We've got a double dose of updates for you, both involving the mining of your private data.
Remember PRISM? Think hard. That's right, it was one of the seemingly endless series of revelations about ways in which the National Security Agency had been spying upon Americans and others. The PRISM program pilfered tech giants' data for NSA snooping purposes, and though our initial reaction was to blame the tech companies as collaborators, they quickly proclaimed innocence and ignorance.
The NSA begs to differ.
Meanwhile, in a case of a private party mining data, remember the ongoing Google email scanning lawsuit, brought by non-Google users whose emails (to Google users) were scanned by Google? Though U.S. District Court Judge Lucy Kohn previously ruled that federal wiretapping laws could apply to Google's activities, last week she ruled that the individual plaintiffs' knowledge likely varied, making individual issues of consent too varied to certify a class. In other words, the lawsuit is all but dead.
NSA: Tech Giants Knew All Along
Who do you believe more -- tech companies who have a history of data mining, or NSA agents who have a history of data mining?
According to The Guardian, NSA general counsel Rajesh De testified that the tech companies knew all about the metadata harvesting:
"Asked during at a Wednesday hearing of the US government's institutional privacy watchdog if collection under the law, known as Section 702 or the Fisa Amendments Act, occurred with the 'full knowledge and assistance of any company from which information is obtained,' De replied: 'Yes.'"
So, the companies protesting, which we previously labeled merely hypocritical, are now apparently a bunch of lying trollops. Meanwhile, if you're looking for PRISM-free alternatives to your service, cell, and software providers, we handled that in a two-part series: Part I and Part II. (If you're wondering, I still have my PRISM-free BlackBerry, but no, I haven't been able to try Android apps out on it yet.)
Class Dismissed in Google Email Scanning Lawsuit
This is an uncomfortable ruling. Judge Koh, in an order denying class certification, essentially held that because individual members could have learned about Google's email scanning practices, thereby impliedly consenting by emailing a Gmail user, the cases would have to move forward on an individual basis, rather than a class action. Obviously, the cost of such suits is prohibitive, which makes this case all but dead, pending any appeals or other surprises.
"The court finds that individual issues regarding consent are likely to overwhelmingly predominate over common issues," Koh wrote. "Specifically, there is a panoply of sources from which email users could have learned of Google's interceptions other than Google's terms of service and privacy policies."
There are two problems with this ruling: first, isn't this just an extension of Google's previous argument, that there is no expectation of privacy? Just because Google's terms of service have over a million views, and there was a lot of media coverage, doesn't mean that more than a small minority of tech-inclined geeks knew exactly what the email scanning entailed.
Furthermore, at least one of the classes involved non-Google users who sent email to Google Apps users. Free Google Apps users (including some educational institutions) host their email servers with Google (and are therefore scanned), but the sender has no way of knowing this. All the sender sees is the email address (i.e. email@example.com), at least until they get an email back. Even then, they'd have to understand how to decipher a header -- a task far beyond any ordinary consumer's abilities.
Arguably, one might see that as a proper case for individualized trials, but it seems like a bit of a stretch to quash multiple classes of plaintiffs on the possibility that some of them may have possibly known that Google was scanning some of their emails to some people.
Enjoy the latest legal news from our blogs? Keep up with the latest legal docs on Scribd.