The line between business and marketing email is often blurred and what affects one, nearly always affects the other. Not surprisingly, privacy — and the lack thereof — is of heightened concern to businesses and individuals alike these days and, with new and frequent discoveries concerning alleged abuse by both government and private agencies, shows no signs of diminishing.
Google is on the hot seat
It’s easy to despise Google. The company is a ridiculously successful behemoth that collects an immeasurable amount of data they then choose to use, sell, share and — seemingly arbitrarily — withhold in their quest to profit from what many recipients of email believe to be private thoughts, browsing experiences, correspondences, search phrases, and more.
In two separate cases, Google’s collection and use of email data is being challenged.
In the first, a group of private email users have claimed Google illegally intercepted, read, and mined information from their private email correspondence in order to better understand the recipient’s profile and deliver targeted advertisements. [Wait. That sounds a bit like what I do as a marketer… ]
In September, California Judge Judy Koh rejected Google’s bid to dismiss the case based upon their argument Gmail users had agreed to allow interception by accepting the company’s terms and privacy policies.
As the legal wrangling ensued, the lawsuit lost a bit of steam when the judge ruled these plaintiffs could not band together in a class-action suit because the proposed classes of people in the case aren’t sufficiently cohesive. Her ruling may well impact a number of other email-privacy cases in which she will be asked to rule, including lawsuits against Yahoo and LinkedIn. (In other cases, Facebook and Hulu are defending their right to monetize their members’ data.)
In a submission to the court, Google has said users of Google’s email service Gmail should have no “legitimate expectation” that their emails will remain private. A “stunning admission” of the extent to which internet users’ privacy is compromised, proclaims Consumer Watchdog (CW), a US pressure group.
This causes me to ponder: Yes, of course, Google collects more information than we do — but is it simply because they can? If we, as marketers, had the ability to collect to the same degree, would we? Is the difference between Google and my company the temperance with which the small business (compared to the conglomerate) would collect? As I said in my last blog, Spider Trainers — and other marketers — should proceed carefully, respectfully, and exercise care in not just what to collect, but how to use it; but is that a distinction without a difference to the average recipient?
In a similar lawsuit, students in California have come toe to toe with Google claiming the company’s monitoring of their Gmail violates federal and state privacy laws. This case, being heard by the U.S. District Court for the Northern District of California, was brought by nine students whose emails were subject to Google surveillance because their accounts were provided in part by Google in their Apps for Education suite; a suite touting more than 30 million users worldwide, most of whom are students under 18.
Google admits to scanning student emails to serve students targeted advertisements even though display ads are not shown in Apps for Education. Contained in a sworn statement, Google “does scan [student] email” to “compile keywords for advertising” on Google sites.
What’s different about this case is the age of the typical recipient. FERPA (Family Educational Rights and Privacy Act) issued in 1974, ensures the privacy of records of students under the age of 18 and, as big as Google is, they should not be immune to legal constraints of this act. Like the previous case, the students are seeking class-action certification for the case.
This begs the question: Are marketers immune? Perhaps in our B2C events, we too must be mindful of the age of our audience. Certainly we know that we are collecting more than most of our recipients imagine. What preteen suspects that emails from her favorite store are actually vehicles for accumulating information about her buying behaviors in order to send her more relevant email offers?
The pivotal topic in many of these Google and Gmail users discussions should be this: Even if the sender understood and agreed to the terms and conditions, that consent could not and should extend to the recipient who has not consented and who is probably unaware their data and profile is being assimilated from these communications. The Electronic Privacy Information Center (EPIC) is also concerned about Google’s ability to build detailed profiles of Gmail users by augmenting email-collection data with information collected by Google’s search-engine cookies, though Google denies such cross referencing occurs.
For most adults, searches are easily defined. If law enforcement suspects us of wrongdoing, they get a warrant, search our house, our car, our locker, and then seize the evidence of a crime. With an email account — be that Gmail or any other — it’s different. Emails are seized first and then searched for evidence. It’s similar in approach to the argument of the Obama administration for collecting every American’s phone records — law enforcement doesn’t know what is relevant until they have reviewed it all. In other words, it’s a fishing expedition on a grand scale.
So, it’s not just the private sector misbehaving if a federal judge has found it necessary to admonish our own justice department for requesting overly broad searches of people’s email accounts — nearly all of whom have never been accused of a crime. It’s widespread, but worse; all data collectors are at risk of being painted with the same brush. It’s coming to this: If you’re collecting data, you must be committing some sort of offense in the form of invasion of privacy, and perhaps even acting illegally. [Wow! All I wanted was to send you a personalized dog food coupon because you have three mastiffs and a poodle named Fred, Pete, George, and Ginger.]
In this case against the justice department, Judge Facciola concluded prosecutors must show probable cause for everything they seize — especially since it is possible for companies to easily search for specific emails, names, and dates of content relevant to an investigation. It’s therefore not necessary to ask for all electronically stored information in email accounts, irrespective of the relevance to the investigation.
It’s going to become necessary to become educators — we marketers must educate our clients on appropriate collection and use in order to delineate what we do from what is happening with Google, NSA, Yahoo, and others. Without our input, and our self-regulation, it is quite possible that we will be spoon-fed rules of engagement — and likely that those rules will reduce future access to less than what we have now.
With the caching of images and relegation of email to specific tabs, Google is already getting in between us and our recipients by intercepting data to which we’ve already become accustomed. It’s a slippery slope to be sure, but we do have an opportunity to steer this downhill roll in a direction that will protect our ability to be good marketers in a healthy balance with the privacy of our recipients.
In other news…
In an ongoing case, a U.S. appeals court has again rejected Google’s argument that it did not break federal wiretap laws when it collected user data from unencrypted wireless networks for its Street View program.
In the U.K., the High Court ruled Google can be sued by a group of Britons angered when using Apple’s Safari browser by the way their online habits were apparently tracked against their wishes in order to provide targeted advertising. Google asserted the case is not serious enough to fall under British jurisdiction.
Microsoft is feeling the heat after acknowledging it read an anonymous blogger’s emails in order to identify one of their employees suspected of leaking information. The FBI was involved only after the emails had been read.