This story, by a veteran TR correspondent, first appeared in the Dec. 2005/Jan. 2006 issue of Technology Review. It explores the complex issues of privacy and data security as they relate to Gmail, the increasingly popular, free web-mail service from Google.
Google’s Gmail raises important questions about the security and privacy of our personal information – questions that should matter not just to users of the free Web-based e-mail system but to everyone who exchanges e-mail with Gmail users.
And since the technical underpinnings of Gmail might very well be the prototype for the next generation of desktop-computer applications, the answers to these questions potentially affect everyone.
But wait – this is not another diatribe against the targeted advertisements Gmail shows while you read your mail. All of the worry surrounding that single issue has obscured a far more important one: data integrity and security. Gmail is so powerful, fast, and convenient that there’s a huge incentive for you to keep all of your e-mail there. But there’s a catch: Gmail makes no promise that a mail message you save today will still be there tomorrow – nor that e-mail you delete today will be gone tomorrow. Using Gmail means placing a lot of trust in Google.
When Gmail was launched in April 2004, it boasted three strengths: scale, search, and sales. Scale was the most obvious; Google promised each user the ability to store a gigabyte of e-mail when competitors like Hotmail were offering a measly two megabytes. Google could make this offer because, at the time, its 100,000-plus computers had more than 20 petabytes of combined storage. Since then, Google has shown it can buy new hard drives faster than its users can fill the old ones up.
Search was Gmail’s second strength. Instead of asking users to create “folders” and archive their e-mail like obedient file clerks, Gmail allowed them to simply click “archive” and banish e-mail messages from their in-boxes to an unseen holding area. Gmail users retrieve their archived mail by searching for it – a process that is so fast and thorough that it’s actually liberating.
Sales was Gmail’s third strength – one that was surprisingly controversial. When Google announced Gmail, it proudly proclaimed that it would analyze e-mail messages for common keywords and use them to customize advertisements. For example, an undergraduate reading a message about an upcoming assignment might simultaneously see an advertisement for a site that sells term papers.
In addition, Google now makes it clear that you can delete individual e-mail messages or your entire Gmail account at any time. If you do, however, your old e-mail might remain on Google’s servers for up to 60 days and on its “offline backup systems” for even longer. Although this may sound like an unacceptably long time, Google has in fact done a far better job in addressing the concerns of privacy activists than its competitors ever did.