Privacy is important to everyone, especially to the people who are in charge of protecting it. When we evaluate new technology privacy is the first thing that we look for. In short, privacy matters. Particularly so when we decide to change major systems or technologies that we rely on every day. The Information Technology (IT) and Communications Offices have been working over the last several months to migrate all of our internal e-mail accounts to the Google Apps system.
During this migration we have received a lot of good questions about issues of privacy and the overall Google system. After answering several excellent questions on this new system, we decided to put together a comprehensive article to answer these questions for everyone. Many of the questions that we received were regarding Google reading our e-mail and keeping track of everything that we do online. Let’s take a few minutes to figure out exactly what Google does with all of this data.
So, what kinds of information does Google track? Let’s start with the Google Apps Privacy Notice:
- You need a Google Account to use Google Apps. Google asks for some personal information when you create a Google Account, including your alternate contact information and a password, which is used to protect your account from unauthorized access. A Google Account allows you to access many of our services that require registration.
- If you use Google’s domain registration services as part of Google Apps, we also ask you to provide accurate information for your domain registration record, including contact information.
- When you use Google Apps, Google’s servers automatically record certain information about your use of the services. Similar to other web services, Google records information such as account activity (including storage usage, number of log-ins), data displayed or clicked on (including UI elements, ads, links); and other log information (including browser type, IP-address, date and time of access, cookie ID, and referrer URL)
- Log information – When you access Google services via a browser, application or other client our servers automatically record certain information. These server logs may include information such as your web request, your interaction with a service, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser or your account.
- User communications – When you send email or other communications to Google, we may retain those communications in order to process your inquiries, respond to your requests and improve our services. When you send and receive SMS messages to or from one of our services that provides SMS functionality, we may collect and maintain information associated with those messages, such as the phone number, the wireless carrier associated with the phone number, the content of the message, and the date and time of the transaction. We may use your email address to communicate with you about our services.
- Location data – Google offers location-enabled services, such as Google Maps and Latitude. If you use those services, Google may receive information about your actual location (such as GPS signals sent by a mobile device) or information that can be used to approximate a location (such as a cell ID).
- Unique application number – Certain services, such as Google Toolbar, include a unique application number that is not associated with your account or you. This number and information about your installation (e.g., operating system type, version number) may be sent to Google when you install or uninstall that service or when that service periodically contacts our servers (for example, to request automatic updates to the software).
At first reading this list appears to be daunting. Why would you ever want to use a service that collects so much data? Keep in mind that your favorite websites, your Internet Service Provider (ISP), the Federal Government and even your local bank tracks the same (or similar) amounts of data about you without you even knowing it. If a company that you do business with has a computer, it’s likely tracking your information this way. It is also important to remember that you may not be using all of the services that are mentioned in this list.
Does Google Read My E-mail?
Does Google read your e-mail? Well, the short answer is yes. Let’s take a minute however to see how they read it and who “they” are. The Gmail system is for personal e-mail accounts using gmail.com e-mail addresses. This is a separate service from the Google Apps system that the Conference is using. In order for the Gmail system to remain freely available your e-mails are searched so that targeted advertisements can be delivered to your inbox. These ads are fairly unobtrusive and are a small price to pay for an excellent free service. You should know however, that any Internet Service Provider (ISP) can do the same thing (Hotmail, Yahoo, America Online (AOL), The Conference, etc…). This is the nature of e-mail. It has been this way since the beginning and it will always be this way. Instant Messaging can be read the same way.
You are going to see ads in the Gmail.com system no matter what your preference is. Given that fact, is it better to see carefully targeted and relevant ads, or advertisements for products that have nothing at all to do with you? Who knows what you will see?
Now that we have that out of the way consider that there are many thousands of e-mails and instant messages passing across the Google servers (or any other mail provider’s servers) every second of every day. With traffic of that magnitude, our messages just aren’t that interesting to the people that oversee the systems. Unless you are being watched by law enforcement for some reason, they aren’t likely to care very much about your individual messages. It is important to remember that there is not a Google employee sitting down with their morning coffee to read all of your e-mail (or a Conference employee for that matter). These are spiders (tiny programs that search your e-mail – just like when you search for websites) that are gathering keywords when you open a message and downloading the appropriate targeted advertisement.
One of the benefits of the Conference using the Google Apps system is that we do not have to make use of targeted advertising. As such, Google does not have much incentive at all to read our e-mail messages. The Google Apps product is subscription based, not ad based. We are fortunate to not have to pay for licenses as a non-profit organization, but there are many organizations that are paying for the ability to disable the advertising robots. If there is a specific issue that needs to be addressed then Google’s support staff may look at a few messages for troubleshooting purposes. Otherwise they are spending their time making a solid product even better.
You Have Choices
As with most things in life you have choices. If you do not want Google to serve you targeted advertising along with your personal Gmail.com account then you can either not use the Gmail system or download your e-mail using a desktop client. Remember that the Google Apps accounts (ie. your nccumc.org e-mail address) does not use the targeted advertising system. As such, you can leave your e-mail on Google’s servers and their ad robots will not look through the messages.
As you can see from my dashboard I can easily understand where my data is and control it. There are a few other ways in which you can control the way in which you interact with Google. Here are a few options:
- Google customizes your browsing experience by using a tracking cookie on your computer. This cookie allows them to customize advertisements and search results to better match what you are doing online. You can find out more about this service and opt out if you wish to by clicking this link.
- Customize your Google Advertisement preferences (and opt out if needed) by clicking this link.
This is an excellent overview of the Google Dashboard:
Google Privacy Center
- Use information to provide our users with valuable products and services.
- Develop products that reflect strong privacy standards and practices.
- Make the collection of personal information transparent.
- Give users meaningful choices to protect their privacy.
- Be a responsible steward of the information we hold.
This video helps to describe these principles in action:
How Do Other Websites Handle Privacy?
Here are a few other websites you may or may not use with links to their own privacy policies and resources:
It’s Ultimately Up To You
At the end of the day, the decision to trust an online provider of services (Google, Amazon, Facebook, Microsoft or any other vendor) is ultimately up to you. At the North Carolina Conference we feel that by migrating our messaging and collaboration systems to the Google Apps system we are taking advantage of significant functionality. While there is some privacy trade off, we do not feel that the privacy costs outweigh the functionality benefits. Of course, you will have to make the final decision on your own. We are using many of the Google products and services internally and we hope you will decide to do the same as well. Whatever you decide, the key is education. Before you make a website like Facebook the place where you store all of your thoughts and memories online, be sure that you understand their privacy policies. The golden rule for online services is this: If you don’t agree with a policy or feel that a website or service is not adequately protecting you then don’t use it.
Top image provided by opensourceway.