People who claim Gmail violates anti-wiretapping laws must pursue their claims individually rather than as a group.
10 Great Google Apps Tips
(Click image for larger view.)
Google on Tuesday won a meaningful victory in a legal conflict that threatens Gmail and the company's data mining practices. US District Judge Lucy Koh in San Jose, Calif., denied class-action status to plaintiffs who claim that Gmail's automated content scanning violates state and federal anti-wiretapping statutes.
As a result, Gmail privacy claims will proceed individually, on their own merits. No longer facing the prospect of a massive aggregated damage claim, Google might be able to reach settlements more easily or prevail outright.
The ruling is far more favorable than the one issued by Judge Koh last September, when she denied Google's motion to dismiss the claims. Google argued that its automated processing of email content falls under allowed "ordinary course of business" exemptions and that the plaintiffs consented.
The judge rejected the first justification, saying Google must show its email interception was necessary for Gmail rather than for its broader business interests. She rejected the second justification because she found Google's privacy policies were unclear. She wrote, "a reasonable Gmail user who read the Privacy Policies would not have necessarily understood that her emails were being intercepted to create user profiles or to provide targeted advertisements."
Whether the plaintiffs consented to Gmail content scanning will be addressed as the individual cases proceed.
Although some of the plaintiffs are students who use Google Apps for Education, Eric Goldman, a law professor at Santa Clara University School of Law and director of the law school's High Tech Law Institute, said in a phone interview that this didn't change the judge's analysis. Attorneys for the plaintiffs sought to create a subclass of minors -- who have greater privacy protections than adults -- but were denied. Goldman says the judge is treating all the plaintiffs the same.
The legal doctrine at issue is the Electronics Communications Privacy Act, an amendment to the Wiretap Act that Goldman considers to be too vague and subject to interpretation. Disclosure requirements that wouldn't be adequate under contract law might still satisfy the ECPA, according to Goldman, who said Judge Koh's ruling suggested that simply hearing about Google's automated Gmail scanning on the radio might meet the ECPA consent standard.
Goldman argues that Koh's ruling last year remains troubling because it calls into question any automated email processing. Underscoring the difficulty of interpreting the ECPA, Koh's ruling that Gmail content scanning doesn't fall under the law's "ordinary course of business" exemption conflicts with a December ruling in a separate Gmail case by US District Judge Paul S. Grewal.
Engage with Oracle president Mark Hurd, NFL CIO Michelle McKenna-Doyle, General Motors CIO Randy Mott, Box founder Aaron Levie, UPMC CIO Dan Drawbaugh, GE Power CIO Jim Fowler, and other leaders of the Digital Business movement at the InformationWeek Conference and Elite 100 Awards Ceremony, to be held in conjunction with Interop in Las Vegas, March 31 to April 1, 2014. See the full agenda here.
Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Cybersecurity Strategies for the Digital EraAt its core, digital business relies on strong security practices. In addition, leveraging security intelligence and integrating security with operations and developer teams can help organizations push the boundaries of innovation.