It's worth mentioning that all these measures can be fairly trivially defeated by the analog loophole[1]. I suppose it's harder to prove authenticity in that case, however.
Allow me to sell your organisation some VR goggles with iris-reading DRM protection. Your browser won't display on any other screen. And Google Services won't work in any other browser.
Sure it's harder, and it will not stand up in a court of law probably. But there probably have been and still are a ton of spies, national and industrial, who do exactly this, memorize things.
As an employee of a very large corporation, are you trying to claim a special inside knowledge about the strategic thinking of the corporation. Are you in or do you report to the C-suite?
If not, consider that you might be making your own broadly wrong assumptions.
There are undoubtedly a variety of ways to bypass things for a motivated attacker. Analog is likely only one of those.
The thing that a lot of these measures protect against is not so much a targeted attack, it's stupid user tricks. It's not protection against Jane the Spy extracting as much information as she can, it's a measure against Danny the drunk who leaves his laptop at a bar or sitting in the back seat of the car where it's visible and stolen.
There are also likely a lot of places where it would be illegal to use something like this with auto expiring messages, though hopefully most such places won't be using Gmail.
But as a worker in a corporation, the chances that you would want an email so badly that you start breaking more corporate rules trying to get a copy of an email is very unlikely at least for common everyday work.
This could be a useful feature when dealing with PHI, legal, HR, etc.
I know people who have taken photos of protected documents with their phones to send to their team, because IT couldn’t get their permissions working properly. It seems like it’s not worth the risk to break an obvious rule like that, but when you’re the manager the responsibility lands on you to get your team the info they need.
Yes, that's the risk exactly. If you start taking pictures of PHI on your phone over and over eventually your manager like the one above you is going to get fed up and drive you or fire you out of a job.
>as a worker in a corporation, the chances that you would want an email so badly that you start breaking more corporate rules trying to get a copy of an email is very unlikely
This seems like it should be true, but having worked with end users in the past I would not take this for granted
I disagree, there have been politicians that go through the trouble of setting up their own email server in their basement because the official way is too arcane or not comfortable.
They said corporation, not government. Do you have an example of a low level employee or C level executive using private email server for their official communication.
The analog loophole can’t prevent leakage but steganography can trace it back to its source. Iirc Windows 8 prerelease copies used to put an imperceptible watermark on the screen of the user account. When a leak was published to the news a simple filter would tell Microsoft who to fire.