There's no free lunch when it comes to Google's Gmail

Privacy hubbub sparks online, but users aren't expected to ditch Gmail

There's no such thing as a free email service, at least not when it comes to Google, according to industry analysts.

Google got slammed this week after longtime Google critic Consumer Watchdog lit up the Internet by pointing out a legal argument that Google attorneys made during a class-action lawsuit about the company's practice of scanning Gmail messages for key words to help target advertising.

"Just as a sender of a letter to a business colleague cannot be surprised that the recipient's assistant opens the letter, people who use web-based email today cannot be surprised if their communications are processed by the recipient's ECS [electronic communications service] provider in the course of delivery," Google's attorneys wrote in a motion ( download PDF).

And then quoting a 1979 case, Smith v. Maryland, they added, "Indeed, "a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties."

When that comment became public, it unleashed an online firestorm about Google's privacy policies and a debate about whether people should expect privacy in their personal or business emails.

"We take our users' privacy and security very seriously; recent reports claiming otherwise are simply untrue," wrote a Google spokesperson in an email to Computerworld. "We have built industry-leading security and privacy features into Gmail -- and no matter who sends an email to a Gmail user, those protections apply."

Google doesn't have a roomful of employees sitting at desks reading everyone's personal Gmail messages. What the company does have is an automated delivery process that scans incoming emails for spam, viruses and keywords that help it target advertising to users.

That filtering process is laid out in Gmail's privacy policy.

"We also use this information to offer you tailored content - like giving you more relevant search results and ads," the company writes under "How we use information we collect" in its privacy policy.

"I think the real issue here is nave users thinking that they can get something for nothing," said Dan Olds, an analyst with The Gabriel Consulting Group. "Providers don't do anything for free. There's always an angle they're playing to either increase their revenue or profitability. And Google takes a back seat to no one when it comes to figuring out and exploiting all the angles. One of the best angles is using email contents to aim specific ads at users."

He added that it's a common practice for email service providers to scan messages for things like spam and advertising keywords.

"It's true that these are automated filters, not human beings, reading the emails and matching up the ads," said Olds. "I don't think consumers see this as a huge invasion of privacy, not because they don't have anything to hide, but mainly because they've never given it a thought. For most users, I think their main thought is "cool, free email" rather than "I wonder why this is free? What are they getting out of it?" "

Rob Enderle, an analyst with the Enderle Group, said he doesn't see this ruckus as something that will drive people to abandon their Gmail accounts.

"Free email is paid for in some way -- Google mines it, others use it as a way to sell you on additional services they provide. You pick your poison," he added. "The value of your profile is hidden from you and then you effectively exchange it for a set of services.... Google is incredibly profitable, suggesting that value is much higher than we likely realize."

Patrick Moorhead, an analyst with Moor Insights & Strategy, said that since people actively click a link or check a box saying they accept Google's terms of service, it's hard to complain when the company does what it said it was going to do.

"I do not think very many users will leave Gmail over this," he added. "As we have seen with other publicity over privacy [issues] with Facebook and other social media services, these flare-ups rarely result in lost users."

Enderle noted that people need to be more aware of what they're agreeing to in the first place.

"People should recognize that free comes with a cost," he added. "If they don't know what the cost is, it would be wise to find out."

Sharon Gaudin covers the Internet and Web 2.0, emerging technologies, and desktop and laptop chips for Computerworld. Follow Sharon on Twitter at @sgaudin, on Google+ or subscribe to Sharon's RSS feed. Her email address is

See more by Sharon Gaudin on

Read more about privacy in Computerworld's Privacy Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Consumer Watchdoge-commerceGooglesecuritye-businessinternetprivacy

More about ECSFacebookGoogleTopic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Sharon Gaudin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts