23099
post-template-default,single,single-post,postid-23099,single-format-standard,stockholm-core-2.4,qodef-qi--no-touch,qi-addons-for-elementor-1.6.7,select-theme-ver-9.5,ajax_fade,page_not_loaded,,qode_menu_,wpb-js-composer js-comp-ver-7.4,vc_responsive,elementor-default,elementor-kit-38031
Title Image

May Google Scan Student Email Accounts for Targeted Adverting Purposes?

May Google Scan Student Email Accounts for Targeted Adverting Purposes?

This past January 27th, four students and alumni from the University of California-Berkley filed a suit against Google alleging privacy violations under the Electronic Communications Privacy Act.[1]  The students and alumni, like those at many universities, including this one, were assigned school email accounts managed by Google’s Apps for Education and now allege that Google illegally scanned their emails for advertising purposes.[2] This is an important case not only because it implicates major data privacy concerns, but also because (according to the plaintiffs’ complaint) there are more than 30 million students and teachers[3] who use Google Apps for Education.

 

There appear to be two primary ways to analyze this case, and to a larger extent, the questions of data privacy raised therein.  Firstly, there is the private law formed between the end users and Google by the end-user license agreement (or any other contract).  Secondly, there is the statutory consideration created by the Electronic Communications Privacy Act.  This post will only attempt to analyze the concerns arising out of private law and will also explore some surrounding policy concerns.

 

Generally speaking, our legal system is interested in protecting freedom of contract and will allow parties to enter into contracts with one another, enforcing their obligations.  In this (oversimplified) sense, if Google and Gmail users enter into a contract that says Google is allowed to scan their emails for advertising purposes, it seems unlikely a cause of action would exist.  The plaintiffs’ complaint in the instant case alleges that various universities entered into contracts with Gmail and then the universities themselves entered into contracts with students wherein they were told their Gmail accounts would not be scanned.  If this is the case, it seems like the proper defendant (and the least cost avoider) would be the universities for they misrepresented the nature of the Gmail accounts to their students.  Of course, if Google themselves made some manifestations of account privacy that didn’t actually exist directly to the students, they may be liable as well.

 

But what about the larger question of do we want to live in a society where Google can scan students’ email accounts and then display for them targeted advertisements?  In the spirit of freedom of contract, I see no issue with this.  A user is free to contract with Google, and if they choose to, their legal relationship with Google is now changed and allows for Google to scan their email for marketing purposes.  This situation may indeed be desirous for educational users because it generates revenue that likely helps Google to provide the free email accounts in the first place.  If users are not comfortable with Google reading their emails, they don’t have to open a Gmail account.  Perhaps the plaintiffs would push back against this and say their colleges required them to so it wasn’t fair because the only option they’re left with is not attending that college.  While this may be true, the point appears without merit.  All colleges require as a condition of attendance that students surrender certain rights they might otherwise enjoy, and there appears nothing so fundamental about any rights (at least to the degree they’re implicated) in these cases to suggest this problem is anything different.

 

A final aspect to consider is what of the rights of a third party sending an email to a Gmail account.  Gmail may scan the content of the third party’s message even though the third party mayn’t be aware that Google utilizes any such service.  This issue, though compelling, does not appear to be particularly problematic.  When a person sends a snail mail letter to another, the recipient is commonly understood to now own that letter.  The recipient is generally able to do whatever they want with the letter.  Why should email be any different?  In this case, the recipient decides (through the license agreement they entered into with Google) to allow Google to scan the letter.  Furthermore, from the perspective of notice, it appears more and more likely that senders will be on constructive notice that their emails sent to Gmail accounts may be scanned.

 

It seems clear that while Gmail’s scanning of users’ emails is probably legal, it is becoming increasingly difficult for people to use email without be subject to automated scanning.  Whether this in itself is a significant issue will have to be left to another post, but at least one company seems to believe it is: Microsoft.[4]

Footnotes[+]

Paul Thompson Jr

Paul Thompson is a second year student at Fordham University School of Law and a staff member of the Fordham Intellectual Property, Media & Entertainment Law Journal. He holds a B.S. in physics-engineering and plans to pursue a career in patent litigation.