Google Gmail Deleted Email Policy Overview
With the popularity of its Gmail service, Google has insight into the personal lives of millions of people around the world.
Much attention has already been given to Gmail for how it uses the contents of user email accounts to serve up targeted advertising. A growing number of people, however, seem to be concerned about what happens to deleted user emails or data associated with closed accounts.
Perhaps the reason many people believe that Google retains deleted information forever lies in the vagueness and ambiguity of the Google position on the subject. In its latest data retention policy, Google states that it keeps multiple copies of user emails in case it becomes necessary to restore them. Google goes on to state that deleted mail and deleted accounts will remain in their system for “some limited period of time” before being removed. Google goes on to assert that it takes measures that are “reasonable” to quickly remove deleted information from their servers.
Google does not define what a “limited” period of time may be (after all, is not all time limited?) and it does not define what efforts it considers “reasonable.” For that matter, Google does not define “quickly” either.
Image Credit: Wikimedia Commons/Sasa Stefanovic
Why Google Email Retention Policies Matter
A 2006 article published in EDPACS says that 18 U.S.C. 2703(a)(2000) provides for the access by law enforcement without a warrant of emails stored longer than 180 days. This part of U.S. law affects any email system, not just Gmail. Still as Gmail seems to encourage people to archive email rather than delete it, Gmail users seem particularly in danger of self incrimination through stored emails.
Because of threats such as government meddling and of divorce lawyers and other attorney investigations, the longevity of deleted email in the Google system seems natural. Unfortunately, Gmail users do not have much information to go on, considering vague Google policies.
A 2006 article published in Maclean’s asserts that at that time the IP and search data stored by Google would remain on its servers until 2038, a span of 32 years. the article does not state how the author discovered such a fact, but - assuming it is true - it could mean that Google retains all of its information across the board for several decades. Such longevity would for practical purposes mean that Google never deletes email from its server. This means that the contents of a Gmail account could haunt a user for almost half a lifetime.
Addressing the Issue
In 2009, Google launched the “Google Dashboard,” a service that supposedly allows users to see how Google handles their data and adjust or opt out of options as desired, according to the Montreal Gazette. Although the dashboard seemed to generate good publicity, it has minimal impact on privacy. Logging into the Google Dashboard currently offers no options for Gmail users to opt out of Google data retention and appears to do nothing to address the longevity issue of deleted email. In fact, a spokesman for Google is quoted in the article saying that Google Dashboard helps users get accustomed of having a lingering “shadow” on the Internet.
Perhaps Google has a point when it says that people need to accept the idea of having permanent tracks online. After all, the issue is not unique to Gmail. Corporations and other email providers regularly back up their servers meaning that email and any other data could exist on tapes and reserve drives for decades. ISPs and Web hosts managing personal email accounts likely retain server backups that keep email alive in perpetuity. It seems unreasonable to expect that an email provider should scour all of its backups every time a user erases an email.
Because of the nature of email in general and of Google in particular, common sense would seem to indicate that the assumption that Google never deletes email from its server Gmail should guide users as they access email services. Users must either accept the implications of the lack of privacy on Gmail and the long term availability of online correspondence or take measures such as encryption or face to face communications to mitigate its effect.
Freeman, Edward H. 2006. “GMAIL AND PRIVACY ISSUES.” EDPACS: The EDP Audit, Control & Security Newsletter 34, no. 2: 15-20. Computer Source, EBSCO_host_ (accessed July 24, 2010).
Elton, Sarah. 2006. “Got a date Friday? Google knows.” Maclean’s 119, no. 34: 56. Academic Search Premier, EBSCO_host_ (accessed July 24, 2010).