Since announcing Gmail two weeks ago, Google Inc. has been forced to defend the planned Web-based e-mail service against accusations
that it may violate users' privacy. In the face of the attacks, especially vociferous in Europe, which has strict privacy
regulations, Google has begun to express willingness to be flexible about how it offers the service.
"This is one of the hottest issues we've ever dealt with in terms of Internet issues," said Simon Davies, the director of
the privacy advocate group, Privacy International.
Gmail, announced April 1, is planned as a free, Web-based e-mail service, similar to Microsoft Corp.'s MSN Hotmail and Yahoo
Inc.'s Yahoo Mail, though its 1G byte of storage is much more than these other popular free services offer. But Google is
planning to scan e-mail and add advertisements that it thinks are relevant to the messages. Additionally, the Gmail privacy
policy warns that messages, even if "deleted" by a user, may still be stored in the system, even long after users have closed
their account -- something that some privacy campaigners believe may be in conflict with U.S. and European data protection
and privacy laws.
Since the Gmail announcement, Spymac Network Inc. has launched a free online e-mail service that matches the 1G byte of storage
that Google is offering, but has pointedly said it will not do key-word searching and will not tie advertisements to the service.
Last week, Privacy International filed a formal complaint with the U.K.'s information commissioner office (ICO) requesting
that action be taken against Gmail. Additionally, California state Democratic senator Liz Figueroa said the privacy issues
were leading her to consider proposing legislation to stop Google from launching its Gmail service in its present form.
In the face of such opposition, Google has given signs that it may be rethinking how the Gmail service is structured. The
service would require all users to participate in the ad service -- that is, users would have to accept the display of ads
and the scanning of their e-mail messages -- but that could change, as could many other things, since Gmail is in early testing
phase, a Google spokesman said Wednesday.
"Google has the highest regard for the privacy of our users' information. We have taken great care to architect Gmail to protect
user privacy and to deliver an innovative and useful service. While we're still in a limited test of Gmail, we welcome and
appreciate feedback on how we can improve the offering for our users," he said via e-mail.
The technology that presents users with relevant Gmail advertisements operates in the same way as all popular Web mail features
that process e-mail content to provide a user benefit, such as spam filtering or virus detection, he said.
"We are confident that Gmail is fully compliant with data protection laws worldwide. Google actively solicits user feedback
on our privacy policies. If they can be made clearer or otherwise improved, we want to hear about it. We look forward to a
detailed dialogue with data protection authorities across Europe to ensure their concerns are heard and resolved," he said.
A spokeswoman for the ICO on Wednesday said that as long as Google makes the conditions of its service transparent to people
when they sign up, the proposed service should not violate U.K. data protection laws. "As long as Google makes it clear that
it is monitoring e-mail usage and passing that information on for marketing purposes, there shouldn't be a problem. But I
want to make it clear that Google has not even launched the service yet, and has agreed to work with us to make sure that
its notification process is very clear," she said.
The ICO spokeswoman added that representatives from Google working with the ICO had been surprised by the reaction to its
proposed e-mail service. "I don't think they thought this was going to be a problem," she said.
Not only has the data privacy issue cropped up as a potential problem for Gmail, it appears to be a problem that won't easily
go away.
"I'm a bit angry at the ICO because they've been putting around the idea that the Gmail service as planned is okay, simply
if you make it clear that they are going to scan and then permanently store your information: That is not the point. This
is about having rights over your own e-mail and Google is going to have to give you control over your own e-mail. This is
virgin territory," Privacy International's Davies said.
Privacy International is concerned that Google is treating a serious privacy issue purely as a public relations issue and
has vowed to press the matter further if the ICO doesn't pledge to gain a series of guarantees and protections from Google
for potential users of Gmail.
"We will be filing simultaneous complaints with the data privacy regulations of every other European nation on April 22 should
we not receive a satisfactory response from the IOC," Davies said. "Germany, for example, has much stricter policies regarding
privacy and they wouldn't blink at taking severe action. Sweden, as well, has shown a willingness to addressed similar issues."
Jeanna Thorslund, senior information officer of Sweden's Data Inspection Board, said that though the board has not received
any complaints about Gmail, it was aware of the planned e-mail service and would continue to monitor the situation. Representatives
from the data privacy agencies in Germany, the Netherlands and France could do immediately be reached for comment.
In a similar fashion, representatives from the European Commission -- the European Union's (E.U.'s) executive body -- said
that they were also aware of the proposed Gmail service and were ready to look into potential legal conflicts should the need
arise.
"We are not in an active stance of waiting for complaints about Gmail and we are not at the moment investigating anything
specific but we will keep an eye on the situation," said Commission spokesman for enterprise and information society issues
Peter Sandler, on Thursday.
As an example of a potential problem with Gmail, Sandler pointed to the "opt-in" directive that was added to the statute books
of the E.U. member states last October. The measure puts the onus on companies to obtain permission from individual users
to send them unsolicited commercial e-mail. Additionally, theoretical issues about confidentiality may also arise with Gmail,
he said.
"The EC has a framework in place that requires confidentiality. There is an obligation of member states to make sure that
the confidentiality of messages are insured. So that could have implications for companies that are scanning and tracking
information," Sandler said.
Juan Carlos Perez in Miami contributed to this report.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
