Recently I came across this story by Todd Haselton that describes how the author located an obscure “purchases” page in his Google account settings and there found a methodical list of his online purchasing history, from third-party outside vendors, going back to 2o12.
The upshot of the story was that:
- Google saves years of information on purchases you’ve made, even outside Google, and pulls this information from Gmail.
- It’s complicated to delete this private information, and options to turn it off are hidden in privacy settings.
- Google says it doesn’t use this information to sell you ads.
Naturally, I flagged this story for the next edition of our #AxisOfEasy newsletter. Haselton reports that it isn’t easy to locate and delete this information, nor is there a straight-forward path to find it in your privacy settings to disable this behaviour.
This can’t be true (can it?)
The more I thought about this the more I thought “this can’t be true”. I apologize for doubting Haselton, but I thought he had to have it wrong, that maybe he had a stored credit card in his browser that he had forgotten or something, because the ramifications if true, are dire.
First, it means that in order to isolate and parse purchases, Google must then be scanning every email, otherwise, how would they know what’s a purchase and what isn’t?
Further, if they were scanning every email for purchases, what else where they scanning for? Either now, or in the future? The important mechanism, the infrastructure and methodology to scan and parse every inbound email is clearly in place and operational now, adding additional criterion is just a matter of tweaking the parameters.
Then, there is the matter that Google is doing this without informing their users. We can probably wager that there is buried down the rabbit hole of the ToS some clause that alludes to the possibility that Google reserves the right from time to time (including all the time) to do something or another with your email that may or may not involve machine reading it and dissecting it for your behavioural patterns; none of us have ever read it.
More importantly, it didn’t require an explicit opt-in to fire it up.
[ As a belated aside – everybody in tech already knew that the point of Gmail was it was free, and they would scan the contents to target ads. At some point I think they may have announced that they stopped doing that, I can’t remember. But the vast majority of normies (defined as people who don’t dream in XML), don’t realize this, or haven’t given it much thought. However this, parsing out financial transaction data specifically, takes it to a new level.]
I’ve personally verified this is happening
As I said, I initially thought that Haselton had perhaps stored credit cards in his Chrome browser and his purchase history was being populated from that. I still couldn’t believe that Google was in essence reading your email and cataloging your purchases on it’s own.
My Google purchases page existed, but was empty. To test it, I configured my gmail account (which I barely use, for anything other than Google news alerts) to receive any email from my Amazon account. None of my web browsers have any credit cards stored. Then I went and picked up a new audiobook.
Sure enough…within seconds, my heretofore empty purchases page, suddenly had an entry:
Hovering over the “info” icon anticipates the question, how did this get here?
And so we click to find out…
We get it from Google’s mouth:
“This purchase was found in your Gmail” (emphasis added, because properly rendered it should read “We found this financial transaction sifting through your email”).
Why this is problematic
Before this revelation, I was already habitually remarking how it simply astounded me whenever I came across a law firm, or an investment fund, or medical professional, or financial services firm, or any outfit that routinely carries out propriety or confidential communications (you know them by the typical disclaimer they append to every single email they send):
“This email and any accompanying attachments contain confidential information intended only for the individual or entity named above. Any dissemination or action taken in reliance on this email or attachments by anyone other than the intended recipient is strictly prohibited.”
…and find they’re using Gmail? Yikes. Those disclaimers should be modified to read:
This firm’s email and all accompanying attachments and any of your replies to us will be scanned, parsed and analyzed by our email provider. Hope you’re cool with that.”.
Because that’s what’s actually happening. Here’s the shortlist of problems with this:
- We don’t know what else they are scanning for, what else they are parsing out, where they are storing it and what they are doing with it.
- Google says they are not using this info to target ads, as if that settles matters. Then what are they doing with it or why else would they even bother? Further, Google says a lot of things, some of them turn out to be disingenuous. Google once testified before the US Congress that they don’t manually intervene in search results, it was later revealed that they …manually intervene in search results.
- Whatever data mining and collation and cataloging systems and resources are in place could be abused by Google staff. There are ample cases of tech giant employees abusing their positions and their visibility into user data.
- These same systems could be abused or exploited by partners, as has been reported in #AxisOfEasy in previous instances.
- These systems could be used (or are being used) under a larger umbrella of State surveillance, which we all know is happening – thanks to the likes of Edward Snowden (see his recent talk to Dalhousie University here). Google’s startup financing came in part from the US intelligence apparatus and, as is frequently observed here and elsewhere, now a major contractor to world governments and the US military.
- [ Added – later] As pointed out by a reader, it may also violate data privacy laws of various locales, regardless of what’s actually in the ToS.
Objections and Rationalizations
There will no doubt be people who read this and object to this being a problem on three grounds:
- “Everybody does it”, in the sense that any email provider who is running virus or spam filters at their edge are in essence scanning every inbound email. This is true, but only in the sense that they are actively seeking to separate noise, which costs everybody, including the recipient, from signal – stuff the recipient wants to receive. They are not parsing non-infected, purportedly non-spam email. Let’s call it “real email”. They aren’t parsing, and cataloging your real email based on its contents.
- It’s free so shut up. For most gmail users, this is true. But they should also realize that if they don’t want to shut up about this, then the correct response is to move one’s email away from Gmail and pay a provider you trust not to inspect and datamine your private and business correspondence.Remember the old adage: “If you’re not paying for the product, you are the product”.
- If you have nothing to hide you have nothing to fear. Often quipped by people who have never read a history book. There isn’t much to say about these unfortunates other than, go read a few.
I frequently recommend the biography of Joseph Fouché, the man who ran Napoleon’s secret police, who also cast the deciding vote to behead King Louis XVI. He is credited therein with having invented the modern police state as we know it. If you want to see a long trail of people who had nothing to hide become separated from their wealth, their liberty and their heads… start there.
What to do about it
Maybe you know all this and you really don’t care, and that’s fine. As long as your cultural choices and your political beliefs and your lifestyle match the accepted norms of a rapidly shrinking Overton Window of what constitutes “acceptable”, then you shouldn’t have to worry about anything. Really.
If you’re an easyDNS client and you use Gmail, you should probably be made aware that many of the domain packages here come with email hosting included. If you have lots of historical email at Gmail (or anyplace else) you can use our IMAP migration tool to painlessly copy everything over from Google, except, alas, your purchase history.
Encrypted Email Forwarding: If you must use Gmail, or any other third-party provider, and you are email forwarding through your own domain to those destinations should also mention, easyDNS has been offering a unique feature for years where you can enter your public GPG key into your mailmaps and we’ll use it to encrypt your email messages before we forward them to their ultimate destination. It’s not an end-to-end encryption methodology, but it does cover your data-at-rest. (Learn more).