Uproar following Google's recent disclosure that email users should have 'no legitimate expectation of privacy' begs critics to question—with the rise of big data and the surveillance state—is any of this really a surprise? Does there remain any reasonable expectation of privacy over electronic communication, especially in the United States?
Just as a sender of a letter to a business colleague cannot be surprised that the recipient’s assistant opens the letter, people who use web-based email today cannot be surprised if their emails are processed by the recipient’s [email provider] in the course of delivery. Indeed, ‘a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.'
While critics and media outlets have reacted with shock, others are saying the disclosure is nothing we don't already know.
The text actually comes from the 1979 U.S. Supreme Court case Smith v. Maryland, in which a phone company was accused of wiretapping. That ruling states the court “consistently has held that a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.”
That third-party precedent has long been cited by government officials as support for the constitutionality of Section 215 of the Patriot Act, which enabled the National Security Agency to order the release of all Verizon customers’ call information.
Ruminating on why something put forth in the company's public rules would now create such a furor, PC World's Jared Newman writes that these procedures "might have seemed okay back when we figured the government needed a warrant to get users' data, or was at least narrowly restricted in what it could get without one."
But now, he adds, "there are all sorts of scenarios in which the NSA can sift through users' personal data, even if they are inside the United States and not suspected of a crime."
Last week, the founder of the encrypted email service Lavabit, Ladar Levison, elected to shutter his company rather than disclose users' personal information to the U.S. government.
"I think you should assume any communication that is electronic is being monitored," said Levison in an interview this week.
Phil Zimmerman, creator of email encryption software Pretty Good Privacy (PGP) told Gigaom in a recent interview that the issue goes beyond surveillance, but begs the larger question of whether or not users can expect privacy rights at all with the rise of the 'big data' companies, such as Google. He said:
Big data intentionally creates a concentration of data and has a corrupting influence. It really concentrates the power in the hands of whoever holds that data — governments, companies. The PC revolution of the late 1970s and 1980s and the later early Internet (of the 1990s) seemed to hold so much promise and empowered the individual. Now with big data there is a shift of power in the other direction as it concentrates power in fewer hands.
These companies are very big. What would be better is if there is a pushback in the public policy space to change the way things work. We shouldn’t have the shockingly pervasive surveillance system and infrastructure.
As PC World's Jared Newman argues, the legal texts are beside the point. "We gave up our 'legitimate expectation of privacy' when we let the government greatly expand its surveillance powers. In citing an old Supreme Court case, Google is just reminding us of what we should already know."