I’m reading about how Microsoft read a blogger’s Hotmail (or other Microsoft hosted email) to determine who leaked Microsoft information to that blogger. Microsoft’s response is pathetic, stating that “the privacy of our customers is incredibly important to us” in the same post that explains that they’ll keep doing it.
While I think that doing this is both evil and shortsighted (they lose trust and users), the only thing that surprised me was that they admitted it.
As the Guardian points out, other email providers also reserve the right to do this in their terms of service.
I have first hand knowledge of this. A few years ago, I’m nearly certain that Google accessed my Gmail account after I broke a major story about Google.
A couple of weeks after the story broke my source, a Google employee, approached me at a party in person in a very inebriated state and said that they (I’m being gender neutral here) had been asked by Google if they were the source. The source denied it, but was then shown an email that proved that they were the source.
The source had corresponded with me from a non Google email account, so the only way Google saw it was by accessing my Gmail account.
A little while after that my source was no longer employed by Google.
I certainly freaked out when this happened, but I never said anything about it because I didn’t want people to be afraid to share information with TechCrunch. But I became much more careful to make sure that communications with sources never occurred over services owned by the companies involved in the story.
So, yeah, the Guardian story is accurate.
Update: Google says this never happened (also in a comment below that I just approved). Some of the wording is (just slightly) odd (“opened” denial v. “accessed” accusation) but I assume that was inadvertent and they’re flatly denying this whole story.