With recent data breaches, including the Russian hacking of 1.2 billion user name and password combinations and 500 million email addresses, consumers are concerned about their privacy and protection. Which raises the question how safe is your own email?
The big three – Google, Microsoft, and Yahoo, have all faced scrutiny for their privacy practices. In 2013, Google admitted that Gmail’s emails are subject to “automated processing” – and users have “no legitimate expectation of privacy in information [they] voluntarily turn over to third parties.” Google automatically opens and processes emails that originate from non-Google accounts to one of Gmail’s 500 million users, scanning the email content for keywords. Those keywords are used for targeted advertisements to you and your contacts.
According to Google, nothing is amiss with this practice. If you’re a Gmail user, though, you’ve essentially agreed to this in Google’s terms of service (TOS), allowing Google to scan and process your emails. Those who are corresponding with you without Gmail accounts, however, have not agreed to these TOS. When the news broke that Google was scanning our emails, Microsoft launched its “Scroogled” campaign, stating: “Google goes through every Gmail that’s sent or received, looking for keywords so they can target Gmail users with paid ads. And there’s no way to opt out of this invasion of your privacy. Outlook.com is different—we don’t go through your email to sell ads.”
Google’s response to the Scroogled campaign? “Advertising keeps Google and many of the websites and services Google offers free of charge. We work hard to make sure that ads are safe, unobtrusive and relevant. No humans read your email or Google account information in order to show you advertisements or related information.” Google added: “An automated algorithm — similar to that used for features like Priority Inbox or spam filtering — determines which ads are shown.”
So what about those who haven’t signed Google’s terms of service? Google relies upon a 1979 Supreme Court ruling, Smith v. Maryland, which states that citizens “lose their right to privacy” when they hand off their personal documents to third parties. Google’s former CEO and current executive chairman, Eric Schmidt, feels that these practices are ethically sound. He stated: “Google policy is to get right up to the creepy line and not cross it.”
So who else might be wiggling their toes on the “creepy line?” Google isn’t alone in email scanning: Microsoft does scan emails, too. And while Microsoft’s scanning is designed to block spam, the process is still very similar to Google’s. Stefan Weitz, Microsoft’s senior director of online services, stated that Microsoft’s scanning is entirely benign.
“In the most general sense of the word, the ‘scan’ is the same,” Weitz stated – but the intent is altogether different. Weitz contends that Google’s lack of “transparency” about the information collected from emails and searches is troublesome. Weitz argued that Microsoft is specifically scanning for keywords that would be red flags from spam, while Google’s keyword scans are for targeted ads.
And what about Yahoo? They scan your emails, too.
Yahoo was recently ordered to face claims that it illegally shares the content of our emails, using this data for advertising purposes. U.S. District Judge Lucy H. Koh is well-acquainted with email privacy lawsuits: She ruled in March of this year that Google’s privacy policy about mining user emails for information was misleading and vague. Shortly afterward, Google changed its user terms. Earlier his month, Koh stated that Yahoo email users can pursue Yahoo’s alleged violation of a California anti-eavesdropping and anti-wiretapping law.
Yahoo’s response? The company asserted that its terms of service and privacy policy note that it scans, collects, analyzes and stores emails. Yahoo further stated that email subscribers are responsible for notifying the nonsubscribers that they communicate with – and Judge Koh agreed. According to Judge Koh, Yahoo’s terms of service do establish explicit consent from email users to scan and analyze all emails for targeted advertising. And while Yahoo successfully fought the claims that it uses nonsubscriber emails to target advertising, Judge Koh recently ruled that they will still face electronic-storage claims.
So just how safe is your email? With increased scrutiny from citizens and courts alike, privacy policies are reflecting increased transparency about how and why information is collected from email users.
Google, Microsoft, and Yahoo all have privacy policies pertaining to the information that they collect – and how they use it.
Google’s privacy page states: “When you share information with us…we can make those services even better – to show you more relevant search results and ads, help you connect with people, or to make sharing with others quicker and easier. As you use our services, we want you to be clear how we’re using information and the ways in which you can protect your privacy.”
Microsoft’s privacy page states: “…we are able to compile information over time about the types of pages, content and ads you, or others who are using your computer, visited or viewed…We use this information to help select and display targeted advertisements that we believe may be of interest to you.”
And Yahoo’s privacy page states: “By bringing content and advertising to you that is relevant and tailored to your interests, Yahoo provides a more compelling online experience. Our customized ‘smart’ services save you time and cut through the clutter.”
Whether you’re concerned about getting scroogled, microscanned, or yah-whoed, the who, what, and why of free email provider policies are readily available – and it’s your informed decision to make.