's insane.
why does it matter? Google has access to read my email, and if they want (or are pushed to), they can single me out and then go and read them. Sure, 9/10 times it's a bot reading my emails, but there's nothing stopping them from doing it.
it matters exactly because of what you are saying.
You do have protections against someone reading your email at Google. Both from a expectation of privacy, but also from a company perspective. You also do have some non-expectation of privacy (if, for example, the US government wants to read your google email, they can ask for it and they eventually will).
The day someone with a brain and an opinion on Kim Kardashian at Google reads your email, there is a HUGE difference from when Google is "reading" your email for ads/spam/spelling/whatever.
You don't want to blur that line being wishywashy with language. You want to know that difference. The fact that it could happen is why you need that clear separation between "machine reading" and "a person reading".
> You do have protections against someone reading your email at Google.
And those protections are bullshit.
I have no guarantee that they are not reading my email. If a bot has access, a person has access, and people abuse their access all the time.
In fact, there have been cases of googlers reading peoples email. And I'm not blurring any line, I'm stating: Gmail can, has been, and will be abused. To pretend that is not the case is, frankly, naive.
I know this is cold comfort, but every single production data access is audited at Google, and that's after one signs more NDAs than you can shake a stick at to even get logs access in the first place. Each incident, with David Barksdale being the worst, has made them lock down logs, PII, and production access at a level unprecedented of any I've seen (including HIPAA shops).
You're correct that the possibility exists, but any Googler inhales heavily and makes sure their paperwork is in order before accessing prod. The warnings that are displayed are not unlike those when you're removing a nuclear core on a starship. It's scary. They want it that way. You need a damned good reason to even look at subject lines in the inbox (like fixing a bug involving subject line rendering that only appears with a user's specific subject line, for instance), and clicking a message is almost certainly a walk. Like, within the day.
They do take this seriously. I wouldn't call it bullshit. The protections I observed were in place before Snowden, so I imagine it's even more rigorous now.
You're calling bullshit on what, exactly? I'm providing you perspective on the very thing you're hypothesizing about from firsthand experience.
What is your technical solution for operating Gmail without any Googler having the ability to access some aspect of your data? It's email on the Web. Handling that e2e is pretty much intractable, and cleartext or nearly-cleartext with online keys has to exist somewhere even without the Googley things they do to data. I might posit that building a functional service with that requirement would be impossible for the Gmail case and many others (but I'm ready to be proven wrong).
>> They do take this seriously. I wouldn't call it bullshit.
> You're calling bullshit on what, exactly?
really? your firsthand experience is nice, but your ignoring that those methods don't work.
> What is your technical solution for operating Gmail without any Googler having the ability to access some aspect of your data?
They can use any of the current zero-knowledge encryption methods. This isn't anything new and has been around for a long time. There's no need for Google to have those keys.
Encryption isn't a new problem for email, it's already a thing.
what's the use case you are worried about? Tell me a story. Who is accessing your date, for which purpose, when, how much, etc... and explain how Gmail is a bad solution because Google "can read it".
Yes, Google does not offer you protection against the Government. That is a true statement. But that doesn't mean that it's all or none. There are so many privacy rights before "a warrant request". And news flash, unless you are extremely good at securing your own mail server, even then you are not protected against a warrant.
Those checks are not bullshit. Every single security system "can be bypassed".
The use case is pretty obvious by now: people trying to manipulate me (ads), overreaching government intrusion, and invasions of privacy.
I never said that Google just sends everything over to them, but they can come and access my data without me ever knowing, and that's a problem. Just because there are (imo broken) checks in place does nothing to negate that fact.
Those checks are provably bullshit by the previous breaches. If they weren't bullshit, there would never have been breaches.
as I said, government intrusion can't be defended as is. Name one web technology that is government intrusion proof. Fuck that. Name on technology that is so. Air gapping isn't. Granted, air gapping allows you to at least know about it. But that's that.
"invasions of privacy" is not a use case. Give me details. By whom? Your partner? Your coworker? 4chan? Your mayor? Russia? What information are they getting from you? Why? It's very likely that whatever use case you come up with, you are better defended with 2auth gmail than with whatever other solution.
That's a problem with the web. In 15 years, and not counting legal government requests, there were what? 3 cases of email data breaches that were caught? 5? That's your "provably bullshit"? What do you use on your life that has a lower failure rate than this?
> as I said, government intrusion can't be defended as is.
yes it can. zero-knowledge encryption is already a thing.
> Name one web technology that is government intrusion proof.
Apparently the iPhone is. pgp encryption is another one. I'd suggest brushing up on basic security before saying things like that.
> "invasions of privacy" is not a use case.
Why not?
> By whom?
By anyone that I don't authorize. Sure, that could be my partner, coworker, any government authority, etc.
> What information are they getting from you?
Are you serious? If you don't even understand that threat model, then again, I'd suggest looking in basic security models.
> you are better defended with 2auth gmail
2auth gmail is orthogonal to the issue. That's an security method. Currently Google does that but still can grant access to anyone they want. That's a problem that 2auth doesn't address.
> not counting legal government requests
Why not? Why remove a legitimate security issue from the discussion?
> 3 cases of email data breaches that were caught
I have no idea how many have been caught, once again, that's orthogonal to the issue. How many examples doesn't matter. It's that they do have access and can do it whenever they want.
> What do you use on your life that has a lower failure rate than this?
That's a completely illogical argument. "We shouldn't ensure privacy/security because other things in life fail more often" makes no sense.
If you are referring to the San Bernardino phone thingy, the FBI withdrew the request exactly because they did access the phone by themselves. It just cost more money.
> pgp encryption is another one
lol. Isn't there tons of reports claiming that PGP leaks too much metadata? And that the NSA is collecting those? And that there's no reasonable way to use PGP without leaking those (like hidden-sender whatever).
> > "invasions of privacy" is not a use case.
> Why not?
Because I want specifics. Just saying someone "invaded your privacy" doesn't tell me anything. Tell me a full story: entity X did Y to know Z from W. And show me how using gmail made W more unsafe on that case. And what I'm trying to tell you, is that there are two cases:
- legal government related. In which case Google can't (and won't) protect you. It's a fair claim. If you are doing something that the US government wants to know about, don't use gmail. But most things won't protect you from that anyway. Ask Dread Pirate Roberts about it. :)
- non-government related. In which case you are better protected with gmail than most things you can reasonably do. Ask Hillary Clinton. :)
> That's a completely illogical argument. "We shouldn't ensure privacy/security because other things in life fail more often" makes no sense.
Where did I say we shouldn't ensure privacy/security? What I'm refuting is your claim that "it's bullshit because it failed once". Gmail does a better job than most other things. Most things in your life fail more often than that. And most things don't evolve security/privacy wise as well as gmail does.
> the FBI withdrew the request exactly because they did access the phone by themselves
As far as I saw, that was just speculation. Any source on that? I'm inclined to believe it, but if true: why do they want the encryption removed rather than just snooping that data on the sly? It's better if your victims think they are secure.
> lol. Isn't there tons of reports claiming that PGP leaks too much metadata? And that the NSA is collecting those? And that there's no reasonable way to use PGP without leaking those (like hidden-sender whatever).
Possibly. But if so, I haven't seen them. Sources please.
While meta-data is absolutely useful, contents are even more useful. Just because something has one security issue doens't mean that we should give up security altogether.
This isn't anything new. Having access to communication is pretty much the basis for espionage. If you don't see how that applies.... I'm not sure I can help you.
> legal government related. In which case Google can't (and won't) protect you
That's my point. They can protect you, they choose not to. Zero-knowledge encryption is still a thing. Just because Google doesn't use it doesn't mean it's not possible.
> non-government related. In which case you are better protected with gmail than most things you can reasonably do. Ask Hillary Clinton. :)
Only if Google can't access that data. If they can, it's much easier to bypass encryption and just ask Google to hand it over. Google can solve this problem but chooses not to.
> Where did I say we shouldn't ensure privacy/security?
When you say that gmail should be trusted. There are clear privacy/security holes with their model that you are ignoring. That's what this whole discussion is about.
> What I'm refuting is your claim that "it's bullshit because it failed once"
A) It didn't just fail once.
B) Failing just once proves that the system is not secure, and needs to be fixed. Failing multiple times from the same attack vector proves that they aren't taking security/privacy seriously, because they won't fix the root problem.
> Most things in your life fail more often than that
... so? Whether thing A fails more often than thing B has no bearing on whether thing B can and will fail.
It's not about who reads it, it's about who has access. If a system has access to read my email as plain text, it means anyone who owns or can get access to that system can read my email.
Some one wrote fread, it could've been john, and john absolutely could be reading your email. Look at the what happened with ubers god mode.
That said the value of gmail for me exceeds the risk of people I care about reading my email getting access or having access. However my(and probably your) subjective view on the value of your emails is absolutely subjective.
But then again, in the context of the story, it doesn't change anything. Google still has access to your email. That it is not "reading" for the purpose of ads is just a minor thing that doesn't impact your privacy/security in any way (in the terms that you are describing).
Why try to pretend Google is nice to you?
If their spam filter gathers the most relevant words and keep them stored for admins to look for the sake of tuning or whatever and maybe the admin also works in the ad department, perhaps checking on your email isn't for ad targeting.
You need to give up on your content the day you started using gmail, no matter what the TOS says.
But… you don’t really have to use Gmail to use most of Google’s other products, just as you don’t really have to use (actively) Google+ to use other Google products either.
But imagine you use an Android phone, for instance. There's a whole bunch of integrated stuff that works well together that wouldn't if you had a Google account and then kept your e-mail somewhere else. It's not really a 1:1 comparison.
Unfortunately no. You are going to be tracked whereever you go and it has GA. The reason why Google can stop reading your emails is because they have a global network now that can track you better.
What about people not using gmail but sending email to a gmail users? Those don't gain anything here.
I actually host my own email but every time I send a message to somebody using one of these webmails it gets indexed and monetized.
But I would argue that it's a technical problem first and foremost, email security is mostly a joke. If I need to send sensitive things through emails I can always use PGP to actually protect it, instead of relying on the goodwill of the email provider not to peek into the message. If people really valued their privacy they'd be doing something similar.
There are many flavors of Buddhism, which one matters here for the point you are making?
EDIT - I am not sure why I am being downvote, I legitimately don't get his point and figured I would for more info rather than just calling him out as a troll or something. Is there something obvious I should know?
Disclaimer: I know nothing of Buddhism, I haven't even read the Wikipedia page
I believe some Buddhism teaches something along the lines of: personal possessions are bad, and freedom is found in not owning anything.
I think OP is saying: advertising goes directly against that line of thinking. It is actually tempting a Buddhist to buy more stuff, thus going against their religion.
"Zen does not confuse spirituality with thinking about God while one is peeling potatoes. Zen spirituality is just to peel the potatoes while being informed about ten local places to purchase God with next-day delivery."
That's true in the sense that having no ads at all would be better; but if you're going to be seeing ads either way, why wouldn't you want them to be ads for things relevant to your interests?
Whether you block ads or not is kinda beside the point. It's a little unreasonable to expect Google or anyone else to stop personalizing the ads they're trying to serve you just based on the fact that you're blocking them.
The ads are shown exactly for that reason. If the only ads shown were for products or services or information which the consumer was not interested in, then no one would pay for advertisements in the first place.
Even if I agreed that some ads have benefit, the cost-benefit analysis (with costs including screen space, compute, bandwidth and the malware threat) still looks grim enough to justify adblocking IMO.
In a perfect world, yes. In the real world ads are about manipulating through every psychological trick in the book to buy shit you don't need. To manipulate you into thinking brand A is better than brand B (both of which you were already aware of). Etc.
This is what ads are. This is what we adblock. This is clickbait, lies, manipulation, visually distracting, space wasting, untrustworthy, barrel scraping garbage.
"Ads inform you about products" in the same way slime mould informs you that your house is too damp. The best individual course of action is not to buy what the mould is selling.
The spam filter is [assumed to be] transient/generalized. While a user may set special tuning parameters to classify what they consider "junk", this probably reveals more about the inadequacy of the spam filter than it does about the user.
On the other hand, a program which analyzes mail to ascertain the tastes, interests, and personal plans of the participants is mining much more sensitive data, and it's compiling/storing it off-site long-term, and it's very specific to the individuals involved.
All of us who've used Gmail know how creepy it can get. Send a couple of mails about marriage and suddenly you start seeing targeted ads about engagement rings or other marriage-related things. Google stores this forever and they'll say "Ah, we know this guy was talking about marriage 10 years ago; traditionally, marriages fail after 5 years, we've detected a tense tone in his mails to his wife, BEEP BOP BOOP, DIVORCE LAWYER AD IS RELEVANT".
This inference is not only dubious (ethically and technically), but anyone observing your browsing while you're logged in will see these ads and may assume that you're seeing those ads because you've been searching for information on divorce, not because Google's inference is overzealous, although it may very well be. Search and replace with anything else: new credit cards/bankruptcy lawyers, research on a medical condition/ads for related medicines, etc.; the potential for creepy inference is endless, not to mention the concrete surveillance value provided to literal spies (via PRISM), nor the risk of compromise/abuse outside of the ad space. They don't have to get and process your entire mail archive; they just have to draw their inferences from Google's own inferences in your compiled taste/interest profile.
That's much more serious than a throwaway analysis of whether a mail contains spammy properties or not.
> Google stores this forever and they'll say "Ah, we know this guy was talking about marriage 10 years ago; traditionally, marriages fail after 5 years, we've detected a tense tone in his mails to his wife, BEEP BOP BOOP, DIVORCE LAWYER AD IS RELEVANT".
Have you actually seen anything like this? In my experience the ad targeting seems like extremely shallow keyword analysis.
This gets to the heart of how divisions inside a company justify their budget and where human self-preservation kicks in. For e.g. A lawyer inside the company HAS to be on the lookout for supposed infringements of IP or situations where their "expertise" is required.
The idea is that once you have any apparatus in place, and funds allocated to the maintenance/operation there of, you will find that people come up with creative ways to use that apparatus to either cement their position in the company or to improve career prospects. This applies to lots of domains, the obvious one being the government. Once you have a drone program, you'll find that someone somewhere WILL find a way to justify its usefulness.
My main problem with data collection is the permanent nature of it, where someone somewhere at some point in time, possibly when the computational costs become feasible, will come up with a seemingly innocuous use of the data that will spiral out of control. Also, is Google hack-proof? Judging by the lawsuits around the self-driving division, apparently its trivial to steal data if you're on the inside.
Of course its trivial to steal data if you're on the inside. Snowden could copy classified docs onto a USB stick and smuggle them out of a fucking NSA office. If I were to plug in a USB drive at work, no one would bat an eye. They'd probably think it's for Time Machine.
It really depends on where you work. I know of a little company in the Cupertino area where such data theft would be nearly impossible and yet other companies, engineers have full access to production databases.
That's a hypothetical example, and it would of course be impossible to know what specific piece of data led Google to present a specific ad, and whether they're involving an analysis of how historical interests relate to current interests. Whether Google actively engages in such analysis now or not, they easily could.
I personally use AdBlock so I don't see Google ads very often, but I have been creeped out by ads in the past, and I have had Google infer interests in changes to relationship status based on mail content (e.g., offering engagement rings).
I believe they have manual filters to try to stop inferences that are too offensive from being made (e.g. suggesting a divorce), but those, of course, can never be perfect, and it doesn't mean they aren't making the inference or maintaining the data necessary to do so; it just means that they are blocking it from showing up.
I'm not really saying this is either good or bad. The question was why people care less about reading emails to filter for spam than they care about people reading emails to develop a consumer's ad profile. These are some reasons why.
I cannot recall where, but I remember reading about this. Based on associated products women buy occasionally they will sometimes get coupons for things like diapers and baby formula while they are pregnant before they know. My guess is that anytime a woman changes her shopping habits the marketers send some stuff her way because even a miss ratio of 90% could still be profitable.
It isn't always accurate, I know a girl that is very not pregnant but gets these things anyway. She babysits occasionally and I suspect that combined with her Baker's card and Walgreen's card give the mass marketing gurus all the information they need to know that she sometimes cares for kids.
One requires google to build a profile and have the knowledge in order to serve you their advertisements and the other can be done almost entirely client side. The spam filter doesn't need to phone home for anything other than updating the list.
In the US a service provider is allowed to violate all manners of privacy for the express limitation of ensuring maintenance and system health. Spam blocking would qualify as maintenance, but advertising would not. I suspect Google violates all manners of privacy in an automated way for all manners of reasons and qualifies such in their terms and conditions.
Does the automated nature of the permanent data collection change anything? How about an automated drone with a camera mounted on it that follows you everywhere and records every action, indefinitely, purely automated ofcource, so that an advertising company can helpfully remind you about the awesome great $6 lunch menu when you walk past McBurger at lunchtime, or about picking up some hemorrhoids cream from MediCo because a machine learning algorithm saw you scratch your butt and deduced something.
Depends. Is that drone providing me with some other useful service, or is it following me around entirely without my knowledge or consent?
Gmail provides me with a free email service. They already have the full text of all my emails. If they want to use that data to help decide what ads to serve me, I have no problem with that so long as that data isn't shared with anyone else without my consent.
> data isn't shared with anyone else without my consent
Do you have any way of verifying this? I am not accusing google of anything, I just find this to be an interesting level of trust to have with a free online service.
Google is a large, generally reputable company which has very little to gain and everything to lose by sharing my personal information with others in violation of their own privacy policy.
In the absence of any evidence that they _are_ sharing my private information with others, I see no reason not to trust them in this regard.
Really? Good luck suing them if they decide to sell your data. They certainly won't lose much revenue from fleeing customers if they think up a creative new way to monetize your data with "select business partners"; Google (and Facebook et al) spent the last decade entrenching themselves infrastructure for far too many people. They have far too much power and inertia to lose much in the short or medium term.
> trust them
Privacy policies change. Even if Google has good intentions about protecting your data today, you're gambling that those intentions will not change in the future. You don't know who will be hired/fired at Google in the future, nor do you know how the current (or any) management will react should the company have a particularly unfortunate run of bad finances or other troubles. Never-mind that humans often act irrationally for stupid reasons so any prediction about future behavior has to have a huge error bar.
However, that isn't the big problem with trusting Google to not share your pattern-of-life[1] with a 3rd party: you're assuming it will be Google's choice, or that they will even have any de facto influence over the long-term fate of your personal information. Your trust doesn't make Google infallible; the best security teams can only make hacks less likely. Warrants, legislation, and quasi-legal-but-hard-to-ignore orders from governments happen. Prism (and other mass surveillance programs) still exist. Concentrating valuable data at one location makes it more valuable, so the scope of potential threats to your data increases as more data is collected.
The world is not as just[2]. Trusting that your data will magically stay safe at Google forever - or even just the near future - is only possible if you first pretend that Googles security is and always will be perfect, that the programs Snowden/Drake/Binney/etc warned us about never existed, that no current or future Google employee will ever become disgruntled (or crazy), and probably many more potential threats that haven't been invented yet.
> They certainly won't lose much revenue from fleeing customers
I don't think that's true. Sure, they wouldn't be out of business overnight, but depending on how serious this hypothetical breach of trust is, it'd certainly hurt them a lot.
> Warrants, legislation, and quasi-legal-but-hard-to-ignore orders from governments happen
My threat model does not currently include the NSA or the US government. I don't anticipate that changing in the near future, but if it does then you're right; I'll certainly need to stop using Google services. (And probably all cloud services in general.) Or at least "air gap" them from the portions of data I want to keep secret.
> pretend that Googles security is and always will be perfect [...] that no current or future Google employee will ever become disgruntled
While I consider myself to be more security conscious than the average citizen, I _still_ trust Google's security practices (against both internal and external threats) far more than I trust my own. If my data on Google's services gets compromised, I think it's far more likely that it'll be because someone stole my password and 2FA tokens than because somebody hacked Google.
As with anything, I realize there's certainly a security/usability tradeoff to be made. For the moment though I'm quite confident that the extra utility Google provides is worth the risk, at least for my purposes.
But your profile is not just linked with Gmail. Its across Google, including any future products. Its a kind of cross-product tying using customer data (which gives them an easy leg-up on new ad-subsidized products) that I would assume attracts anti-trust scrutiny.
I think its fair for you to accept the terms, if you know what you're getting in return. The problem here is that you will never know exactly what information is stored about you, and how personal it is, and you have zero control over it. Also simply by sending YOU an email, I'm also entangled in the data collection scheme.
> The problem here is that you will never know exactly what information is stored about you, and how personal it is, and you have zero control over it.
On the contrary. I know what emails are stored in my inbox just as well as Google does. I can also search through that information and delete it if I so choose, so I do have control over it.
NSA doing it is a lot worse. There is no transparency on what they do. I get no benefits in return for sharing my data. They have license to do all kinds of nasty things to me, that Google would have to go through a court for. From blocking my flights to making me disappear at night.
No benefits? That’s bit like saying that security screenings at airports offer no benefit to anyone. While security screenings are inefficient and could be improved, that doesn’t mean they offer zero benefit.
Also what’s the likelihood of the NSA blocking your flight or making you disappear in the night? You probably should fear crossing the street more in terms of statistical likelihood of harm.
I get the privacy/freedom arguments however the hyperbole around this stuff is getting ridiculous as the fears are badly supported by actual data and statistical significance.
More people drowned in swimming pools last year than were “disappeared” by the NSA but there seems little hysteria around swimming pools. I pretty sure most of us don’t know a single person on a no-fly list.
Some high levels of paranoia around here it seems.
Corporations didn't murder a hundred million of their own customers in the last century alone. It takes a government to do that. Consequently, governments have to be held to higher standards, not lower ones.
Yes, they did. Probably just tobacco companies alone.
A response as silly as it was predictable. Show me a Gulag Archipelago written about the tobacco industry and we'll have some grounds for further discussion.
Since corporations are creatures of government, that's true by definition of everything corporations do.
At some point, you'll come to understand that not every debate can be reduced to an exercise in moral relativism and dismissed with a flourish of false equivalence.
That works well enough on HN, as seen in the moderation in this thread, but not in real life.
The distinction to me is: Are they building and saving some data structure that they've created based on my emails which is designed to target ads towards me, but could be used by some nefarious actor to learn a lot about my life?
The spam filter (hopefully) probably doesn't store that much about me, but an ad targeting bot could be a lot more problematic.
The problem is that it's not just your email. If you send an email to a Gmail user, Google is now building a profile on you (or was until this move) as well as your recipient. Did you give explicit consent to Google? Did you sign a EULA or SLA with them allowing this? No, they just did it anyway. Even someone who makes a point to keep themselves off of Google's radar will end up indexed and sold to the highest bidder if they send even one innocent email to a Gmail user.
Building profiles of senders can be necessary, e.g., for detecting spammer accounts.
Also, email is transmitted in plain text. Sending an email is more like shouting to your friends in the street, rather than putting a letter into an envelope mailed to the recipient. Thus, I don't think an explicit consent is needed.
That said, I understand that fair use of such information is a concern.
> Also, email is transmitted in plain text. Sending an email is more like shouting to your friends in the street, rather than putting a letter into an envelope mailed to the recipient. Thus, I don't think an explicit consent is needed.
These days Gmail will transfer your email protected by TLS if possible. Not shouting at all.
Exactly. Google seems to be of two minds about privacy. They want to show that they protect your information from the rest of the world, but they expect 100% knowledge of your information in return, so they can sell it to their advertisers. I get that that's their business model, which is why I dropped them completely in favor of paid services that don't sell my information.
A frightening theory: it doesn't need to read your email anymore. It has read 10 years worth of your mail, and trained such an accurate model, that any more training data don't make much of a difference.
But will they stop using Hangouts IM content for customer segmentation? I probably say much more relevant things in Hangouts (from a marketing perspective) than in email.
I think I've become jaded because I just don't believe it. It's like Google Home. A wonderful device but when I heard it may start listening to everything I say... I just figured yeah, that should be expected. So now I just expect Google to read, listen, and analyze everything I do with their products.
Maybe I don't understand google home because I don't have one, but to be able to detect whatever keywords cause it to listen to you doesn't it have to listen to everything you say?
I feel like any device that has a microphone is suspect if you want total privacy, but listening to what you say seems like an integral part of the device. You can only hope (and independently verify) that they don't store everything you say.
It's my understanding that there's a low power, always-on service listening for stuff like "Alexa"/"OK Google", and only when it hears a keyword does it start "listening" and sending data back for parsing/processing.
I could be wrong and/or they could be lying about how the product really works. Could probably monitor your network traffic if you really wanted to find out.
They use basic detection to listen for keywords locally, and only if they keyword is triggered will they start sending data to their servers (which has significantly more powerful language parsing logic).
In addition, I suspect, given that every time you walk into a Starbucks your phone is probably connecting to the network "Google Starbucks", that they probably know how you feel about coffee.
It says it's exempt from ads in this specific context, but is it actually free of their data mining? If they still use the data to track and push whatever they're selling you in other contexts, the presence of the ads themselves is an ancillary concern.
Right, I read it. But it's still not actually clear to me whether they are ceasing ALL mining of email data for business accounts, or are just not funneling it to a specific set of ad programs. To me, at least, that seems an important point of clarification.
They're not ceasing it for business accounts, they've never done it for business accounts. The article is about free Gmail accounts.
If you look at the terms for G Suite (the paid business product), that is a top selling point. Businesses who pay for G Suite don't want Google using their data for anything, and Google complies.
Edit: in response to comment below, here are the main docs describing, including the Data Processing Amendment:
I'm really not trying to be pedantic, but that's not what the article says. It says that Google never data-mined business accounts to serve ads, not that they never data-mine business accounts under any circumstances. If that's true, and you can point to marketing or a service agreement that outlines these terms, I'd be happy to know and will gladly buy a paid account.
EDIT:
I think these are the terms and I don't seem to see this guarantee, but IANAL
Essentially, scanning the data for anything unrelated to providing the service itself. I know this is a little murky with their suite, but if the data is being used in a way elsewhere (e.g. to train models for other services or collecting data in expectation that it could be useful to a Google app I haven't signed on with), that should be made explicit
> Google Cloud does not scan your data or email in G Suite Services for advertising purposes. Our automated systems scan and index your data to provide you with your services and to protect your data, such as to perform spam and malware detection, to sort email for features like Priority Inbox and to return fast, powerful search results when users search for information in their accounts. The situation is different for our free offerings and the consumer space.
I have one for myself, and one for my wife, and find the $120/year a hefty price to pay for...email. It doesn't even include the registration of my personal domain, and it doesn't include web hosting. Google Apps is pretty nice, and it feels good to be paying for the product instead of being the product - though I am skeptical that my $10/month would let me talk to a human if something went wrong.
I'm considering moving; Rackspace has pretty good hosted email for $2/user/month. We use it at work - webmail is acceptable though nothing to write home about, and their IMAP implementation is solid so you can just use a client.
But you pay $480/year for 8 email addresses? Ouch.
> I am skeptical that my $10/month would let me talk to a human if something went wrong.
I have received exceptional support over the years, including them calling me twice when I reported an issue. My account is worth $5/month and I live in Fiji.
This hardly frees you from Google's data gathering. They will have records of your IP address used to collect the emails and your access history, so they know (roughly) where you live, what times of day you are active, and can probably infer stuff like when you are on holiday. If you are in the same house as someone else, they probably use Google too and the shared IP address lets Google tie the two identities together. So they get to discover your relationships too.
So will any host. When you are paying for it though, the terms of service clearly define what is collected and what it's used for, and you can choose to enable or disable that type of data matching
I think there is some interesting middle ground where you could use machine learning to go from 'show only relevant ads' to 'show only ads you might actually click on with greater than .001 probability'. I guess this is like 'extreme' outlier detection but it'd be interesting to see what revenue the ads at the 'long tail' of likelihood generate anyway. My guess the bulk of it is from the standard high CPC stuff like Mortages and Insurance. Google says it does this but i'm not too sure - I've never intentionally clicked an adword and yet they're still shown to me.
Anyway this may solve the tragedy of the commons situation we're in now and allow us to move away from the technology war of ad blockers, ad blocker blockers, ad blocker blocker blockers, etc.
edit: removed comment on clarity of Gsuite vs Free due to downvote brigade.
Seems pretty clear to me. GSuite never had email scanning.
>Alphabet Inc.’s Google Cloud sells a package of office software, called G Suite, that competes with market leader Microsoft Corp. Paying Gmail users never received the email-scanning ads like the free version of the program, but some business customers were confused by the distinction and its privacy implications, said Diane Greene, Google’s senior vice president of cloud. “What we’re going to do is make it unambiguous,” she said.
> Paying Gmail users never received the email-scanning ads like the free version of the program, but some business customers were confused by the distinction and its privacy implications, said Diane Greene, Google’s senior vice president of cloud.
Google doesn't read e-mails from GSuite. So the change is to stop reading from Gmail's free accounts.
459 comments
[ 42.4 ms ] story [ 8083 ms ] threadIf you're thinking "Why not just build a faraday cage?" then you're thinking the right thing.
Then my very next thought is, "Who is going to notice my house-sized faraday cage, who are they going to tell, and what are those people going to do in turn?"
RF dead chambers are bloody expensive for a reason: you can't emulate them by pasting some paint on a wall.
Couldn't you just stick yourself in a metal box (with a metal door that is careful to get a good seal)?
If you need continuous use, two rooms. One that acts as an "airlock" with an outer door that is open only when the door to the other room is closed. Battery operated fans and lights used as necessary.
Note that the "inner room" might be as small as a ammo crate depending on your use case.
[0] http://www.thecrimson.com/article/2016/3/23/alumni-lawsuit-a...
Note that this is not what the article says. It says that they stopped scanning Gmail for ads, but does not say they stopped scanning email for non-ad purposes.
I can't find a citation, but I'm fairly confident that that's never been the case. Ad targeting from emails has always been siloed to within gmail. To quote the post:
>Consumer Gmail content will not be used or scanned for any ads personalization after this change.
That's pretty unequivocal.
Google's new problem is "How do we get access to the contents of these new communication channels so we can continue to read peoples' conversations?". Those new channels are walled gardens and you can't just create a new email client and say "Switch to GInsta for your Instagrams! We give you 2GB of storage!" Unlike the switch to Gmail, the switch to GInsta would represent a hard barrier to the "true" Instagram network.
Google is becoming the new MS; losing relevance with the younger crowd who are all about "social" platforms, and becoming more and more an enterprise sales model. What happens when Facebook goes after web search?
Basically, they have your browser history, and can tie that to your real world ID.
Your email is pretty trivial compared to your browser history.
" But instead of scanning a user’s email, the ads will now be targeted with other personal information Google already pulls from sources such as search and YouTube. "
When you read an email, your intent is either to understand what the sender is asking you (new email), or get the info you asked for (response to your email).
In the majority of cases a contextual ad is 1. pretty weird, 2. pretty against your primary intent.
Might as well showing you ads related to your recent browsing history, imo.
Does the actual OS track you or is it individual apps?
> Google can save information like:
> - Websites and apps you use
> - Your activity on websites and in apps that use Google services
"They have such a strong baseline of the predilections of their users, and by association with those they regularly communicate - by their overlapping interests and behaviors, googles ad dossier on any given user is complete enough to no longer read the drivel one sends to another to predict your future choices.
We must keep an open eye though for the moment when she gets fired and replaced by a shark, like when she got fired from VMWare.
1. http://www.mcclatchydc.com/news/politics-government/congress...
The Chinese government can just ask QQ and 163 for your email such that they don't need to see it in transit. Less work, too.
I mean if I write a Nigerian prince email and send it to my mum, it should reach her no matter what the text says, right?
I mean if I write a Nigerian prince email and send it to my mum, it should reach her no matter what the text says, right?
Personally, I'd like to have the option, but as I don't, I don't use gmail.
(Right?)
I remember there was a recent paper that dealt with this, too, but I can't find it right now. But it basically demolished this argument that it's impossible to stop spam if the email is encrypted.
They do say "In future blog posts, we will cover the challenges of preventing ProtonMail from being used by spammers and the challenges of doing spam filtering with end-to-end encrypted emails which we cannot read", but I can't find any such blog posts.
https://developers.facebook.com/videos/f8-2017/how-whatsapp-...
Sending emails to new/random contacts shouldn't be that easy anyway.
[1] https://bitmessage.org/bitmessage.pdf
There's a big difference between sending 10k copies of a plaintext email, and retrieving a public key and encrypting to 10k recipients - not to mention that filtering out all non signed/not-signed-by-trusted-key should be a decent start for a whitelist/greylist.
I'd be curious if anyone ever got gpg-encrypted spam?
Companies can make money without tracking you 24/7 and reading all of your private content. They just choose not to, because it's easier, and then spread the propaganda that those things are "needed" to stay in business.
Edit: removed "rights"
You're confusing a want with a right.
You have no idea how wrong you are.
Of course it is not. We're ruled by advertisers.
The late 1970's was probably the last time anybody truly understood 100% of what was going on in any system.
The bottom line is that you have to trust some people. I totally understand those that don't trust Google. I happen to trust them today.
In this case it is google's code running on google's computers.
Which is mostly based on Free Software, starting with GNU/Linux. The Affero General Public License is intended to disallow this loophole of "it is only running on our servers, hence we are technically not distributing it, so we do not have to release the code": https://www.gnu.org/licenses/agpl-3.0.html
- no scanning emails
Are different things
A few weeks ago a friend and I were talking exclusively through WhatsApp about a trip to London(in Portuguese with our very unusual jargon), I didn't do any search for anything related it was all within our conversation, a couple days later Facebook had a post on my timeline saying: "heading to London? Check what your friends did there".
I don't remember reading anywhere that WhatsApp reads your conversations for ads, but it was clear to me that's where they got the information, it was spooky at first.
https://en.wikipedia.org/wiki/Behavioral_retargeting
Speaking of which, I had a similarly creepy moment just yesterday. I was watching an episode of the Simpsons, and wanted to Google the Bart blackboard gag in the intro because I didn't get it. Just I type the first word and it immediately suggested the rest. Very creepy because I wasn't watching through any Google service (on an Android phone though).
That would certainly cause an enormous loss of goodwill, but.... imagine this scenario:
Google has some slow growth quarters, they need to keep the numbers up for shareholders. They start to examine what they can squeeze. Gmail costs them X (hundreds?) millions per year, but doesn't gain much from it...
Certainly its unlikely, as it is also a SSO tool, etc. Still....
They may get rid of one of their applications (gmail OR inbox), but I doubt they'd get rid of the entire platform. They'd lose more revenue than they'd recover.
Sounds like a sleazy salesman to me.
It's likely the value Google got out of scanning your email wasn't worth that much in terms of modelling profiles for ads.
Probably because having both your search history and "anonymized" Google analytics, plus the sea of data that comes from owning Android is more than enough data that Google/Doubleclick needs.
From a purely capitalist perspective I'd bet the utility of them scraping this data no longer outweighs the privacy costs.
But at the same time Google is still scanning attachments for child porn and likely other data out of national security interests. And they still can access your data on a case-by-case basis which from a FISA perspective is a rubber-stamp away from accessing your data from 2 hops away from someone who may or may not have done something bad.
I personally will not weigh using Google vs any other email service in terms of privacy any different after this measure. But I still appreciate their efforts to reduce the "standard pratice" nature of scanning private email. If I do use anything Google-related I will not associate my personal identity in any way with the service, which is still requirement for Google play.
You can still use a fake gmail account and prepaid Google gift cards bought with cash to disassociate your identity from using the service. Although that's still well beyond the investment the majority of people are willing to make.
Regardless privacy comes at a cost these days. Good OPSEC > trusting cloud services privacy policy. You can either not use the services or invest in protecting your data when using them.
I will still cheer on Google's efforts to make those of us who care about privacy live's easier. I'm not naive enough to ignore how their business model works but that doesn't mean they always have to take the easy route and hand everything over without considering the costs - as many ISP/Telecom companies seem to do.
Consumer preferences change over time, so google is far more interested in the thing I bought yesterday than the thing I bought 4 months ago, so being able to read my emails is still a current interest of theirs.
I'm hardly new to his stuff and to say it's trivial is nonsense. Most people make it trivial but it's not trivial to associate identities of people who put basic effort into obscuring them.
Merely disconnecting your primary profiles from your online activity is enough to throw most mass-surveillance/drag-net stuff off, aka 99.9% of advertising firms and most government programs.
If you're an activist or someone interested in keeping your internet activity private then the bar is far higher (and the targets of which are ever expanding as governments and private organizations get better at this stuff). FBI agents, or likewise in your country of residence, have plenty of forensic tools at their disposal to connect disparate identities. It takes some real time investment and requires being super careful to evade these measures. But I'm not talking about that here. I mean the average person in 2017.
I've personally done the total anonymity stuff as an experiment so I know what that takes.
Having studied many documents from the various global national security organizations and being fortunate to have dated a defense attorney in the past who engaged with police surveillance reports on a daily basis for their work I'm convinced that even basic privacy measures such as never using your real identity when using internet services, creating full legitimate sounding backstories (and subsequent online profiles) for your fake identity, and changing the ID you use often enough will throw off most basic surveillance measures.
I'm not doing anything to get people really invested in uncovering my online identities, as most people aren't, which is what I'm talking about.
The simple fact is the vast, vast majority of people reuse the same username (and passwords) across the internet and use their real name and emails everywhere. So it's really not hard to track people online from an LEO or 4chan doxxing perspective.
But I'm not convinced you have to be isolated from the utility of most online (cloud) services. You just have to invest in using them intelligently to not associate your actual identity with the services.
Ad companies aren't interested in deanonymizing people anyway. They are looking for low hanging fruit and there are more than enough people to fill databases who fit this profile. So I'm not that concerned about those who don't.
Seems to me that there is a huge monetary aspect to matching online activity with real identity.
"deanonymizing" is trivial but ad tech is poison to any level of "privacy", filter bubbles and fake news propagation.
With the sites Google runs plus running their own JavaScript on a sizable fraction of other people's web pages, they can pick up a lot of patterns, many of which would be inaccessible to police and intelligence surveillance.
Some people have nervous habits like moving the mouse around, clicking/tapping on whitespace, scrolling up and down, etc. Some always/never use the scrollbar. Some always/never open links in new tabs. Some tend to put the adjective before/after the noun in their searches. Some will rapidly open up the first 5 search results in new tabs. Some always disable instant search, and some of those change their settings to 20 or 50 or 100 results. Some use search features like the calculator, searching for "weather", stock symbols, etc, and others never do.
Economies of scale; the market for that data would not exist if individuals collected it themselves to sell. Hence would break down.
Phrased another way; this data about 1 person is relatively valueless.
(I like the rest of your example BTW; just disagree with your conclusion)
https://www.creditkarma.com/tax
Hmm. Could you sell it on the open market? If so--if the margins for the ad-supported model like Google's are in fact as big as they appear--why isn't there a Google competitor who provides exactly the service you describe: some kind of opt-in system where they collect data (via, say, a browser extension), sell it to advertisers, and pay you a cut?
One generic answer to "why does the market not offer [some seemingly reasonable thing]" is inefficiency: maybe there's some cartel system at work where all major advertisers are hoarding the revenue for themselves. But I find that pretty unconvincing, since the whole market _seems_ to be otherwise quite competitive, and with low barriers to entry.
Perhaps a more likely theory is that if you were to offer a "we pay you for personal data" competitor, you'd face massive fraud--a la click fraud--in which attackers would pretend to be real users in order to get paid for searching (or whatever), and that the subsequent need for identity verification would become so burdensome as to eat away any profits.
Anyway, an interesting thought exercise, but I think one can broadly conclude that either:
1. There are real obstacles to paying people the "fair" price for their data, such that the current system is in fact fairer than it appears. 2. The entire market is unfair due to a cartel or similar (though like I said, I find this fairly unconvincing). 3. This is a great idea and you're the first to have it, so you should start a company that does exactly this. ;)
No?
One of the obvious advantages of the Gmail model seems to me to be that free email is less fungible than cash, though of course abusers resort to spamming and other practices to monetize the resource.
surely the profit would be too small to fool anyone
my accountant preparing my tax return for free in exchange for... inviting ...a sleazy salesman [to] sneak a peek at them and find new ways to sell me stuff.
Your accountant prepares your tax return for free. They also have a lot of boxes of flyers provided to them by people who want to sell things. After preparing your tax return, they use their knowledge of your return to choose which flyer to put into the envelope. They then send that envelope back to you, and when you open it to read your tax return, there's a flyer for something else paperclipped to the front with a note saying "Thought you might find this interesting."
(In particular, the accountant is only one who sees the information in your tax return.)
The thing is: never, not even once, has Google offered me an ad with goods and services I was interested in.
- If I'm searching for technical documentation, I couldn't care less about all the random consultancies or shitty-SaaS-of-the-day trash that populate the ad slot(s).
- If I'm looking for technical details on a piece of malware or vulnerability research, the last thing I want to see on the page is a goddamn AV junkware full-frontal.
- If I'm searching for details on some car models ... why the fk is google shoving insurance ads on my screen real estate?
And so on. As far as I'm concerned, online advertising is a stripmined toxic dump. Only the shittiest swindlers and shadiest extortion artists remain.
Brand marketing. It may not work on you, but it works in general.
Personally I consider myself pretty imune to marketing but when you think "who else should I check to switch my car insurance to" then that brand is going to pop up if it's been fed to your brain enough. Indeed when you're looking at a list of similar offers the one that's associated with a name you already know will seem somehow more trustsworthy, it's an insidious finagling of a brand in to your brain drip by drip. Why do they do it? It works.
1. the site was actually what I typed in the address but forgot to add .com etc
2. by accident
[this is exactly happening]
Hmm. I could actually see that working, as a spinoff of concierge services offered by companies like American Express.
On the other hand, if its about offering me good and services which other companies want me to become interested in, then we have a different deal going on.
Corollary: if you can't show a relevant ad, HOW ABOUT NOT SHOWING AN IRRELEVANT AT ALL?
Practically, once add service knows I am women, it insist on showing me ads for menstruation cups everywhere I browse. I also find juxtaposition of baby accessories and relaxation bullshit on metal, programming or games site mood killing. When they know less about me, I actually get less weird more neutral less crappy ads.
Umm - you should avoid getting information because it might influence you to buy things ? There's nothing wrong with what you said, in an ideal world ads would be just that - informing the customer about your product - and influencing their decisions with information. The psychological marketing tricks to make a thing more attractive is also a value add.
Problem is it's easy to be misleading, create disinformation and it can be very profitable - that's what leads to shitty borderline fraudulent ads we have.
Being manipulated can also add measurable value to you. For example if a doctor gave you a sugar pill for some condition and the placebo effect helped you get better - would you say that it added no value just because the sugar pill physically did nothing ?
UMMMMMMmmmmm - yes?
Obviously?
If you wouldn't let a salesperson barge into your house, interrupt your reading to try and convince you to get discount eye surgery, why would you let that happen in visual form?
in an ideal world ads would be just that - informing the customer about your product
This is not anything like an 'ideal' world. One human has such limited attention, that you could spend every second of your lifetime attending to a different product and do nothing else, and you still wouldn't cover them all. And companies still wouldn't be happy with this ridiculous limit case, they'd still want a greater share of your attention and wallet. You, us, individually, mean nothing except a source of coins.
If we want to mean anything to ourselves, defence against the dark arts is necessary.
The psychological marketing tricks to make a thing more attractive is also a value add.
The psychological marketing tricks to make a thing more attractive is abusive and parasitic. Ideal brains would search for what they need, and buy the most fitting thing. Human brains which can be manipulated are a weakness we all share - and we should all be kind enough not to abuse this fact of each other any more than we have to.
That's not really how things work - there are certain things you need to accomplish other things where your reasoning partially applies but even then it's debatable. But then there are things you do for pleasure - and how you value those things can be completely separate from their physical properties.
For example there was a study[1] where they gave people 5 vine samples, a cheap wine with 5$ price tag, same wine with a 45$ price tag, 90$ vine and the same 90$ vine with a 10$ label, and a correctly labeled 35$ vine. They found that reported enjoyment and measured fMRI activity went up with price even for same vine. Plenty of similar studies that show similar effects for branding, etc. So these things actually create value even if they don't physically change the product - you end up enjoying it more and it's purpose is your enjoyment.
I mean most of the high end stuff ends up being blowing smoke up your ass to make you feel good about paying 2-10x markup, even when the quality is superior they bundle the bullshit and inflate the price extra because they know you'll pay.
[1] http://news.stanford.edu/pr/2008/pr-wine-011608.html
1. Targeted ads catch my attention better. Frequently I don't even notice or remember irrelevant adds.
2. Targeted ads are almost always, SEOed (if you will) to me; that is, they seem relevant, they offer the solution needed to fix the precise problem I'm discussing in the email chain, I click, I read, I would buy, but I realize that the product offered is nothing like what I've been reading about on the landing page.
3. Targeted adds are much more effective at convincing me to spend money on stuff or services that I could have lived without.
Sure, I should toughen up mentally against ads, but until I do, I protect myself from ads that will manipulate me and one way to do that is to prefer irrelevant ads when I need to see them.
Ads are an insidious and highly effective form of psychological warfare. They play on human fears, insecurities, neuroses and instinctual weaknesses in order to part people from their hard-earned time and resources.
You might say the ads just bring their attention to needs they didn't know they had. I would say the opposite, that they create needs where there none existed to begin with.
We have to stop this madness of thinking that "John READS my diary" means the same thing as "The function fread() READS nitems objects". Those don't mean the same thing except in a metaphorical sense. It's insane.
You do have protections against someone reading your email at Google. Both from a expectation of privacy, but also from a company perspective. You also do have some non-expectation of privacy (if, for example, the US government wants to read your google email, they can ask for it and they eventually will).
The day someone with a brain and an opinion on Kim Kardashian at Google reads your email, there is a HUGE difference from when Google is "reading" your email for ads/spam/spelling/whatever.
You don't want to blur that line being wishywashy with language. You want to know that difference. The fact that it could happen is why you need that clear separation between "machine reading" and "a person reading".
And those protections are bullshit.
I have no guarantee that they are not reading my email. If a bot has access, a person has access, and people abuse their access all the time.
In fact, there have been cases of googlers reading peoples email. And I'm not blurring any line, I'm stating: Gmail can, has been, and will be abused. To pretend that is not the case is, frankly, naive.
You're correct that the possibility exists, but any Googler inhales heavily and makes sure their paperwork is in order before accessing prod. The warnings that are displayed are not unlike those when you're removing a nuclear core on a starship. It's scary. They want it that way. You need a damned good reason to even look at subject lines in the inbox (like fixing a bug involving subject line rendering that only appears with a user's specific subject line, for instance), and clicking a message is almost certainly a walk. Like, within the day.
They do take this seriously. I wouldn't call it bullshit. The protections I observed were in place before Snowden, so I imagine it's even more rigorous now.
A) they can be bypassed, as they have been in the past
B) they can be compelled to hand that data elsewhere
So I'm calling bullshit. Until it's impossible for them to look at my data, then they aren't taking it seriously.
What is your technical solution for operating Gmail without any Googler having the ability to access some aspect of your data? It's email on the Web. Handling that e2e is pretty much intractable, and cleartext or nearly-cleartext with online keys has to exist somewhere even without the Googley things they do to data. I might posit that building a functional service with that requirement would be impossible for the Gmail case and many others (but I'm ready to be proven wrong).
really? your firsthand experience is nice, but your ignoring that those methods don't work.
> What is your technical solution for operating Gmail without any Googler having the ability to access some aspect of your data?
They can use any of the current zero-knowledge encryption methods. This isn't anything new and has been around for a long time. There's no need for Google to have those keys.
Encryption isn't a new problem for email, it's already a thing.
Yes, Google does not offer you protection against the Government. That is a true statement. But that doesn't mean that it's all or none. There are so many privacy rights before "a warrant request". And news flash, unless you are extremely good at securing your own mail server, even then you are not protected against a warrant.
Those checks are not bullshit. Every single security system "can be bypassed".
I never said that Google just sends everything over to them, but they can come and access my data without me ever knowing, and that's a problem. Just because there are (imo broken) checks in place does nothing to negate that fact.
Those checks are provably bullshit by the previous breaches. If they weren't bullshit, there would never have been breaches.
"invasions of privacy" is not a use case. Give me details. By whom? Your partner? Your coworker? 4chan? Your mayor? Russia? What information are they getting from you? Why? It's very likely that whatever use case you come up with, you are better defended with 2auth gmail than with whatever other solution.
That's a problem with the web. In 15 years, and not counting legal government requests, there were what? 3 cases of email data breaches that were caught? 5? That's your "provably bullshit"? What do you use on your life that has a lower failure rate than this?
yes it can. zero-knowledge encryption is already a thing.
> Name one web technology that is government intrusion proof.
Apparently the iPhone is. pgp encryption is another one. I'd suggest brushing up on basic security before saying things like that.
> "invasions of privacy" is not a use case.
Why not?
> By whom?
By anyone that I don't authorize. Sure, that could be my partner, coworker, any government authority, etc.
> What information are they getting from you?
Are you serious? If you don't even understand that threat model, then again, I'd suggest looking in basic security models.
> you are better defended with 2auth gmail
2auth gmail is orthogonal to the issue. That's an security method. Currently Google does that but still can grant access to anyone they want. That's a problem that 2auth doesn't address.
> not counting legal government requests
Why not? Why remove a legitimate security issue from the discussion?
> 3 cases of email data breaches that were caught
I have no idea how many have been caught, once again, that's orthogonal to the issue. How many examples doesn't matter. It's that they do have access and can do it whenever they want.
> What do you use on your life that has a lower failure rate than this?
That's a completely illogical argument. "We shouldn't ensure privacy/security because other things in life fail more often" makes no sense.
If you are referring to the San Bernardino phone thingy, the FBI withdrew the request exactly because they did access the phone by themselves. It just cost more money.
> pgp encryption is another one
lol. Isn't there tons of reports claiming that PGP leaks too much metadata? And that the NSA is collecting those? And that there's no reasonable way to use PGP without leaking those (like hidden-sender whatever).
> > "invasions of privacy" is not a use case. > Why not?
Because I want specifics. Just saying someone "invaded your privacy" doesn't tell me anything. Tell me a full story: entity X did Y to know Z from W. And show me how using gmail made W more unsafe on that case. And what I'm trying to tell you, is that there are two cases:
- legal government related. In which case Google can't (and won't) protect you. It's a fair claim. If you are doing something that the US government wants to know about, don't use gmail. But most things won't protect you from that anyway. Ask Dread Pirate Roberts about it. :)
- non-government related. In which case you are better protected with gmail than most things you can reasonably do. Ask Hillary Clinton. :)
> That's a completely illogical argument. "We shouldn't ensure privacy/security because other things in life fail more often" makes no sense.
Where did I say we shouldn't ensure privacy/security? What I'm refuting is your claim that "it's bullshit because it failed once". Gmail does a better job than most other things. Most things in your life fail more often than that. And most things don't evolve security/privacy wise as well as gmail does.
As far as I saw, that was just speculation. Any source on that? I'm inclined to believe it, but if true: why do they want the encryption removed rather than just snooping that data on the sly? It's better if your victims think they are secure.
> lol. Isn't there tons of reports claiming that PGP leaks too much metadata? And that the NSA is collecting those? And that there's no reasonable way to use PGP without leaking those (like hidden-sender whatever).
Possibly. But if so, I haven't seen them. Sources please.
While meta-data is absolutely useful, contents are even more useful. Just because something has one security issue doens't mean that we should give up security altogether.
> Because I want specifics
What specifics? Do you want me to make up a story about how someone could use information to attack someone else? or to use existing examples: http://www.cnn.com/2013/10/04/world/americas/silk-road-ross-... https://cpj.org/blog/2017/06/how-surveillance-trolls-and-fea... These are just 2 examples I pulled from a 5 minute search.
This isn't anything new. Having access to communication is pretty much the basis for espionage. If you don't see how that applies.... I'm not sure I can help you.
> legal government related. In which case Google can't (and won't) protect you
That's my point. They can protect you, they choose not to. Zero-knowledge encryption is still a thing. Just because Google doesn't use it doesn't mean it's not possible.
> non-government related. In which case you are better protected with gmail than most things you can reasonably do. Ask Hillary Clinton. :)
Only if Google can't access that data. If they can, it's much easier to bypass encryption and just ask Google to hand it over. Google can solve this problem but chooses not to.
> Where did I say we shouldn't ensure privacy/security?
When you say that gmail should be trusted. There are clear privacy/security holes with their model that you are ignoring. That's what this whole discussion is about.
> What I'm refuting is your claim that "it's bullshit because it failed once"
A) It didn't just fail once.
B) Failing just once proves that the system is not secure, and needs to be fixed. Failing multiple times from the same attack vector proves that they aren't taking security/privacy seriously, because they won't fix the root problem.
> Most things in your life fail more often than that
... so? Whether thing A fails more often than thing B has no bearing on whether thing B can and will fail.
Some one wrote fread, it could've been john, and john absolutely could be reading your email. Look at the what happened with ubers god mode.
That said the value of gmail for me exceeds the risk of people I care about reading my email getting access or having access. However my(and probably your) subjective view on the value of your emails is absolutely subjective.
But then again, in the context of the story, it doesn't change anything. Google still has access to your email. That it is not "reading" for the purpose of ads is just a minor thing that doesn't impact your privacy/security in any way (in the terms that you are describing).
You need to give up on your content the day you started using gmail, no matter what the TOS says.
....script type="text/javascript" src="/static/scripts/ga.js....
I'm pretty sure that's the empty set.
I actually host my own email but every time I send a message to somebody using one of these webmails it gets indexed and monetized.
But I would argue that it's a technical problem first and foremost, email security is mostly a joke. If I need to send sensitive things through emails I can always use PGP to actually protect it, instead of relying on the goodwill of the email provider not to peek into the message. If people really valued their privacy they'd be doing something similar.
EDIT - I am not sure why I am being downvote, I legitimately don't get his point and figured I would for more info rather than just calling him out as a troll or something. Is there something obvious I should know?
I believe some Buddhism teaches something along the lines of: personal possessions are bad, and freedom is found in not owning anything.
I think OP is saying: advertising goes directly against that line of thinking. It is actually tempting a Buddhist to buy more stuff, thus going against their religion.
In actuality: they are a waste of my time and mental space
Having said that, I've never clicked on an ad in Gmail since 2004 or so.
They are about the only people I've ever seen express this view seriously.
I'm not trying to say that all ads give you that benefit - most are just a waste of screen space, compute and bandwidth.
http://moneyinc.com/wp-content/uploads/2016/06/nypostoutbrai...
Benefitting. You.
https://pbs.twimg.com/media/B2044DNCEAAHmu-.png
The next time you want to buy, say, 9 celebs in open relationships.
http://www.cpawealthacademy.com/wp-content/uploads/2015/08/R...
This is what ads are. This is what we adblock. This is clickbait, lies, manipulation, visually distracting, space wasting, untrustworthy, barrel scraping garbage.
"Ads inform you about products" in the same way slime mould informs you that your house is too damp. The best individual course of action is not to buy what the mould is selling.
On the other hand, a program which analyzes mail to ascertain the tastes, interests, and personal plans of the participants is mining much more sensitive data, and it's compiling/storing it off-site long-term, and it's very specific to the individuals involved.
All of us who've used Gmail know how creepy it can get. Send a couple of mails about marriage and suddenly you start seeing targeted ads about engagement rings or other marriage-related things. Google stores this forever and they'll say "Ah, we know this guy was talking about marriage 10 years ago; traditionally, marriages fail after 5 years, we've detected a tense tone in his mails to his wife, BEEP BOP BOOP, DIVORCE LAWYER AD IS RELEVANT".
This inference is not only dubious (ethically and technically), but anyone observing your browsing while you're logged in will see these ads and may assume that you're seeing those ads because you've been searching for information on divorce, not because Google's inference is overzealous, although it may very well be. Search and replace with anything else: new credit cards/bankruptcy lawyers, research on a medical condition/ads for related medicines, etc.; the potential for creepy inference is endless, not to mention the concrete surveillance value provided to literal spies (via PRISM), nor the risk of compromise/abuse outside of the ad space. They don't have to get and process your entire mail archive; they just have to draw their inferences from Google's own inferences in your compiled taste/interest profile.
That's much more serious than a throwaway analysis of whether a mail contains spammy properties or not.
Have you actually seen anything like this? In my experience the ad targeting seems like extremely shallow keyword analysis.
The idea is that once you have any apparatus in place, and funds allocated to the maintenance/operation there of, you will find that people come up with creative ways to use that apparatus to either cement their position in the company or to improve career prospects. This applies to lots of domains, the obvious one being the government. Once you have a drone program, you'll find that someone somewhere WILL find a way to justify its usefulness.
My main problem with data collection is the permanent nature of it, where someone somewhere at some point in time, possibly when the computational costs become feasible, will come up with a seemingly innocuous use of the data that will spiral out of control. Also, is Google hack-proof? Judging by the lawsuits around the self-driving division, apparently its trivial to steal data if you're on the inside.
I personally use AdBlock so I don't see Google ads very often, but I have been creeped out by ads in the past, and I have had Google infer interests in changes to relationship status based on mail content (e.g., offering engagement rings).
I believe they have manual filters to try to stop inferences that are too offensive from being made (e.g. suggesting a divorce), but those, of course, can never be perfect, and it doesn't mean they aren't making the inference or maintaining the data necessary to do so; it just means that they are blocking it from showing up.
I'm not really saying this is either good or bad. The question was why people care less about reading emails to filter for spam than they care about people reading emails to develop a consumer's ad profile. These are some reasons why.
It isn't always accurate, I know a girl that is very not pregnant but gets these things anyway. She babysits occasionally and I suspect that combined with her Baker's card and Walgreen's card give the mass marketing gurus all the information they need to know that she sometimes cares for kids.
They were doing this in early 2000s, can't imagine how sophisticated the same type of system is now.
Gmail provides me with a free email service. They already have the full text of all my emails. If they want to use that data to help decide what ads to serve me, I have no problem with that so long as that data isn't shared with anyone else without my consent.
Do you have any way of verifying this? I am not accusing google of anything, I just find this to be an interesting level of trust to have with a free online service.
In the absence of any evidence that they _are_ sharing my private information with others, I see no reason not to trust them in this regard.
Really? Good luck suing them if they decide to sell your data. They certainly won't lose much revenue from fleeing customers if they think up a creative new way to monetize your data with "select business partners"; Google (and Facebook et al) spent the last decade entrenching themselves infrastructure for far too many people. They have far too much power and inertia to lose much in the short or medium term.
> trust them
Privacy policies change. Even if Google has good intentions about protecting your data today, you're gambling that those intentions will not change in the future. You don't know who will be hired/fired at Google in the future, nor do you know how the current (or any) management will react should the company have a particularly unfortunate run of bad finances or other troubles. Never-mind that humans often act irrationally for stupid reasons so any prediction about future behavior has to have a huge error bar.
However, that isn't the big problem with trusting Google to not share your pattern-of-life[1] with a 3rd party: you're assuming it will be Google's choice, or that they will even have any de facto influence over the long-term fate of your personal information. Your trust doesn't make Google infallible; the best security teams can only make hacks less likely. Warrants, legislation, and quasi-legal-but-hard-to-ignore orders from governments happen. Prism (and other mass surveillance programs) still exist. Concentrating valuable data at one location makes it more valuable, so the scope of potential threats to your data increases as more data is collected.
The world is not as just[2]. Trusting that your data will magically stay safe at Google forever - or even just the near future - is only possible if you first pretend that Googles security is and always will be perfect, that the programs Snowden/Drake/Binney/etc warned us about never existed, that no current or future Google employee will ever become disgruntled (or crazy), and probably many more potential threats that haven't been invented yet.
[1] or mundane data like your email
[2] https://en.wikipedia.org/wiki/Just-world_hypothesis
I don't think that's true. Sure, they wouldn't be out of business overnight, but depending on how serious this hypothetical breach of trust is, it'd certainly hurt them a lot.
> Warrants, legislation, and quasi-legal-but-hard-to-ignore orders from governments happen
My threat model does not currently include the NSA or the US government. I don't anticipate that changing in the near future, but if it does then you're right; I'll certainly need to stop using Google services. (And probably all cloud services in general.) Or at least "air gap" them from the portions of data I want to keep secret.
> pretend that Googles security is and always will be perfect [...] that no current or future Google employee will ever become disgruntled
While I consider myself to be more security conscious than the average citizen, I _still_ trust Google's security practices (against both internal and external threats) far more than I trust my own. If my data on Google's services gets compromised, I think it's far more likely that it'll be because someone stole my password and 2FA tokens than because somebody hacked Google.
As with anything, I realize there's certainly a security/usability tradeoff to be made. For the moment though I'm quite confident that the extra utility Google provides is worth the risk, at least for my purposes.
That just seems silly
I didn't even say not to trust google, I just questioned the level of trust.
Google has already secretly given people's info away. They've admitted to getting and complying with NSL's already.
It's a common phenomenon across a variety of social media when a certain few companies are questioned on their practices.
It's all very tribal.
I think its fair for you to accept the terms, if you know what you're getting in return. The problem here is that you will never know exactly what information is stored about you, and how personal it is, and you have zero control over it. Also simply by sending YOU an email, I'm also entangled in the data collection scheme.
On the contrary. I know what emails are stored in my inbox just as well as Google does. I can also search through that information and delete it if I so choose, so I do have control over it.
They also have a lot more information about you than just your email, especially if you use their search.
Also what’s the likelihood of the NSA blocking your flight or making you disappear in the night? You probably should fear crossing the street more in terms of statistical likelihood of harm.
I get the privacy/freedom arguments however the hyperbole around this stuff is getting ridiculous as the fears are badly supported by actual data and statistical significance.
More people drowned in swimming pools last year than were “disappeared” by the NSA but there seems little hysteria around swimming pools. I pretty sure most of us don’t know a single person on a no-fly list.
Some high levels of paranoia around here it seems.
Yes, they did. Probably just tobacco companies alone.
> It takes a government to do that.
Since corporations are creatures of government, that's true by definition of everything corporations do.
A response as silly as it was predictable. Show me a Gulag Archipelago written about the tobacco industry and we'll have some grounds for further discussion.
Since corporations are creatures of government, that's true by definition of everything corporations do.
Ditto.
So if no one writes world class literature about your crimes, they didn't happen?
That works well enough on HN, as seen in the moderation in this thread, but not in real life.
The spam filter (hopefully) probably doesn't store that much about me, but an ad targeting bot could be a lot more problematic.
Also, email is transmitted in plain text. Sending an email is more like shouting to your friends in the street, rather than putting a letter into an envelope mailed to the recipient. Thus, I don't think an explicit consent is needed.
That said, I understand that fair use of such information is a concern.
These days Gmail will transfer your email protected by TLS if possible. Not shouting at all.
Interesting timing with the story earlier this week about Wal-Mart telling vendors to stop using AWS
I feel like any device that has a microphone is suspect if you want total privacy, but listening to what you say seems like an integral part of the device. You can only hope (and independently verify) that they don't store everything you say.
I could be wrong and/or they could be lying about how the product really works. Could probably monitor your network traffic if you really wanted to find out.
For example, if I write "I love coffee" in an email, am I more likely to see a Starbucks ad when I visit watch a YouTube video?
I've already paid for Youtube Red and couldn't be happier.
About $60 a year
I have about 8 accounts that I use.
If you look at the terms for G Suite (the paid business product), that is a top selling point. Businesses who pay for G Suite don't want Google using their data for anything, and Google complies.
Edit: in response to comment below, here are the main docs describing, including the Data Processing Amendment:
https://gsuite.google.com/learn-more/security/security-white...
https://support.google.com/googlecloud/answer/6056650?hl=en
https://gsuite.google.com/terms/dpa_terms.html
EDIT:
I think these are the terms and I don't seem to see this guarantee, but IANAL
https://gsuite.google.com/intl/en_in/terms/2013/1/premier_te...
https://gsuite.google.com/intl/en-GB/terms/emea_reseller_pre...
> Google Cloud does not scan your data or email in G Suite Services for advertising purposes. Our automated systems scan and index your data to provide you with your services and to protect your data, such as to perform spam and malware detection, to sort email for features like Priority Inbox and to return fast, powerful search results when users search for information in their accounts. The situation is different for our free offerings and the consumer space.
[0] https://support.google.com/googlecloud/answer/6056650?hl=en
I'm considering moving; Rackspace has pretty good hosted email for $2/user/month. We use it at work - webmail is acceptable though nothing to write home about, and their IMAP implementation is solid so you can just use a client.
But you pay $480/year for 8 email addresses? Ouch.
I have received exceptional support over the years, including them calling me twice when I reported an issue. My account is worth $5/month and I live in Fiji.
I've had to contact support a few times in the last few months for coworkers email issues. We're a very small company paying $5 per month.
To contact: https://admin.google.com/AdminHome then help button --> Contact support
Outlook.com offers "Premium" which removes ads. If you stop paying you just get the ads back but your account is otherwise unaffected[0].
Gsuite on the other hand removes ads, but if you stop paying then you lose access to your email and additional messages may bounce.
Apples and oranges.
[0] https://w2.outlook.com/l/upsell
Anyway this may solve the tragedy of the commons situation we're in now and allow us to move away from the technology war of ad blockers, ad blocker blockers, ad blocker blocker blockers, etc.
edit: removed comment on clarity of Gsuite vs Free due to downvote brigade.
>Alphabet Inc.’s Google Cloud sells a package of office software, called G Suite, that competes with market leader Microsoft Corp. Paying Gmail users never received the email-scanning ads like the free version of the program, but some business customers were confused by the distinction and its privacy implications, said Diane Greene, Google’s senior vice president of cloud. “What we’re going to do is make it unambiguous,” she said.
"Consumer Gmail content will not be used or scanned for any ads personalization after this change"
https://blog.google/products/gmail/g-suite-gains-traction-in...
Original post: https://blog.google/products/gmail/g-suite-gains-traction-in...
Disclaimer: I work for Google, but not on this.
Google doesn't read e-mails from GSuite. So the change is to stop reading from Gmail's free accounts.