The overall case appears to be about people complaining that Google scanning their emails and showing contextual ads is a privacy violation.
Most of this document is an explanation of why that shouldn't hold (Gmail users agreed to this when they signed the ToS, automatic scanning is essential for things like spam filtering and full-text search, legislating against this will kill innovation in online services etc).
The section that contains the "expectation of privacy" quote is in reply to part of the case which suggests that, while Gmail users may have accepted the ToS, non-Gmail users who send an email to a Gmail user have NOT accepted that ToS and hence are having their privacy violated.
The counter-argument presented is that, if you send a letter to someone and they allow their assistant to open it, you shouldn't be surprised by that. The analogy is that if you send an email to someone who has chosen to use a specific email provider, and that email provider automatically scans your email in some way, you shouldn't be surprised either.
As I read it, the "third parties" in the troublesome quote aren't Google themselves - they are the recipients of your email who happen to be using Gmail. You've turned over your information voluntarily to the recipient of your email, they can then chose to allow it to be automatically processed by the email provider they have an agreement with (without this violating your expectations of privacy).
I call bullshit on the whole story.
Trust is vital in any economy that wants to function. This Google argument will make me trust no one.
Just as a sender of a letter to a business colleague cannot be surprised that the recipient’s assistant opens the letter, people who use web-based email today cannot be surprised if their communications are processed by the recipient’s ECS provider in the course of delivery.
Indeed,“a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.” Smith v. Maryland, 442 U.S. 735, 743-44 (1979)..."
I think this is a good summary.
At my office my secretary reads most of my snail mail, and at home I have authorized my girlfriend to do the same. Gmail reads my email. In all cases my reasons are the same; I am having a hard time keeping up with all the mail that comes in and want someone to filter out what is relevant.
While the non-Gmail Plaintiffs are not bound to Google’s contractual terms, they nonetheless impliedly consent to Google’s practices by virtue of the fact that all users of email must necessarily expect that their emails will be subject to automated processing."
This is talking about non-Gmail users who send email to Gmail users.
And frankly, I don't see great changes in the "don't be evil" policy either. When has Google been a great champion of users' privacy? Targeted advertising has always been their business model.
Frankly, the only thing I see is people's rose-colored glasses about the early Google.
I'm conscious of what happens, much before the NSA revelations this year.
I use 8.8.8.8 for DNS on some networks (for external resolution and for nagios) knowing perfectly that each request is registered and extrapolated.
I use an apple macbook air for some tasks, even if I know I've no control over many privacy issues in such machine.
On the other side, I've had offline networks for some data I didn't want never go out of my firewall. The only conection of such networks, was a 2TB USB disk, to update the mirrors of the software that such networks did need.
When I want to make something online not related to myself, I start from the beginning: using hardware not related to me or my credit card, and using an internet connection not related to me or my bank account.
I trust certain things, don't care about certain things, and care about others (i.e. my webcams and micros are always with duck tape, since invented, bluetooth? disabled, 3D in the browser? disabled, external fonts in the browser? disabled, etc).
Should I wear an "I'm an idiot" t-shirt ?
Care to name a good alternative then? And a good way to notify hundreds of people and companies to change my address to a new one,and convince dozens of friends to stop using hangouts and use X instead?
Gmail: Self-hosted qmail or exim
Google Maps: OpenStreetMap
Hangouts: Jitsi
Android: Firefox OS
Search: Startpage
Chrome: Firefox
Google Drive: ownCloud
Encrypt everything, and post your public key on any keyserver you choose. There is very little sensitive information in a public key (though it can tie you socially to another party, in a cryptographically strong manner, for those who are concerned about such things).
But the point is that an out-of-band and secure key transfer isn't required.
Computationally expensive, maybe, but it's 2013 and browsers can take a bit of abuse. It wouldn't cover people using POP/IMAP, but Joe Average doesn't bother with that geekery anymore. Obviously it would take some time to implement, but it could be done.
I'm 100% sure besides showing "relevent ads" in real time as you check your mail, they also keep a huge profile for your account name, cross check with all their other services and mainly search, and generally have a file on you and your preferences.
And that's besides sharing your email with their government friends.
