Business, Freedom and Privacy, Technology, Ubuntu

Is Gmail Safe to use ‘Just for Business’?

No.  Google is *not* safe to use ‘just for business’, I confirmed clearly today.

About seven or eight years ago when I moved my whole life over from proprietary operating systems to Ubuntu, I was still using services like Gmail, Google search engine, Twitter, and a few other ‘services’ like these every day within the Ubuntu environment.  Thankfully, I had the opportunity to hear first hand the following most unfortunate story from a German employee of the company that I owned at the time:

“My good friend was just about to get hired for the German police force. She passed all the physical exams and did all the other training courses.  There was no reason whatsoever that she should not have been hired.  This was her dream job.  Then, one day, she was sat down by the decision maker and in one sentence her dreams were crushed .  This is what they said:

“We are sorry but we cannot hire you.  You are connected via Facebook, to a known criminal.”

She explained that she didn’t even know this person beyond a hello in a bar and that he was in fact the friend of a friend, not her own friend.

Too bad.  So sad.  The end.  A dream crushed.

All because of Facebook’s most excellent free ‘social service’.

I immediately shut down my Facebook account and started warning everyone I know to do the same.

But Google and gmail remained.  Why?

Four main reasons: ignorance, habit, free (as in $, but not freedom), and monopoly of android OS

Slowly over time, I was able to able to get rid of the usage of Gmail and Google search in my daily life, but even now there are traces of these accounts because of my android mobile device(s).  Thankfully I’m now aware and nearly moved over to the much better Ubuntu mobile, but it takes time and even now for business I’m back and forth between systems while the kinks are worked out.  For an article about some bigger-picture reasons why you should start ditching Google, here is an article I wrote a while back.  The main reason was I could literally feel their peeping eyes when custom ads and subtle very suggestive marketing started showing up all around me in browsers, the inbox, and even in obviously targeted emails that I started receiving.  Everything was *very* tailored to my thoughts. Someone was *definitely* watching me.  And I I did not like the feeling.

But all of the above spew is just preamble to my main point which is to answer this question:

“Is it ok to use Google (specifically Gmail) if I only use it for business. “

To be honest, I’ve been a hypocrite.  I knew from my previous research and hours of time spent reading articles that Google is to be avoided at all costs because of the most glaring attacks on personal privacy in literally everything they do.  However, because I started a new company and the other founder was most comfortable with Gmail, I figured it wouldn’t affect us too badly if we just used it as a quick launching pad since we were in a mad rush to set up and he had configured this in the past for our former company.  I figured if I used it just in my Thunderbird email client and didn’t touch the webmail client that I would somehow be more safe from the peeping-tom eyes of Alphabet Corporation and it would not negatively affect me *personally* (i.e. at my personal residence) nor compromise my *personal* position and decision to live a life of privacy and quiet personal enjoyment.

I am sad to say, and not surprised to report that I was wrong and my error compromised my personal privacy and the privacy of my family and set me back many steps from the years of work I had invested in un-googling (or de-googling, whichever verb you choose).  And the way I figured it out happened in the most glaring way this morning – thankfully – or it might have taken me longer to figure it out (I wasn’t the fastest kid in school).

I was reading my Bible (very personal) and went to the normal site where I listen to an audio Bible.  Since I had un-Googled, the ads that appear in the main advertising pane of this site have always been very general.  They were relevant to the ‘general audience’ of a Bible reader. Example ads would be ‘Tour to Israel’ (Christians love those), Audio Bible on CD (not sure who would buy those but they are probably old), and the like.

But today was different – Very different.

Today the advertisement was for a hotel.  But not only is it odd that an advertisement for a hotel should show up, but it was not just any hotel.   It was a *local* hotel.  Huh? And not only was it a local hotel, but it was a very, very small boutique local hotel that nearly no one in the city even knows exists.  Huh???  But the part that really made me squirm was the fact that it was a hotel that I had *just* reached out to for a sales call for my new company – by email.   Ok.  Now I’m concerned.

And why am I bothered by this?  If you are asking this question you are likely thinking one or all of the following:

  • he probably sent them an email or sent an email about them from his Gmail (webmail)
  • he probably searched them first via Google search in a browser or used Google maps and Google tracked it
  • who cares?  I have these custom ads showing up around me all the time and I don’t mind. I have nothing to hide!

The last point was thrown in for fun and if you believe that you should close my blog post and go back to your fully compromised life – but don’t don’t say I didn’t warn you.  However, if you legitimately do want to live a more private life and be spied on less, and were assuming the first two bullet points above, to my surprise and to yours, you are wrong.

I have not *ever* opened my business email with Gmail web mail.  I have not done it once and definitely not from my home.

I have not *ever* searched this hotel with Google search engine, not even for a map (I use www.duckduckgo.com for my search engine which doesn’t track you)

The only place that I ever communicated about the hotel was by email, to the contact point at the hotel, using Thunderbird email client, from my home office.  The wild part is that I’m not exactly sure how they did it. I can only guess that the IP address of my computer (I sadly don’t use a VPN service yet because I’ve been too busy to figure it out) was attached to the email that I sent.  The email then went through the Google servers using the typical email server settings that are plugged into the Thunderbird email client, and then the body of the text (I sadly have not yet set up PGP encryption for the business email either – yes bad me) was analysed by Google.  Once the IP address was connected to the scanned text of the email body, it was sent off to it’s Google ad-words department where the appropriate advertisement was then pushed to my Bible web page as an advertisement when they saw me show up online from the same IP address of my home office this morning.

And the part that *really* chaps my hindquarters is the fact that we are *paying* Google for this email ‘spying service (corporate gmail)’ every month knowing full well that I’m not only participating in this spying, but also endorsing it.

I’m guilty of not putting more energy and effort into protecting myself and my family, but the global effort needs to start soon so that there is a critical demand for a better privacy.  Why is it that I feel that I am one of the odd ones out because I am making some effort?  Is it not possible for the average person to take what they see before their eyes and take small action steps about it?

“But I have nothing to hide!” 

Please take a moment to read these two articles from reputable sources:

http://www.wired.com/2013/06/why-i-have-nothing-to-hide-is-the-wrong-way-to-think-about-surveillance/

http://www.techrepublic.com/blog/it-security/why-nothing-to-hide-misrepresents-online-privacy/

Nothing to hide is pure bunk.  You simply don’t yet value one of the most fundamental *rights* available in our countries.  And if you do not begin to value it soon and help, you will lose this right and deeply regret it (think North Korea).

So, now I’ve confirmed my worst fear about using Google for business, even the paid corporate Gmail.  I’ve confirmed that Google is taking my business emails, analysing the content somewhere, taking my IP address (which in my case was my personal residence) and then using it against me for their further gain.  Even though we pay them and even pay them *more* than what our local email service provider would charges for the same storage and service, they do this to us.

I rest my case, Your Honour.

But wait! There’s more!

By participating in Google’s game, I am also compromising our *client’s* information and, *without their consent*.  If the content of this email was scanned and it involved a prospective customer, that means that *all* company emails are being scanned and used for purposes of which I was not fully aware at the time.  What other things are they doing to us and our customers?  See this article I wrote before about REALTORS and what I view as a breach of fiduciary duty to their clients.

I now believe that it is not right for us to, in good faith, publish that we are protecting our client’s privacy.  By using Gmail in business one is knowingly (now that you read my post at least) putting not only your own company’s information at risk but also the information of your clients.

Do you have a privacy statement that looks something like this:

“COMPANY NAME demands directors, employees, officers, etc to safeguard client data during and after their employement, etc, etc.”

I now question whether a company is compliant with such statements and whether or not a client could, if they could prove you were using a service like Gmail, sue your company for being in such obvious breach of their data.  Your clients, when they send you an email, are not expecting your company to be working cooperatively with a vendor who is analyzing their data.  And if they are, they will likely not be suing you.  But there might be a client like me who doesn’t want you broadcasting their data without their consent.  I would be very unpleased if I was the customer of a company using Gmail knowing what I know now.

It is also very unfair to impose Gmail on an employee, especially if they will be working from home.  I suppose if they only work from within the office, that would be fine but if they take a phone or laptop home and do company emailing, they are putting the privacy and security of their personal lives on the line for their work – which is totally unfair if not disrespectful.  Yes, they could quit and move elsewhere but wouldn’t it be better to brag to them about how much you respect their privacy and their family’s and even help them set up their home more securely?

I’m deeply concerned that our company is not alone in this very risky situation.  I am aware that this stuff is difficult to find time to learn about and to subsequently change. Out of habit we operate.  Out of saving a few bucks (or thinking that you are) we operate.

It is typically the case that a big company change will only occur after the nasty event has already happened (ie. a data breach, privacy breach lawsuit, etc).  But if we start diligently today dedicating a little time to making positive change, I’m fully convinced that in one calendar year the world would be a much safer place to use the internet.

Something to chew on at your next board meeting…

Tagged , , , , , , , ,

2 thoughts on “Is Gmail Safe to use ‘Just for Business’?

  1. This appears somewhat baseless. You have an event of being advertised to. Does this constitute a security breach? It’s also just as likely that the cookies from the search and visit of the website are to blame more than the email. But if this is what you say it is you will be able to find us links to back up this theory. Links from a credible source would be fantastic.

    Aren’t there thousands of huge businesses who use this technology? Why are these the dumb guys? These leaders of industry.

    1. Hi Rudiger,

      Thanks for your email. You raise points that many people raise who don’t look at the bigger picture of what this government agency does. You need to think of google as a government since literally it has more power globally than probably any government not to mention control of information and – your soul. But the soul is a bit harder for me to prove. However, this is a slice from google’s privacy statement which you might want to chew on with cornflakes tomorrow morning and consider that if it’s not too late you, too, might want to start your un-googling plans:

      “Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection.”
      http://www.google.com/intl/en/policies/privacy/

      For the interest of our readers, can you provide an example of any hugely successful company that uses gmail? I don’t know of any that I consider hugely successful that use gmail.

      But let’s just say that you find a large business that uses gmail, please also provide a reason why that just because they are ‘big’ that it somehow proves they are right. Monsanto is a big company and they don’t play well in the sandbox. You are using the classic Argumentum ad populum fallacy saying that somehow the masses are right. Please also point to me a time in history when the masses were right. The masses have let many murderous fiends rule their countries without so much as a no vote.

      I feel like perhaps you are a Director of IT at your mid-sized company (or large) and probably thought you were making a good choice for your company by ‘going big’. I understand this. It’s an common mistake. Perhaps you feel like my article puts your job at risk and, if your Directors read it, your job should be at risk. I want to confess that I made the same error as you, as you can see from my article. But I will fix my error over time and I hope that you will join me.

      All the best out there! W.O.T.

Leave a Reply

Your email address will not be published. Required fields are marked *