The way I see it, Google set up a system that is easy to conduct surveillance on. Gigabytes of storage, no way to actually delete messages over IMAP or POP3, and in various subtle ways GMail discourages the use of encryption.
This is all probably inadvertent, but it indicates that protecting users from this sort of surveillance is not a priority.
If you don't believe that they delete it when you tell them to delete it, then using Gmail is already a non-starter. Also, yes, defaults do matter: the outcry from users from not being able to undelete an email would be much louder than those wanting instant deletion.
"the outcry from users from not being able to undelete an email would be much louder than those wanting instant deletion."
[citation needed]
Seriously, I have trouble believing that anyone would complain about "delete" carrying any meaning other than "delete." I also find it hard to take such people seriously, given the existence of a Trash folder as a first stop for deleted messages, and All Mail as a second stop (and what is the default for deleting from All Mail? Having the message come right back to All Mail! Brilliant...).
Thanks for the tip on how to fix this behavior. It is an easy option to miss...
Using the default Gmail settings of (a) Enable IMAP and (b) Auto Expunge on, I just deleted an email via Sparrow (IMAP). The email instantly went straight into the Trash folder and is not visible in All Mail. I expect the email to be auto-deleted in about 30 days. I agree that the behavior you're describing would be weird, but I'm not seeing it. Can you please double check?
No, I don't have a citation, but is it so hard to believe that lots of people want an undelete? I accidentally delete emails all the time and I go into the trash and fish them out. Not giving users an undo seems ... unfriendly.
EDIT: I see, it applies to Custom Folders and delete only removes the label; doesn't move it to the trash. Here's what Google has to say about it. Is this a default IMAP behavior or Gmail-IMAP specific? https://support.google.com/mail/answer/78755?hl=en
I just confirmed the behavior: I deleted a message from my Inbox, and my mail client put it in my Trash folder. I deleted the message from Trash, and it was still in All Mail. I deleted from All Mail, and when I refresh the folder it is still there. I checked the network log, and the correct EXPUNGE commands are being sent.
As for "undelete," I believe the purpose of the Trash folder is to support that. I have yet to find the email client that does not, as a default, store deleted messages in the Trash folder. I am not disputing that people want that functionality, what I am saying is that I do not think people want the behavior that I am seeing.
The fact that GMail treats "delete" as "remove labels" is very problematic. IMAP supports labels, including client-defined labels. Treating folders as "labels" only breaks the abstraction IMAP presents. I suppose this was part of Mark Crispin's gripes with GMail.
The problem is that the default behavior for people who use an IMAP client is for "delete" to actually mean "keep a copy in All Mail." The server will also give a false OK status to the client following the EXPUNGE command (see the IMAP4 RFC for details), so the user is not alerted to the fact that messages are not being deleted.
I don't follow this stream of logic. If you have to build technical systems, the sole purpose of which is to sidestep laws, in order to be good then aren't the laws at fault here? I find the acceptance that governments will do whatever this wants, we will just use end to end encryption , TOR and Bitcoin defeats the purpose we have regulated currencies, governments and democracies. If there is an action item on the list, it should be to change unjust laws not to circumvent them. The latter is both defeatist and useless. Because if you are not keeping a check on the government they will keep bringing in more laws that hinder your sense of justice and your technical system keep moving its architecture like a fugitive.
"If you have to build technical systems, the sole purpose of which is to sidestep laws"
Nobody is talking about sidestepping laws. You are not breaking laws, nor breaking the spirit of the law, if your users cannot store many years of their personal communications on your server. Encouraging people to delete mail would have the effect of limiting the government's surveillance power, in an entirely legal fashion.
"aren't the laws at fault here?"
It is not that simple. The relevant laws were written at a time when mail quotas were commonly measured in megabytes, when people had to delete their mail in order to stay under the limit. Back then, if a few personal messages happened to be on the server when a court order was received, it was not such a big deal; those messages probably pertained to very recent things anyway. Now, when a court order for "all of Joe's email" is received, that will very likely include messages dating back years, long before whatever crime Joe is suspected of was even committed. The laws have not been updated in light of these new privacy implications.
"If there is an action item on the list, it should be to change unjust laws not to circumvent them. The latter is both defeatist and useless."
Why not do both? Why should we suffer while we wait for the deliberately slow wheels of government to turn? Neither action excludes the other, you can both circumvent unjust laws and work to take those laws off the books.
> You are not breaking laws, nor breaking the spirit of the law
I wasn't suggesting that either. Sidestepping is avoidance not evasion.
> The laws have not been updated in light of these new privacy implications. ... the deliberately slow wheels of government to turn?
So change the law. And speed up your justice system. Don't elect individuals who slow down progress deliberately.
> you can both circumvent unjust laws and work to take those laws off the books.
And fight the laws and its usage, which is what Google does. It was also the entity that disclosed the original order in this particular case, so that the person in question can also take some action if possible. It also publishes transparency reports and it was the first one to do that, which gives you an idea about how frequent usage of the unjust laws are so that you, as a community, has more information about what your government is doing. If I am not wrong, there have been 2 elections since the FISA was passed and the voting population of US was aware of the broad surveillance since the first election (Obama based some of his campaign on it). If he hadn't acted on it, then it should have become a point of debate in the reelection. But it was celebrated on Hacker News as much as anywhere else, without a single mention of his inability of reducing the scope of such laws. So guess what? Overboard surveillance didn't seem to be a priority for most of the people here and Google has been more transparent and more vigilant about it since longer than the PRISM episode. The gist is that it is easy to transfer blame in this case, but the root cause it solely the astoundingly broad laws and the undoubted trust that voters put in the current government that used them instead of removing them as it had promised.
It is not contrarian, I was replying to two separate points. The first was the claim that I was saying that Google should have set up its system to circumvent the law; the is not what I was saying. The second was the claim that we must either circumvent laws or change them; my point was that the choice is not exclusive.
As for the point of the laws being faulty, what I was saying was that the laws were designed with a particular communications model in mind. Google's system is designed very differently from that model, but despite Google's popularity and despite other services adopting a model similar to Google's the law has not changed. Just saying that the law is at fault is too simplistic; the laws may have good reasons behind them and may have made sense at the time they were passed (and had technology not changed, the laws might still make sense now).
That's stupid. Particularly how you list 'plentiful storage' as a drawback, if that's the case then it's plainly an issue of law as it pits privacy against usability.
This is all probably inadvertent, but it indicates that protecting users from this sort of surveillance is not a priority.