Wednesday, April 07, 2004
Gmail Privacy Alert
Gmail Privacy Alert
Google covets your email address
Always delete your Google cookie before and after!
Google has added many new services and features in recent years. On April 1 they announced their Gmail service. It's no April Fools joke, but someone at Google may still be laughing. A form on their site lets you enter your email address so that Google can send you updated information about Gmail within the next few weeks.
Many Google fans, as well as those who are attracted to the generous storage offered by Google's free Gmail, are rushing to enter their email address in this box. Although it is not stated anywhere on Google's site, the presumption among many is that those who do this immediately will have a better chance of getting a unique username that suits them.
This is an urgent appeal to anyone entering their email address on any page at google.com, to first delete their Google cookie. The urgency has to do with the fact that tens of thousands can be expected to do this over the next week or two. Other pages at Google have the same problem (News Alerts is an example), but the numbers involved are much smaller.
Google uses a single cookie for everything, and it expires in 2038. Your browser offers this cookie, which contains a unique ID number, every time you enter any page on Google's site. If you don't have a cookie, Google will give you one with a new unique ID number.
All of your search terms are saved by Google, along with a time stamp, your IP address, and your unique cookie ID. So far this information is not considered "personally identifiable" by Google because your IP addresses might be dynamic. (Broadband addresses are often fixed for weeks or months, but dialup addresses are very dynamic.) The unique ID in the cookie is the one thing that identifies all of your various IP addresses as coming from the same browser.
Your Internet service provider maintains logs that can trace your IP address to you as an individual at a particular point in time. This is especially true if you use broadband. But as time passes, many providers rotate their logs and the old data is deleted. Normally, the only way that your unique cookie ID at Google can be traced to you as an individual is through this IP address.
However, as soon as you enter an email address on a Google form, it becomes easy for Google to assign your cookie ID to you as an individual. That's because your browser, at the precise point in time that you click your email address to Google on one of their forms, sends your Google cookie ID along with the email address you entered. Google is no fool. They will record this information so that it can be retrieved from their databases. Now they've tied your searching history to your email address. How hard is it to tie your email address to you as an individual? It's not hard at all.
If you delete your Google cookie before you hand over your email address, then by the time you get to the form and submit your email, Google will have issued a new cookie that has an unused ID in it. This cookie ID will not match anything in Google's databases. After submitting your email, you should delete your new cookie too. That way your email address is tied to a cookie ID number that remains useless to Google.
This page is not meant to be an analysis of Gmail, but while you are at it, please read the privacy page and the terms-of-use page for Gmail. Note that if you delete an email, Google may mark it so that it is invisible to you, but might not really delete it. And if you terminate your account, Google does not guarantee that they will erase your emails. Google decides what to delete and when, not you. It's none of your business.
While Google brags that no humans will read your emails, the entire Gmail program will involve extensive automated profiling of you as an individual. Google will be sharing the non-identifiable portions of your profile with anyone they choose. If the ownership of Google changes, or there is a merger, the entire personally-identifiable profile will be available to the new owners or partners.
Finally, it's all available to government officials all over the world, under whatever legal procedures are used in any particular jurisdiction. It is also available to civil litigants under discovery procedures authorized by a court. When you look at it this way, the one-gigabyte allowance for your email account becomes much less attractive.
Google never deletes anything they collect, as far as we can tell. Think twice before typing in your email address on a Google form.
Google covets your email address
Always delete your Google cookie before and after!
Google has added many new services and features in recent years. On April 1 they announced their Gmail service. It's no April Fools joke, but someone at Google may still be laughing. A form on their site lets you enter your email address so that Google can send you updated information about Gmail within the next few weeks.
Many Google fans, as well as those who are attracted to the generous storage offered by Google's free Gmail, are rushing to enter their email address in this box. Although it is not stated anywhere on Google's site, the presumption among many is that those who do this immediately will have a better chance of getting a unique username that suits them.
This is an urgent appeal to anyone entering their email address on any page at google.com, to first delete their Google cookie. The urgency has to do with the fact that tens of thousands can be expected to do this over the next week or two. Other pages at Google have the same problem (News Alerts is an example), but the numbers involved are much smaller.
Google uses a single cookie for everything, and it expires in 2038. Your browser offers this cookie, which contains a unique ID number, every time you enter any page on Google's site. If you don't have a cookie, Google will give you one with a new unique ID number.
All of your search terms are saved by Google, along with a time stamp, your IP address, and your unique cookie ID. So far this information is not considered "personally identifiable" by Google because your IP addresses might be dynamic. (Broadband addresses are often fixed for weeks or months, but dialup addresses are very dynamic.) The unique ID in the cookie is the one thing that identifies all of your various IP addresses as coming from the same browser.
Your Internet service provider maintains logs that can trace your IP address to you as an individual at a particular point in time. This is especially true if you use broadband. But as time passes, many providers rotate their logs and the old data is deleted. Normally, the only way that your unique cookie ID at Google can be traced to you as an individual is through this IP address.
However, as soon as you enter an email address on a Google form, it becomes easy for Google to assign your cookie ID to you as an individual. That's because your browser, at the precise point in time that you click your email address to Google on one of their forms, sends your Google cookie ID along with the email address you entered. Google is no fool. They will record this information so that it can be retrieved from their databases. Now they've tied your searching history to your email address. How hard is it to tie your email address to you as an individual? It's not hard at all.
If you delete your Google cookie before you hand over your email address, then by the time you get to the form and submit your email, Google will have issued a new cookie that has an unused ID in it. This cookie ID will not match anything in Google's databases. After submitting your email, you should delete your new cookie too. That way your email address is tied to a cookie ID number that remains useless to Google.
This page is not meant to be an analysis of Gmail, but while you are at it, please read the privacy page and the terms-of-use page for Gmail. Note that if you delete an email, Google may mark it so that it is invisible to you, but might not really delete it. And if you terminate your account, Google does not guarantee that they will erase your emails. Google decides what to delete and when, not you. It's none of your business.
While Google brags that no humans will read your emails, the entire Gmail program will involve extensive automated profiling of you as an individual. Google will be sharing the non-identifiable portions of your profile with anyone they choose. If the ownership of Google changes, or there is a merger, the entire personally-identifiable profile will be available to the new owners or partners.
Finally, it's all available to government officials all over the world, under whatever legal procedures are used in any particular jurisdiction. It is also available to civil litigants under discovery procedures authorized by a court. When you look at it this way, the one-gigabyte allowance for your email account becomes much less attractive.
Google never deletes anything they collect, as far as we can tell. Think twice before typing in your email address on a Google form.
Quick Links
Representations of the Intellectual - Edward Said (Arabic)
Haven't I seen you somewhere before? - on uniformity of looks under capitalism
Martin Kramer: Said's Splash, From Ivory Towers on Sand
The Native Informant - Profile of Fouad Ajami
On Spivak's experience of writing Death of a Discipline
Altschuler, Glen C. "Let Me Edutain You." New York Times 4 Apr. 1999, sec. 4A: 50
