Gmail confidential mode

I feel that many of these pseudo-secure, proprietary enhancements to email create a false sense of security for non-tech-savvy users. Given the smoke-and-mirrors presentation of this as a way to &quot;secure your email^tm&quot; and the plethora of recent info leaks, i am sure some poor c-level exec will get caught inadvertently sharing something with an external recipient thinking that it will disappear in a few days, but then find themselves in a middle of a publicity nightmare.<p>In my utopia world, i&#x27;d love to see basics of information privacy and personal security be taught in schools akin to Driver&#x27;s Ed or Sex Ed classes.

There&#x27;s a phrase that large companies often use to explain &quot;puzzling&quot; features like this to detractors: you are not the target audience. Often this phrase is mis-used to cover up straight up bad ideas, but in this case it&#x27;s right on the money.<p>The target audience for this feature are CIOs of organizations Google sells G-Suite to. Companies do need IRM on emails, to prevent leaks that could happen by accident or intentionally; to limit email audience; to avoid endless replies-to-all on announcements; to put an expiration date on the &quot;perishable&quot; bits of information; etc. I&#x27;m pretty positive that they have to have this to compete with Office 365, which had IRM [1] for a very long time.<p>Yes, it&#x27;s not perfect, however, if it&#x27;s there, it mitigates a lot of the issues I mentioned above. Note the wording: &quot;mitigates&quot;, not &quot;fixes&quot;.<p>It&#x27;s interesting that they still list screenshots as a possibility: email clients (e.g. Outlook) are able to utilize OS mechanisms to prevent those as well. I thought that browser protected media APIs would allow Gmail opt-in to this kind of protection too.<p>[1]: <a href="https:&#x2F;&#x2F;docs.microsoft.com&#x2F;en-us&#x2F;office365&#x2F;SecurityCompliance&#x2F;information-rights-management-in-exchange-online" rel="nofollow">https:&#x2F;&#x2F;docs.microsoft.com&#x2F;en-us&#x2F;office365&#x2F;SecurityComplianc...</a>

&gt; Recipients who have malicious programs on their computer may still be able to copy or download your messages or attachments.<p>“Malicious programs” such as any standards-complaint email software?

&gt; removing options for recipients to forward, copy, print, and download<p>Oh please... Everybody can do a screenshot nowadays, and even Google itself integrated OCR into its Screenshot tool at Android a few years ago. What a waste of time to make the life of people harder who must use this &quot;security&quot; feature!

This has the potential to create a huge legal headache.<p>We can no longer rely on email to be there in our archive and presented as evidence in court, but now have to worry about expiry.<p>In many countries an exchange of emails which represents a series of terms, restrictions, an offer, and finally acceptance can be considered a legally binding contract between parties and can be presented in court.<p>With expiry and email DRM we now have entered the alternative reality of such contracts written with disappearing ink.

If anyone is curious how it works with external accounts, I just tested it:<p>1) Mail arrives (subject intact) with text like &quot;John Doe has sent you an email via Gmail confidential mode&quot; and a &quot;View Email&quot; link<p>2) The link takes you to a &quot;To view this email, you must first confirm your identity. A one-time passcode will be sent to (your email)&quot; page.<p>3) Entering the separately-emailed passcode lets you see the email body in-browser. Selecting text is disabled in the body (so no copy-paste), trying to print the page blanks out the body area -- I&#x27;m sure you could bypass either with a bit of JS wizardry. Printscreen&#x2F;screenshot work as expected.

I love the concept as a sender, I hate the concept as a receiver.<p>It means a ton more mental overhead: &quot;do I need to jot down the info from this email somewhere (manually?) now because at some point it&#x27;s going to expire or my access is going to be revoked?&quot;.<p>Frustrating. It&#x27;s the opposite of all the benefits of gMail search.

Proprietary &quot;extensions&quot; to email make me nervous.

This is very bad and makes me angry. If you send me an email I need to not worry about being able to save the information forever. Once somebody sends out something it is no longer theirs. But now the cancer of DRM leaks into our personal lives???!?<p>At the very least receivers should be able to automatically reject any such email.

Confidential...as in only you, the recipients, Google, the NSA, and other intelligence agencies the NSA shares information with can read these emails.

The title made me think Google was announcing that they won&#x27;t read my email any more. Alas.

This is so incredibly stupid and irresponsible on so many levels.<p>Beyond obvious lock-in &quot;Gmail Confidential Mode&quot; tells users SMS is secure (it isn&#x27;t), teaches users they can prevent message printing (they can&#x27;t), and teaches users to open links in emails from strangers to then put in their Google credentials to view the message!<p>Was anyone on the Google Security team given a chance to look at this before it got shoved out there? I know there are people at Google smarter than this.<p>This is a massive setback in educating users about actually useful security measures.

I would like to see Gmail offer end-to-end encryption for &quot;confidential&quot; emails.

They&#x27;re cocky enough now to think that they can take on the e-mail as a de facto standard and do the Embrace, Extend, Extinguish dance with it.<p>This is akin to DRM and just like DRM it will be ineffective - if I can see it, I can forward it, copy it, and print it, and do whatever I want with it. Users are being led to believe that they can enforce these sorts of controls over email but they can&#x27;t.

A lot of people are posting that this is for gsuite. I&#x27;ve had this in my regular gmail for a couple of weeks now.

Will this be a lock in feature that makes it harder for people using external mail clients?

AOL 4.0 had a similar function [1].<p>[1] <a href="https:&#x2F;&#x2F;web.archive.org&#x2F;web&#x2F;20130115034301&#x2F;http:&#x2F;&#x2F;americanshelflife.wordpress.com&#x2F;2008&#x2F;05&#x2F;26&#x2F;ode-to-aols-unsend-function&#x2F;" rel="nofollow">https:&#x2F;&#x2F;web.archive.org&#x2F;web&#x2F;20130115034301&#x2F;http:&#x2F;&#x2F;americansh...</a>

Great way to have your users label their own data to improve their ML models by tagging it as confidential or not.

Outlook has had this for very long time. Even consumer versions have some of the rights management features.<p>At my new job I am using Gmail via GSuites for first time and I didnt know how antiquated Gmail is. Lots of missing features and rather confusing UI.<p>But adding more security options and giving users control is good.

Work is the one place this seems OK: if the company provides the email service, it can hide the forward button or whatever if it thinks that advances its interests.<p>Still think disclaimers about the limits (in the UI, not just the blog post) have to be be stronger. It could help avoid accidental leakage and communicate your intent to keep the contents confidential, but it&#x27;s absolutely no use against someone hostile. I feel like the name should be more like &quot;mark as confidential&quot; or something, to clearly get across it&#x27;s a strong suggestion but has no hard enforcement behind it.

Naming this technology &quot;confidential mode for email&quot; is extremely dishonest and misleading to users about what it actually does. Very frustrating decision.

Interesting take from a friend overseas who is into a lot of Security and Data Surveillance.<p>Me: So, what do you think about Google&#x27;s Confidential Mode settings? Are you going to use it in your company?<p>Friend: It is one of the topics heavily debated right now. Especially by our management.<p>Me: Is that so? Why?<p>Friend: Lots of legal implications that needs to be addressed.<p>Me: How about you? What&#x27;s your take?<p>Friend: Well, for a start, given Google&#x27;s history of surveillance, this type of enhancement only just gives them more power and capability to focus on information that are being deemed sensitive by an individual or an organization.<p>Me: You think so?<p>Friend: Absolutely. Imagine if this person sends out approximately 100 emails in a day, and marks 5 of them as sensitive or confidential or whatever terms you would like. Google can then sequence the emails to track based on the confidentiality that was set forth on it.<p>Me: Never thought of things in that perspective.<p>Friend: Yes. Further to that, they could then add more focus on confidential emails which would have a very specific expiry dates. This becomes more specific to their focus, where they can direct their resources specifically on this.<p>Me: (Intently listening)....<p>Friend: It&#x27;s like this. Assume you have boxes in your house. Each box contains different stuff. Some box may contain your cash, or jewelry or any other important stuff. Now, you have a burglar going inside your house. With a 100 boxes, they would certainly only spend a couple of time to rummage through the boxes. If they can only open 5 boxes, with the possibility of those boxes containing nothing but garbage, then the burglars are not successful in getting your prized stuff. Now imagine having those boxes labeled with stuff like &#x27;MONEY&#x27;, &#x27;JEWELRY&#x27;, &#x27;CONFIDENTIAL&#x27;, &#x27;IMPORTANT TO DISPOSE BY DATE YYYY-MM-DD&#x27;, etc. Doesn&#x27;t that give the burglar an easier way to run through the boxes? This eliminates for them wasting on boxes that may have no importance at all.<p>Me: That is certainly a possibility if you would think of it.<p>Even though such scenario may be far-fetched from a corporate (Google for Business) standpoint, it is still worthy of a discussion. IMHO.

When I was using lotus notes there was a similar feature, but it didn&#x27;t work very well. As the message was sent to you inbox, you could modify the properties on the message, I created a button to unprotect the message because there were several people in my group who always had their message confidential and the information needed to sent to others quite frequently.

Looks like they should clarify the bounds of this functionality. Obviously they know who they&#x27;re talking about, but good communication wouldn&#x27;t assume the reader does.<p>Presumably it&#x27;s only working within a G Suite organisation (equivalent to aspects of similar features in Exchange)

It&#x27;s not clear what the use case is for something like this. Why wouldn&#x27;t you use an alternative communications channel like Slack in this situation? I mean, if you don&#x27;t want to use email, don&#x27;t use email. Why go through all the complications this introduces.

What a stupid thing. You may think that Google doesn&#x27;t know how email works in the first place. Expiring emails?? DRM(rebranded as IRM) ?? Thank god we have so many email providers and these &quot;features&quot; are worthless outside of gmail.

What happens if you send an email to a non gmail address? I assume this mode has no effect.

What if I take a screenshot of the email? How can they prevent that? Or use a phone to take a shot of the screen displaying the email.

I never use Gmail in a browser. This means that this functionality is not available for me? ( using iSync msmtp mu mu4e emacs setup)

Will this work with non-gsuite users? Gmail has a big marketshare, and setting a message to expire to them could be useful

Plausible deniability for those times when the sender would rather not have email evidence preserved.

Question: Does this only work GMail to GMail or also across email platforms?

Will this work only for Gmail&#x2F;Gsuite clients?

Embrace, extend, …

They&#x27;re about two weeks early for April Fools.

&quot;gmail&quot; and &quot;confidential&quot; in the same sentence. sure.