Making peril permanent: Google's Gmail app redesign

Gmail's new archive default setting nudges users away from the delete option and brings its own set of security risks

Google's recent update of its Gmail app made archive the default setting, encouraging its users to save their email, literally, forever.

This may mean a doctor's message about a medical condition, a love note, a conversation about an employer, a neighbor, or with a therapist, may be preserved for decades and, consequently, is left forever at risk.

[ Also on InfoWorld: Your online privacy was doomed long before the NSA came along. | Get your websites up to speed with HTML5 today using the techniques in InfoWorld's HTML5 Deep Dive PDF how-to report. | Learn how to secure your Web browsers in InfoWorld's "Web Browser Security Deep Dive" PDF guide. ]

Gmail app users haven't lost the option of deleting an email. But in its redesign of the Gmail app, Google is nudging users away from the delete option.

Accepting archive as the email default requires blind faith that the account won't be breached either next week or 30 years from now. It requires faith that the data won't be mined in new ways by Google, beyond ad targeting, or some successor firm. It also means having faith that somehow the new love in your life won't stumble upon old messages to lost loves.

Unless users go into general settings and tap some switches, the trash icon won't appear on the app tool bar. While this design change in Gmail is easily undone, many may not bother and herein lies the problem.

Users should manage their email and consider, what it is they wish to keep and not just give in ease of defaulting to archive, advise email management and security professionals.

Michael Harold, CTO of ArcMail, an email archive and management firm, said "it's to Google's benefit to capture everything that comes through the system for purposes of analytics."

"It's a business, and information is the business, and the user is actually the product," said Harold. "So if that's not an issue for you as an individual, it's nothing at all," he said.

But if you want to make sure that old messages don't show up for whatever the reason, Harold advises Gmail users to maintain control over their email. For businesses users, there are options, such as through Google's Vault, of managing retention policies.

Andrew Storms, director of security operations for Tripwire, a security firm, says he will delete or consciously archive an email. He doesn't default. "I try to make a decision about every email," he said.

Storms said his personal rule is to delete anything he would not want out in the public. He doesn't assume the safety of anything, and that includes the possibility that authentication systems won't somehow be breached.

"For me, being a security professional, it's more about the unknown," said Storms.

In consider the Gmail app changes, Richard Kline, a professor at Pace University's Seidenberg School of Computer Science and Information Systems, said Google has been paying a lot more attention to design and aesthetics lately.

While Google has been encouraging people to archive rather than delete for a long time, Kline said the interface change may be an effort to provide the most important features in a way that is still useable on a small screen.

The best evidence that usability was a major driver's in Google's app redesign, said Kline, is that the Web interface has remained the same, with the archive and delete buttons next to each other.

Kline said there is appeal to the idea of archive default. Rather than prompt people to consider whether something should be kept, "they tried to provide a mechanism by which you just save everything" while making it easy to search for it later.

Kline said he manages his email, and deletes messages he does not believed should be save. But he suggest a middle road for Google, and that's a check-off option for keeping an email in the inbox for 60 days before it's automatically deleted, something he said would be useful for short-lived discussions.

For those who want to delete message, Google says email will remain in trash for approximately 30 days before it is automatically emptied and permanently deleted. But it also points out that it may take up to 60 days for the message to disappear from its active services. The email may also remain on Google's backup systems "for an additional period of time'" the company says.

Patrick Thibodeau covers cloud computing and enterprise applications, outsourcing, government IT policies, data centers and IT workforce issues for Computerworld. Follow Patrick on Twitter at @DCgov or subscribe to Patrick's RSS feed. His e-mail address is pthibodeau@computerworld.com.

See more by Patrick Thibodeau on Computerworld.com.

Read more about Internet in Computerworld's Internet Topic Center.

This story, "Making peril permanent: Google's Gmail app redesign" was originally published by Computerworld.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies