| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by mdp 2363 days ago

I came to a similar conclusion. You should write every email as if it were public, because it's entirely likely that it will be. They can be forwarded, made public through legal discovery, or exposed in a data breach (eg. Sony/North Korea).

Forget security for a second, imagining every email as public record will make you more considerate and less biased writer. And from a business perspective, email should be viewed as a public legal record, because in some cases it will be used that way.

That's not to say that there shouldn't be private messaging options, it's just that email isn't one of them and was never really built to be. PGP was always sort of a tacked on solution with a lot of faults (no forward secrecy, plenty of meta data leakage, usability issues)

All that being said, I still left Gmail for Fastmail. Just because I consider every email I write to be public doesn't mean I want Google getting a free pass to mine and sell my data.

4 comments

wstrange 2362 days ago

I agree with most of what you have written, but this:

> doesn't mean I want Google getting a free pass to mine and sell my data.

AFAIK, they don't do that with gmail. Do you have any evidence to the contrary?

We need to hold Google's feet to fire on privacy, but it is also important that we do not exaggerate or distort the facts.

bcrosby95 2362 days ago

Unlike most other responders, I generally trust Google not to do this. Everything they say they don't do has been confirmed to me one way or another by people working there that I trust.

They may make money off ads but I don't think they have any real incentive to lie about what they're doing. Because most of their users don't actually care. I would be curious if anyone knows of any scenario where Google has outright lied about what they do and don't do with information, because I've never heard of it.

For me, I moved off gmail for other reasons: my email is too important to randomly lose access to because e.g. their youtube AI thinks I'm spamming a channel on Youtube. I look at all my data in Google as if I might lose access to it forever some day, because someday I might, with zero recourse.

thebean11 2362 days ago

What exact behavior of Google are we talking about here? I'm pretty sure they do mine emails for their own ad targeting. On the other hand, I'm equally sure they handle the information securely and don't pass it on to anyone else.

wstrange 2362 days ago

> I'm pretty sure they do mine emails for their own ad targeting.

They do not. See https://support.google.com/mail/answer/6603?hl=en

"We will not scan or read your Gmail messages to show you ads."

tinus_hn 2362 days ago

Yet, they state

https://policies.google.com/terms?hl=en

> Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.

tuananh 2362 days ago

> "We will not scan or read your Gmail messages to show you ads."

that reads to me like ""We may do it for other purposes."

jdminhbg 2362 days ago

They obviously do, as does every mail provider that filters spam, at a bare minimum.

twoflower9 2361 days ago

Whenever I book a flight google offers to set alarms and gives me don't forget your flight tomorrow notifications. They are obviously reading the email to achieve this.

SahAssar 2362 days ago

Well, if they didn't you wouldn't be able to search in your inbox, among other things.

eschutte2 2362 days ago

Interesting, looks like they stopped in 2017.

mdp 2362 days ago

You're right, "Sell my data" might have been too strong. But they are certainly mining it to train things like their "suggested responses". In my view, it's an ad company, and while they might not be doing it today, there's nothing stopping them from using my data in the future, hence the "free pass".

jrobn 2362 days ago

I don’t trust google products. I will never buy anything they want to sell to me. Burden is on them.

I tore off my nest thermostats and replaced them with dumb ones. I miss the ability to change my heat remotely, but at the end of the day. I don’t need that functionality.

orhmeh09 2362 days ago

They already scan your purchases in your inbox: https://www.cnbc.com/2019/05/17/google-gmail-tracks-purchase...

They say they won’t use it to sell ads:

> “To help you easily view and keep track of your purchases, bookings and subscriptions in one place, we’ve created a private destination that can only be seen by you,” a Google spokesperson told CNBC. “You can delete this information at any time. We don’t use any information from your Gmail messages to serve you ads, and that includes the email receipts and confirmations shown on the Purchase page.”

What guarantee is there that this is not being used for other purposes? To train other kinds of models? To, say, monitor other people’s AWS bills, in order to optimize their own offerings? How likely is it that such a project was approved with no gain except adding perceived value to the Gmail product? I have a hard time believing they would do it only for that.

joshuamorton 2362 days ago

> I have a hard time believing they would do it only for that.

Why? Adding perceived values is how you get more users. More users == increased revenue.

I think the important question is: if Google were doing something nefarious like that, why on earth would they tie it to a public feature instead of just keeping it totally secret?

orhmeh09 2362 days ago

But is that actually nefarious, or meaningfully proscribed, or is it not understood that this kind of stuff is how Google makes money, and how it will continue to make money into the future? Is this unacceptable to most people? I am uncomfortable with it, but isn't this the way "business is done?"

peteretep 2362 days ago

I think you're right in the simple case, and they're not _currently_ doing something nefarious, but I also think it takes one creative product manager one day to decide they will directly sell that data, and most people will be too invested by that point

cle 2362 days ago

IMO the burden should be on Google to prove that they don't. The flow of personal data through their systems is opaque and they have plenty of incentives to monetize the data.

mdszy 2362 days ago

You can't prove a negative.

nkrisc 2362 days ago

They said "prove" but really it's about trust. Google has lost many peoples' trust and it's on Google to restore that trust.

fulldecent2 2362 days ago

Sure you can. Apple does not run its image classification on your images using its cloud servers. You can test this by stepping inside a microwave or other cage and seeing that image classification and search still works on the iPhone.

---

On the other hand, what Apple does with your photos that you allow to be exfiltrated through iCloud... that's your own stupid fault.

dredmorbius 2362 days ago

We're not talking about mathematical or scientific levels of proof, but assurance and trust.

The usual methods for achieving this are government regulation and oversight (free of capture), and independent third-party audits (likewise).

The good news is that there seems to be ... some, slight ... progress in this direction.

rgbrgb 2362 days ago

You definitely can [0], but this one would probably be hard for google without significantly modifying the architecture of gmail in ways that would remove its revenue model. For example, they could open source a client that had audit-able end-to-end encryption, but then they couldn't optimize ad revenue by aggregating and mining large email datasets.

[0]: https://en.wikipedia.org/wiki/Proof_of_impossibility

mdszy 2362 days ago

> a proof demonstrating that a particular problem cannot be solved as described in the claim, or that a particular set of problems cannot be solved in general

did you even read the article you linked

rgbrgb 2362 days ago

Apologies, I thought you were saying that you can't prove a negative... that negative proofs (like the examples linked) do not exist.

tinus_hn 2362 days ago

Google does mine email but does not sell the data.

naniwaduni 2362 days ago

... because they find it more profitable to retain exclusivity over the data, sure.

fauigerzigerk 2362 days ago

If that is so then "public" and "private" are insufficient categories to describe messaging options.

I'm forced to send proof of identity as well as proof of address via email. I'm receiving bank statements and countless other sensitive documents via email. And I have absolutely no other choice.

Whoever gets a hold of my email can impersonate me in almost every context.

So no, I do not consider the contents of my email public. Absolutely not!

I'm not willing to consider a service completely insecure just because it can never be completely secure.

wyclif 2362 days ago

In fairness, I don't think he meant the contents of your email account should be public, he said you should write and behave as if it could be because who knows what a webmail provider will do with your data. That's a very different thing than saying it should or will become public.

fauigerzigerk 2362 days ago

The question was whether or not it makes sense to make email services as secure as possible and prefer more secure email providers to less secure ones.

Some say we should give up making email more secure, because it can never be as secure as more modern messaging services.

That doesn't make sense to me, because we don't have a choice other than to use email in ways that require very high levels of security. I cannot behave as if my email could become public any moment.

I would love if the world were to move on to more secure messaging platforms. But it's simply not the world we live in right now.

newnewpdro 2362 days ago

> You should write every email as if it were public, because it's entirely likely that it will be. They can be forwarded, made public through legal discovery, or exposed in a data breach (eg. Sony/North Korea).

None of these are unique to email.

This is the attitude one should take for any electronic form of communication. Even old-fashioned ink on paper letters of significance have made it into the public record for all to see.

nirui 2361 days ago

> I came to a similar conclusion. You should write every email as if it were public, because it's entirely likely that it will be

I think this is mainly governed by expectation and received benefits.

I would let my doctor see me naked, because I'm expecting the doctor will fix my problem if I agreed to do so, and I assume the doctor will respect my privacy by not leaking information about my physical characteristics and private parts with others.

But what if it's for example the owner of my favor restaurant asking to see the same? I don't think I would go there anymore.