Google finally admitted what most of us figured they were doing all along–selling our Gmail data to third parties. That’s right. The company for whom Sergey Brin famously claimed they would “do no evil” has been mining your data for dollars. The Wall Street Journal figured this out in July (2018), leading the US Congress to ask Google for an explanation. Google unapologetically admitted to this practice and doubled down by claiming users agreed via mandatory opt-outs. You know–permissions buried in a continuous avalanche of new feature notifications requesting updated settings.
This blog has warned readers in the past that any public email service should be treated with caution when transferring content (like your personal email) through those servers or via their web clients. Once data leaves your private network–it is public. Period. There is merely a faint hope that those public services keep your credentials private.
The most secure form of email is still the private network email server locked behind a stout firewall–something that most mortals can’t or won’t foot the bill for. The next most secure form of email is the use of a public web hosting service located on a registered domain with private credentials. This doesn’t guarantee that the service won’t mine its servers for user data to sell to third parties, but doing so should be a lot more difficult. The least secure is a public email service like that offered by Gmail, Hotmail, verizon.com, or others. You just don’t own any of the data you transfer through those services and therefore cannot expect any privacy.
Google’s privacy model has broken down across all fronts. For example, a security researcher revealed recently that the Chrome browser involuntarily shares your browser history when you access the Gmail app. The company was again unapologetic–it sniffed via a blog post that Chrome is not a browser, but a service that includes a browser and thus it should be expected that all data is share among Chrome’s individual apps–and thus Google’s servers themselves.
This blog has previously recommended against using the Chrome browser because of its intense use of system resources. The browser and its many appendages are the worst form of officially sanctioned bloatware. Now with the revelation that Chrome is being used to mine your personal data for money we have another reason against its use. Keep in mind that if Chrome is installed on your machine, it may be already logging itself in even without your knowledge. You should un-install Google’s software as soon as practical. Need another browser? Check out some options here.
It is useful to remember that anything sent over the Internet is public forever. And not just my blog posts, your Facebook history, or your kid’s Instagram posts. Everything. Act accordingly.