Google lets third-party app developers read your Gmail

Gmail

There’s a major controversy brewing around Gmail and the permissions its gives to developers. It seems Google has been allowing third-party apps to read the emails of millions of users for years.

We’re not just talking about a machine scanning an email here, but an actual human being reading emails. The Wall Street Journal highlighted this serious breach of privacy in an extensive report, interviewing over 25 former and current employees of app developers and data firms.

Turns out, reviewing email data is a very common practice in the industry. Gmail’s settings allow these companies to see emails and read private details like time stamps. While these apps typically ask permission for this, it’s not clearly stated that employees will be able to read emails, not just computers.

Google’s Gmail Defense

Google says it hands over this data only to vetted third-party developers and with a Gmail user’s explicit consent. The company itself vowed to stop reading emails for personalized ads last year. However, it may still go through an email in specific cases where a person asks them to or for security purposes.

Email management firms Return Path and Edison Software are two of the names mentioned in the report who’ve had access to thousands of Gmail accounts. They told the publication that they had human engineers go through thousands of mails with an eye on training machine algorithms to handle the data.

As for which third-party apps have this level of access, it ranges from names like Salesforce to Microsoft Office. Anyone who’s downloaded an app and sees a permissions page asking them to allow it to read, send, delete, and manage their email is at risk.

Also See: Gmail’s massive redesign has gone live

The report also points out that it’s not just Gmail which allows third-party apps to have such access. Clearly, something needs to be done about the issue. Otherwise, this could result in a Facebook-Cambridge Analytica situation where a rogue developers gets tons of data and exploits it.

Nothing like this has reportedly happened yet, but there’s always a chance of it happening. Go here if you’d like to see which apps have access to your Gmail account and take back permissions from them.