Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google Pushing Back On Law Enforcement Requests For Access To Gmail Accounts

samzenpus posted about a year and a half ago | from the for-your-eyes-only dept.

Google 75

Virtucon writes "Ars technica has an interesting article on how Google is handling requests from law enforcement for access to Gmail accounts. With the recent Petraeus scandal where no criminal conduct was found, it seems that they're re-enforcing their policies and standing up for their users. 'In order to compel us to produce content in Gmail we require an ECPA search warrant,' said Chris Gaither, Google spokesperson. 'If they come for registration information, that's one thing, but if they ask for content of email that's another thing.'"

cancel ×

75 comments

Duplicate? (1)

Anonymous Coward | about a year and a half ago | (#42679345)

Re:Duplicate? (0)

Anonymous Coward | about a year and a half ago | (#42679411)

That's what I thought and flagged it as such on the submissions page.

Re:Duplicate? (2)

Yebyen (59663) | about a year and a half ago | (#42679511)

I don't think it's a dupe, granted I have only read both summaries and neither article, but the links are different and the headline text is certainly not the same. Two "Google Saves Your Privacy Heroically" articles in as many days, though. You would think they were trying to tell us something.

Re:Duplicate? (1)

Anonymous Coward | about a year and a half ago | (#42679551)

They're both referring to the same 'Transparency Report'. Not duplicate articles, but duplicate story.

Google War (-1, Offtopic)

andrewblaine (2822269) | about a year and a half ago | (#42679427)

I hope Google will not give any information regarding anybody account.What they think they ask Google for information and Google will give them easily..... http://goo.gl/DbOsC [goo.gl]

Re:Google War (2)

Dins (2538550) | about a year and a half ago | (#42679817)

This is spam - link is not related to this article.

service centralization = bad idea (3, Insightful)

Anonymous Coward | about a year and a half ago | (#42679477)

Email and other services are way more robust when there are many providers, because there is not one central point for a government to apply pressure. In the 1990s everyone got email through their ISP, and there were a million little ISPs all around.

Now, there are fewer ISPs, and even though they all still provide email via the standardized protocols, everyone ignores that and uses webmail... and most of them use Google. Having the whole world's email in one place is a bad idea. It means there's one place to, say, block encryption if the powers-that-be decide they really should be able to read *every* email. It means there's just one place to censor. Just one place to move away from standard protocols to achieve lock-in.

The entire concept of the internet was about decentralization to achieve robustness. Once, robustness in the face of nuclear war, but it also provides other kinds of robustness, like robustness against censorship, against control, and against monitoring. Now, for some bewildering reason, we want to discard the robustness of decentralization and put all our eggs in one basket. I do not understand why everyone prefers that.

Re:service centralization = bad idea (3, Interesting)

adamjgp (1229860) | about a year and a half ago | (#42679851)

Users are going to choose the service that best fits their needs. If there were other options out there that offered services similar to gmail, and were widely advertised and known to the public, then email usage would be more distributed. Also, there's the perception that your email address gives others [theoatmeal.com]

Re:service centralization = bad idea (1)

Bam_Thwok (2625953) | about a year and a half ago | (#42680235)

Because GMail is more convenient to use and feature rich than running your own server, which you are still perfectly free to do.

Re:service centralization = bad idea (1)

BlueStrat (756137) | about a year and a half ago | (#42683767)

Because GMail is more convenient to use and feature rich than running your own server, which you are still perfectly free to do.

Well, "free to do" if you pay for a commercial/business-class account with an ISP, and then one usually must make several calls to get them to open up the ports for your mail server(s).

Your mail server is also likely to get on anti-spam blacklists and be filtered by mail services like Yahoo as well. Running small, private mail servers is generally discouraged among private individuals.

Strat

Re:service centralization = bad idea (0)

Anonymous Coward | about a year and a half ago | (#42688779)

turn in your geek card, running an emailserver is not exactly quantum mechanics.

once configured running a linux-emailserver is as much work as ssh-ing in every once in a while to run apt-get

Re:service centralization = bad idea (1)

BlueStrat (756137) | about a year and a half ago | (#42688851)

turn in your geek card, running an emailserver is not exactly quantum mechanics.

once configured running a linux-emailserver is as much work as ssh-ing in every once in a while to run apt-get

You need to turn in yours instead, as you fail at reading comprehension.

"Running" the server itself isn't the issue. Whether you'll actually be able to have it receive and send mail because of ISP port blockages and/or anti-spam service blacklists is.

If you aren't aware of these common hazards/problems with running your own personal mail server, you likely never had a geek card to begin with.

Strat

Re:service centralization = bad idea (5, Insightful)

IndustrialComplex (975015) | about a year and a half ago | (#42680483)

I do not understand why everyone prefers that.

I wanted to run my own email server. However, I do not do IT for a living. That's not a problem, most people say, email servers are simple. I agree, opening up the port and running a server would be simple, but what would crush me is trying to keep that server secure, and my email mostly free from spam.

I just don't have the time to setup the server properly, with subscriptions to spammer blacklists, maintaining security patches, and the whole slew of work required to make that simple email server something that would work for me.

I found that my old gmail account generally worked well with regard to keeping spam away from my account, and I never had to worry about making the server secure. So I signed up for google apps (back when it was free for small users), and setup my domain to use google to host my email.

Now I have all the email addresses I want, associated with my domain, and google handles ALL the annoying work of maintaining the server, handling security, general administration and so on. I can be reasonably assured that whenever I want to access my email, I will be able to via a simple web browser. I don't need to worry that my ISP is crappy, or blocking me, or that I had a power outage at my home.

For me, that amount of time savings and convenience is well worth the tradeoff that someone in the government could gain access to that specific email address' contents.

And most importantly, nothing prevents me from creating or using a throw-away email address on another site if I wanted more obscurity. Privacy, unfortunately, requires a proactive effort, but the benefits I receive from a centralized, managed, and to date uncensored email service currently far outweighs the current drawbacks. If that ever shifts in the other direction, as I mentioned, nothing is really preventing me from just dropping google.

Re:service centralization = bad idea (0)

Anonymous Coward | about a year and a half ago | (#42682165)

I wanted to run my own email server. However, I do not do IT for a living.

He's a witch!!!! Burn him!!!!

Re:service centralization = bad idea (0)

Anonymous Coward | about a year and a half ago | (#42685981)

Dude, just get some hosting for like 50 bucks a year. They take care of it for you - unlimited e-mail addresses, unlimited mailbox size, and Spam Assassin preconfigured...

I won't name my provider lest I be accused of astroturfing, but I've been doing this for about ten years...

Re:service centralization = bad idea (0)

Anonymous Coward | about a year and a half ago | (#42688831)

> I just don't have the time to setup the server properly, with subscriptions to spammer blacklists, maintaining security patches, and the whole
> slew of work required to make that simple email server something that would work for me.

setting up the server is easy:
1) get a domain name
2) get a debian vps (5 eur a month should do it)
2) install postfix dovecot and if you want webmail squirrelmail or roundcube
3) spend an hour configuring your server and dns, hell make it up to a day if your completely new at it

Regarding spam:
- you don't need blacklists, just set up a filter to redirect every mail from someone not in your adresbook to a different folder.
- For another 5 minute fix, install postgrey so your mailserver rejects all mail from unknown mailservers the first time, and only accepts it after the first resend (that's a line change to your postfix config, and it eliminates virtually all spam-bots)
=> you've just solved the spamproblem

as far as security:
- running apt-get update regularly is not exactly quantum mechanics
- set up ssh for 1 particular non-root user only
- make sure all non-email ports are closed on your server

non of it is quantum mechanics

Re:service centralization = bad idea (1)

tehcyder (746570) | about a year and a half ago | (#42689269)

Alternatively, you could use a simple webmail service, such as Gmail.

Who cares about email now anyway?

Re:service centralization = bad idea (1)

Gr8Apes (679165) | about a year and a half ago | (#42698673)

Alternatively, you could use a simple webmail service, such as Gmail.

Who cares about email now anyway?

Apparently Google does

Re:service centralization = bad idea (1)

everflow (635196) | about a year and a half ago | (#42689083)

If that ever shifts in the other direction, as I mentioned, nothing is really preventing me from just dropping google.

If that ever shifts you can drop Google only for future emails.

When the shift comes (e.g. sudden government interest in your person) there will be much information at Google already you may not want to share: who your friends are, business contacts, personal views, ...

Runmail will provide this service (0)

Anonymous Coward | about a year and a half ago | (#42699717)

As will many others. For a fee. And then only you read your email.

Re:service centralization = bad idea (2)

tehcyder (746570) | about a year and a half ago | (#42689245)

I do not understand why everyone prefers that.

Convenience. Plus most people don't give a shit if the government reads all their emails anyway. I realise this isn't sufficiently paranoid for slashdot, but it's how the vast majority of people behave. How many people bother to encrypt their emails for instance?

Also, if I was planning to overthrow the government, stage an armed robbery or even (if I was a public figure) conduct an extra-marital affair, I certainly wouldn't use email to exchange details with anyone about it.

What about contacts graph? (5, Insightful)

140Mandak262Jamuna (970587) | about a year and a half ago | (#42679557)

OK registration info on gmail is like the address on the envelop of a letter. It is not private, the mail man has to read it to deliver the letter. So yes, ok, google shares registration freely.

Contents are private, post office does not read it, and you need a warrant from a court to intercept and read mail, so google demands a warrant for contents of email. OK fine.

Now, in each letter, the from address and the to address are open in the public. Technically the post office could build a graph of who communicates with who and how frequently using just the public information. But it is expensive, painful and so USPS does not do it. Or I think it does not do it. But it is trivial for gmail to build all people who correspond with me, and rank them by the frequency of communication. In fact it already does, it suggests a CC list based on the addresses in the To list. Is it considered public information? Would google share it with the government without warrant? Or would it require a warrant?

Re:What about contacts graph? (1)

Sockatume (732728) | about a year and a half ago | (#42679693)

It just occurred to me: does a Gmail message ever reach the public internet when it's sent to another Gmail user?

Re:What about contacts graph? (-1)

rioki (1328185) | about a year and a half ago | (#42679881)

Stupid question. Does an email reach the "public" internet if it is sent to the same domain. Except for some weird MTA agent configurations, the STMP server that receives your email for sending is the same that handles mailboxes. Why should it be different at google? Chances are it is never even transcribed to STMP and just a database entry.

Re:What about contacts graph? (1)

Sockatume (732728) | about a year and a half ago | (#42680027)

That's what I thought but I was curious, you patronising ass.

Re:What about contacts graph? (1)

Bearhouse (1034238) | about a year and a half ago | (#42685017)

Well, not just an ass but also lacks imagination. Since many people pick up their Gmail via POP or IMAP then, regardless of whether it's from the same server or not, it still goes through the 'public' Internet, (not via VPN, but at least they support secure connection).

In another post somebody said that "most" people access Gmail via web interface...eh? Everybody, yes everybody, I know also gets their Gmail on their BB/iThing/Android/Outlook/whatever...

Re:What about contacts graph? (3, Interesting)

NatasRevol (731260) | about a year and a half ago | (#42680223)

Stupid answer.

How many mail servers do you think Google has? Lots. Geographically distributed.

And guess where the traffic goes to get from one to another? Public internet.

Re:What about contacts graph? (1)

KiloByte (825081) | about a year and a half ago | (#42680395)

At least, when it comes to Google, there's at least a good chance the data travels between their data centers encrypted.

Re:What about contacts graph? (0)

Anonymous Coward | about a year and a half ago | (#42680827)

And guess where the traffic goes to get from one to another? Public internet.

Really? You know for a fact it's going over the open internet and not over a leased/statically routed private connection?

Re:What about contacts graph? (1)

NatasRevol (731260) | about a year and a half ago | (#42681875)

To every Google data center? Very likely not.

Re:What about contacts graph? (1)

SecurityTheatre (2427858) | about a year and a half ago | (#42684059)

Every reputable company implements a VPN, MPLS or something similiar for internal traffic between their remote locations.

I would be completely shocked if they did not. Router management traffic or log data dumps, for example, is completely inappropriate over the broader Internet.

Now, it's possible that some traffic between datacenters is using public pipes, but I would think they have it set up to prefer internal VPN or MPLS or other private circuit arrangements between their own locations.

Re:What about contacts graph? (1)

sjames (1099) | about a year and a half ago | (#42682875)

It could be over leased line or VPN, but for security purposes, assume public internet.

Re:What about contacts graph? (1)

TheGratefulNet (143330) | about a year and a half ago | (#42681363)

so, you think that from one data center to another is always a public network?

(who's the stupid one here?)

Re:What about contacts graph? (1)

NatasRevol (731260) | about a year and a half ago | (#42681897)

I'm pretty sure that ALL of Google's data centers that contain mail servers are not privately connected, yes.

Re:What about contacts graph? (0)

Anonymous Coward | about a year and a half ago | (#42680269)

Stupid question. Does an email reach the "public" internet if it is sent to the same domain. Except for some weird MTA agent configurations, the STMP server that receives your email for sending is the same that handles mailboxes. Why should it be different at google?

Actually, you provided a stupid answer.

It is extremely common in a given email domain that the sending SMTP server is different from the receiving SMTP server, unless you are a tiny little email operation that runs everything on one server with no redundancy.

Further, google is big. Mind-bogglingly big. Google has millions of servers, and the server where email originates is very likely not the destination server. Plus, google replicates a lot of data between servers & datacenters.

Does all this google traffic this cross the public internet? I dunno, but I suspect much of it is on dedicated google fiber.

Re:What about contacts graph? (0)

Anonymous Coward | about a year and a half ago | (#42681865)

Stupid question. Does an email reach the "public" internet if it is sent to the same domain. Except for some weird MTA agent configurations, the STMP server that receives your email for sending is the same that handles mailboxes. Why should it be different at google? Chances are it is never even transcribed to STMP and just a database entry.

It's SMTP, dumbass. Simple Mail Transfer Protocol.

Re:What about contacts graph? (1)

wonkey_monkey (2592601) | about a year and a half ago | (#42679699)

Now, in each letter, the from address and the to address are open in the public.

Is a from address mandatory in the US?

Re:What about contacts graph? (1)

kidgenius (704962) | about a year and a half ago | (#42679835)

No. It's just a backup in the case where you didn't put enough postage on the mail, or it can't be delivered to the "To" address for a number of reasons.

Re:What about contacts graph? (1)

adamjgp (1229860) | about a year and a half ago | (#42679897)

No, you can leave off a return address on the letters you mail out, but each letter is stamped with the ID of the post office that processed it which can help narrow down where the letter came from. [wikipedia.org]

Re:What about contacts graph? (1)

WillAdams (45638) | about a year and a half ago | (#42679961)

Only on certain types of mail:

http://pe.usps.com/text/qsg300/Q602.htm [usps.com]

(those qualifying for reduced rates for being non-profit, &c.)

If one pays full postage, no return address is necessary.

Re:What about contacts graph? (0)

Anonymous Coward | about a year and a half ago | (#42679929)

This is a tricky thing.

It's different, say, than the phone company hooking up a "pen register" to your phone which records who you call, but not the content of the call. It's something that does require a warrant or court order, but only if it's the government. That is, the phone company is free to sell your called numbers list to someone. "transactional data" as opposed to "content" is the key. A notable exception to the "transaction data can be disclosed, except to government" is that cable TV companies and video rental stores cannot disclose information about what you watch, whether live or "pay-per-view".

There's a lot of information collected in the US that you can just buy, as opposed to using a warrant (although often, a warrant might be less expensive). Does gmail's ToS say that they will keep your to/from info confidential?

Would google see this as something that is worth more to monetize or would it annoy its customer base? We KNOW that facebook sells this information, for instance.

Re:What about contacts graph? (1)

hedley (8715) | about a year and a half ago | (#42680201)

In this case though, Patraeus and Broadwell did not actually send but just left unfinished drafts. w/o a warrent, gmail still handed over the drafts, nothing to graph if it all just sits there 'unfinished'.

H.

Re:What about contacts graph? (1)

bill_mcgonigle (4333) | about a year and a half ago | (#42680407)

But it is expensive, painful and so USPS does not do it. Or I think it does not do it.

I never thought about that before, but those high speed scanning machines are doing OCR on the destination address, so the return address could be included as well. If the USPS were run like a company, they'd at least be using it for analytics and process optimization.

Re:What about contacts graph? (0)

Anonymous Coward | about a year and a half ago | (#42680417)

"OK registration info on gmail is like the address on the envelop of a letter... the mail man has to read it to deliver the letter."

You're either daft, or you're confusing registration information with header information.

Re:What about contacts graph? (1)

140Mandak262Jamuna (970587) | about a year and a half ago | (#42683045)

USPS will disclose the registration details of its P O Boxes. That is more than headers/addresses, that is registration info. In most cases USPS addresses are physical structures with public ownership records. Rental records can be subpoenaed from the owner. Even if the address is a maildrop like Mail Boxes Etc, they can be forced to disclose the registration info. So header information and chain leading all the way to the recipient of the communication is not covered by privacy laws. Only the actual communications is protected.

There is another interesting possibility. The contents of your letters sent through USPS is specifically protected by law. But I am not sure if the law extends to private couriers. Technically I am not sure you are guaranteed privacy of contents, if you use FedEx or UPS. What gmail is doing is exactly what UPS/FedEx are doing. What it can and cant do, what is protected and what is not all will depend on the precedents set for these private couriers.

Re:What about contacts graph? (0)

Anonymous Coward | about a year and a half ago | (#42680477)

When sending a letter through USPS you don't HAVE to give a return address. Also, what about BCC?

Re:What about contacts graph? (1)

darkmeridian (119044) | about a year and a half ago | (#42681017)

I believe that it doesn't matter what Google does. With all the wiretaps and Echelon type stuff going on, I would be surprised if the social graphs based on who is calling who does not include all email service by this point. Like you said, the sender and receiver are well-known, and if you have a MITM such as a slutty ISP who gives it up easily, then you really don't need Google or Yahoo to comply.

Re:What about contacts graph? (1)

Anne_Nonymous (313852) | about a year and a half ago | (#42681427)

>> Or I think it does not do it.

Letters are all machine processed anyhow. Wouldn't this be pretty easy to implement for most letters?

Re:What about contacts graph? (0)

Anonymous Coward | about a year and a half ago | (#42682525)

USPS might not build that contacts graph, but someone (pick your favorite three letter Fed entity) with access to the logistics data about that mail* sure as shit does.

Likewise, I am confident Google builds the email contacts graph (because its superb business data). I don't think they should be compelled to share that work product, and certainly not any analysis on top of it, but Uncle Sam may not agree.

*and sent-from-received-to certainly does get recorded for at least awhile.

Unless, of course, they get a Patirot Act request (3, Insightful)

Anonymous Coward | about a year and a half ago | (#42679563)

Patriot Act federal requests do not require a warrant and cannot be reported when served against a company like Google when serviced. Even A fast Google search reveals dozens of specific instances of Patriot Act abuse, and the law itself at http://www.fincen.gov/statutes_regs/patriot/ shows that it wildly exceeds any sane Constitutional interpretation.

Similar abusive laws in other countries mean that Google, forced to follow local law enforcement in numerous countries, is wide open to abusive but legal requests for private content. There seems to be no sign that they do more than provide more than the slightest lip service to genuine privacy concerns, and many of their business modes are based on *selling* information about their customers.

Re:Unless, of course, they get a Patirot Act reque (3, Funny)

Sockatume (732728) | about a year and a half ago | (#42679755)

Not "Patriot Act", it's the U.S.A. P.A.T.R.I.O.T. Act, and each of those letters stands for something, because US civil defense policy is now run by the marketing arm of Mattel.

Re:Unless, of course, they get a Patirot Act reque (0)

Anonymous Coward | about a year and a half ago | (#42682619)

Not "Patriot Act", it's the U.S.A. P.A.T.R.I.O.T. Act, and each of those letters stands for something, because US civil defense policy is now run by the marketing arm of Mattel.

If only. At least in that case, we would have fun things to play with in exchange for the freedoms we surrendered.

Re:Unless, of course, they get a Patirot Act reque (1)

KiloByte (825081) | about a year and a half ago | (#42680185)

Thus, I say that email must not be placed in a cloud. Some companies like Google try to be no evil but have little wiggle room -- the bad guys (yes, the current crop of governments work against rather than for you) can access your mail at a whim. Unless you use email only to send Christmas greetings to aunt Jane, you have private and/or business data that should not be viewable by third parties.

If you host your own mail server (even at home), the bad guys at least need an actual warrant, and can't do this without your knowledge. Sorry, but that's the only way.

Another problem, this time technical, is that DANE becomes an absolute must. Current schemes for TLS encryption for SMTP are bad jokes that give an illusion of security: all an attacked has to do to completely override any mail security is to have port 25 connections to go somewhere else. Opportunistic encryption helps only passive snooping, and in almost all cases where passive snooping is possible, active is a matter of slightly more effort. DNSSEC can be subverted by ICANN and your top level domain's registry, but unlike issuing a request to an ISP, this would be a major undertaking that's moderately easy to detect, and in cases it would matter, you can have your private trust anchors. Or, if your data is important enough that the spooks mess with ICANN, just use gpg.

Why I'm speaking about DANE/DNSSEC? Because once they're supported well in common MTAs, deploying them is a matter of a single easy action by a sysadmin.

The bad guys can still know the IPs of both parties, ie, whom do you send mail to. This is a harder issue, with no obvious drop-in solutions. You may use a .onion email address, but that doesn't work without setup on both sides.

Re:Unless, of course, they get a Patirot Act reque (1)

PTBarnum (233319) | about a year and a half ago | (#42680907)

I think you need to balance risks. If my mail is hosted outside my home, on my ISP or on Google, then it increases the risk of it being searched by the government without my knowledge. If I set up and run my own mail server on my own machine, then I need to correctly install and configure the OS and mail server and keep up with all the security patches and spam filters, or I severely risk having my mail accessed by script kiddies without my knowledge. Or maybe I will know about it because they'll reset passwords to all my other accounts and then delete my mail.

If given a choice between exposing my mail to government crooks or free enterprise crooks, I'll take the government.

Re:Unless, of course, they get a Patirot Act reque (1)

KiloByte (825081) | about a year and a half ago | (#42681813)

I need to correctly [...] keep up with all the security patches and spam filters

Uhm, and that's much work... how? You need to do a manual intervention once a couple years, to move to the next stable release. Security updates get pretty thoroughly tested (Microsoft aside...), so outside of especially complex deployments not having them as a cronjob tends to be a waste of time. Spamassassin updates its rules automatically, which is probably good enough if you don't feel like tweaking them.

Re:Unless, of course, they get a Patirot Act reque (0)

Anonymous Coward | about a year and a half ago | (#42681571)

No worries, your isp will just log your email anyway, and give the government full access whenever.

Re:Unless, of course, they get a Patirot Act reque (1)

KiloByte (825081) | about a year and a half ago | (#42682311)

That's why we need a way to force encryption, limitting their knowledge to just the source and target IP.

Re:Unless, of course, they get a Patirot Act reque (1)

tehcyder (746570) | about a year and a half ago | (#42689291)

Unless you use email only to send Christmas greetings to aunt Jane, you have private and/or business data that should not be viewable by third parties.

If you send emails without encryption, you should certainly limit them to not much more than Christmas greetings to aunt Jane. I assume that any email I send is as secure as a letter, since I can't be arsed with encryption. My bank wouldn't send me a new PIN on a postcard, but it certainly would in an envelope.

Re:Unless, of course, they get a Patirot Act reque (1)

undeadbill (2490070) | about a year and a half ago | (#42681711)

And, in fact, they have NEVER fought one of these requests. Ever. The only ISP operator to fight one of these requests is Nick Merrill, and he had to enlist the ACLU and others just to get the right to be represented by an attorney, much less make his fight public. Otherwise, the only other people to fight these requests were a few librarians. Considering that these requests can actually dragnet in huge amounts of data from multiple accounts, I wouldn't feel so sanguine about Google's "pushing back".

I wonder if there was a drop off in .gov and .mil (1)

RevDisk (740008) | about a year and a half ago | (#42679659)

Most folks focused on the whole sex scandal part. Some folks focused on the operational security and the fact that the FBI tanked Petraeus with no charges filed. Some of those folks may control Google Apps for Government and choose alternative providers, in case it may be a point of failure in future bureaucratic turf wars. Sadly, yes, this sort of thing does happen.

But the cops don't NEED a warrant! (0)

Anonymous Coward | about a year and a half ago | (#42679711)

This summary is a bit loosely summarized. ECPA does not necessarily require a warrant. For this reason, Google is simply complying with ECPA and refusing to release details otherwise. Is this new?

Theft? (1)

CohibaVancouver (864662) | about a year and a half ago | (#42679885)

If your Chromebook is stolen, do you think Google should provide law enforcement with the details on the new account to which it's been associated? Or do you write off your $400 and move on...

Re:Theft? (0)

Anonymous Coward | about a year and a half ago | (#42684545)

Law enforcement doesn't give a hoot about your stolen crapbook.

Re:Theft? (1)

CohibaVancouver (864662) | about a year and a half ago | (#42684859)

That wasn't the question. Assuming they did, what's your answer?

Great way to win the trust of their users... (1)

japetto_bootsnakes (588410) | about a year and a half ago | (#42680319)

But I still wouldn't trust it.

TOO BAD (1)

Anonymous Coward | about a year and a half ago | (#42680533)

And WHO issues these warrants?

One of the reasons I don't use Google services. I don't recognize the 'ECPA search warrant'. the only warrant I recognize is a bonafide court issud warrant, issued by a bonafide seated judge. Anything else does not exist, and all access is denied.

WHY? (0)

Anonymous Coward | about a year and a half ago | (#42680563)

Why is registration information any different?

Need a mail server? (0)

Anonymous Coward | about a year and a half ago | (#42680567)

Sendmail is free, so is clamav and spamassassin. Get you an old raggidy PC and set that shit up. It'd take a novice PC user less than a day to do it.

If you read the above and feel like that's not for you, there are other email services out there that are paid for by the providers of the things that you buy.

Was there a story here...?

Weasel words... (1)

bagofbeans (567926) | about a year and a half ago | (#42680735)

In order to compel us to produce content in Gmail we require an ECPA search warrant

He doesn't explicitly say that Google doesn't produce content in Gmail without that warrant. Just that warrant compels them.

I'd be happy if he said "Google never produces content in Gmail without receiving a valid ECPA search warrant first"

Of course an NSL is the trump card...

Privacy? (1)

Big Hairy Ian (1155547) | about a year and a half ago | (#42680871)

Basically Google will protect your private data to the upmost of their legal ability from everyone except themselves and their clients :( /cynic

Re:Privacy? (1)

tlhIngan (30335) | about a year and a half ago | (#42681085)

Basically Google will protect your private data to the upmost of their legal ability from everyone except themselves and their clients :( /cynic

One could argue this isn't really about protecting your private data - it's just one of the times that Google's interest and yours align.

I.e., if Gmail started giving access to your email, then it devalues Gmail's service to that of other free email providers like hotmail and such - disposable email and spam box. Google doesn't want that because they get more analytical data if you start using GMail as your primary email. Plus of course, more eyeballs for ads - if it's your primary email, then you'd have windows open with ads showing all the time. If it was just your disposable email box, then most of the ads don't get eyeballs.

So it's in Google's interest to defend your Gmail account so you'd be more inclined to use it and give more information, analytics and eyeballs for it. Otherwise the ads Google shows would have to be paying a lot less money because the eyeballs that see it are of "lower quality".

Google privacy in a nutshell (1)

GodfatherofSoul (174979) | about a year and a half ago | (#42681141)

Yes, we're raping it 10% more times a day, but we're allowing a lot more content through.

As if one were different than the other. (0)

Anonymous Coward | about a year and a half ago | (#42681327)

I will quit email altogether if I have to.

Some people did not make the address first.last@retardedcorp.com for a reason.

The headline is a lie (1)

Anonymous Coward | about a year and a half ago | (#42681387)

Requirements from US's agencies done under PATRIOT Act are never accounted for on Google's Transparency Report, because they are issued along with gag orders. Google has never revealed how many of this did they fulfil, nor they do it now.
Cyrus Farivar's article on Ars Technica doesn't even mention PATRIOT Act, for a start - and when it refers to the break down of legal request types, we are linked to a Google page that breaks them down to three types - subpoenas, ECPA and other. Once again, PATRIOT Act request aren't even there.
I am deeply disappointed by this Ars Technica's article. It pretty much seems they completely forgot about this issue they previously cared for. It pretty much seems they are doing propaganda for Google.-Ignacio Agulló

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...