Michael Gove needs a lesson on Gmail security risks

Could Education Secretary Michael Gove’s alleged use of Google’s Gmail to conduct bits of his political communication away from prying eyes be about to land him a spot of embarrassing technological detention?


Could Education Secretary Michael Gove’s alleged use of Google’s Gmail to conduct bits of his political communication away from prying eyes be about to land him a spot of embarrassing technological detention?

The substance of today's Financial Times story is that Gove’s department was unable to provide emails sent via Gmail between the minister and his advisors asked for under Freedom of Information (FoI) legislation despite the newspaper having evidence that they existed. Woops.

The Department of Education couldn’t provide the emails of course because unless securely mirrored (for instance by setting up automatic forwarding) the documents would only exist on the servers of a famous company, Google, set up by a pair of enterprising Stanford University PhDs based in California.

There’s a constitutional issue that needs little spelling out here. Ministers are not supposed to communicate in ways that might have a bearing on their jobs in any medium without that being recorded for later examination under basic principles of democratic accountability.

Gove’s defenders will point out that it’s not illegal for a minister to use a public email system but in truth using systems such as Gmail in parallel to official email is a daft anomaly that has been waiting patiently to be reformed.  

Hitherto, the flawed assumption has been that ministers will use public systems at their own risk for private emails, switching to Her Majesty’s email for anything to do with their jobs. Deep into the Gmail, Facebook and Twitter age, we now know that this thinking is years out of date.

The technical dimension is even less flattering – Gmail just isn’t up to secure email communication of this sort, period.

Admin headache number one is that Google’s email servers are not only under its management and terms and conditions (which don’t guarantee retrieval with time stamping) but they aren’t even in the UK. Gove’s to and fro would almost certainly have been sitting on a hard drive somewhere in a US data centre that could in principle be accessed by one of its managers under a different legal jurisdiction.

We also have to assume that Gove and his advisors would have accessed these accounts with the bare minimum of authentication, which is to say using a password and username. Earlier this year Google started offering two-factor authentication (2FA) for Gmail, which ties access to an account to a one-time password sent to a supported smartphone, but this ups the level of inconvenience which is why few people, including important politicians, bother to use it.

Once in the system, what other sorts of mad things might a less than tech-savvy minister be tempted to do? Gmail has all sorts of interesting features that would let a naïf run amock, including the ability to log into third-party accounts to mirror old-fashioned pop email, effectively sucking out secure communications to an inbox service more often used by 15 year olds to flirt with one another.

An aide or minister would have to be completely crazy to do such a thing surely. To be fair it's not clear that government email servers allow remote authentication to occur (a secure design insists that authentication happens from within a given subnet) but the public can’t be assured that it is impossible in all cases.

An exchange reported by the FT from Gove’s political aide Dominic Cummings offers us a final scary glimpse into the complacency of the Gmail mindset. The claim is that Cummings preferred Google for some kinds of correspondence, allegedly telling colleagues that he would not answer some emails to his official DoE account and that, "I will only answer things that come from Gmail accounts from people who I know who they are. I suggest that you do the same in general but that’s obv up to you guys – I can explain in person the reason for this."

The idea that anyone can be sure with whom they are exchanging emails on a public service available from any domain on the Internet is pretty eye-popping and that’s before you get into the whole issue of stolen and forged certificates. Quite simply, you can’t.

Perhaps these chaps think that Gmail is a pop version of the BlackBerry Messenger service also used by HM Government to exchange emails at senior level, but that’s an end-to-end encrypted service with policies managed by government employees and using secure keys loaded from its own subnets.

With the Information Commissioner now involved, the obvious question is why a Government minister and his advisors might feel the need to communicate on a system other than the one provided for them by Realm. Are they worried about FoI or simply paranoid about being tapped by the Civil Service equivalent of J. Edgar Hoover?

We can leave the speculation up to political commentators, but on the technical matter we can at least be clear. If Michael Gove and his advisors were chucking important emails of a political nature back and forth to one another on Gmail it was not because they understood or took seriously the critical matter of email security.

"Recommended For You"

ICO investigates minister’s use of private emails for official business Michael Gove: His education and IT speech in full