Are any of our online activities private anymore? That’s the question many people asked after news broke that third-party developers read portions of Gmail messages — and sometimes entire conversations.
This practice affects millions of inboxes — and people who signed up to get service-related emails such as automated travel planning information or material about daily deals were particularly at risk of having their privacy violated in ways they didn’t expect.
One insider said that such practices are common in the tech industry and Google has confirmed they aren’t against the company’s rules. But why are they allowed in the first place?
Reading Emails to Develop a New Feature or Target Users
Edison Software is one of the companies identified here that lets humans read content in Gmail inboxes. It reportedly did so to develop a “smart reply” feature but has revealed it discontinued the practice and got rid of the associated data.
Return Path is another company that read thousands of emails last year while creating an app that analyzes users’ inboxes and pulls data marketers can use. A representative from that company said it took the proper precautions to restrict access to the material retrieved from Gmail inboxes and oversaw the people who pored over that information.
You May Be Granting Permission Without Realizing It
If you’ve ever connected a third-party app to your Gmail account, you might remember a permissions dialogue box that appeared and asked you to allow the app to access things like your contacts and calendar. In some cases, those apps also request permission to read, send, delete and manage your email.
There are a few problems with that reality. The first is that people often don’t carefully check what they agree to when consenting to terms and conditions. Edison Software and Return Path both had sections in their privacy policies that mentioned they would monitor emails.
However, many people likely just confirmed the permissions in Gmail and didn’t take the extra step of going to the third-party site to check out the privacy details published there.
Plus, concerning email monitoring, it’s likely people assumed machines would be taking care of the task, not fellow humans. The companies involved did not explicitly get in touch with users before reading their emails because the respective privacy policies gave blanket permission.
Two Ways to Disallow Developer Permissions
You might feel powerless after reading about how developers could have read your emails. Perhaps you’ve even pondered deleting your Gmail account during the backlash. Fortunately, you don’t have to stay in the dark regarding the information Gmail has about you — or, most importantly, in this case, the permissions you gave third-party developers.
Google has a “My Activity” portal that shows all the information the company tracks and stores about you. It also allows you to check out ad settings and location or device histories and see records of every website you’ve visited and YouTube video you’ve watched.
Similarly, Google’s Security Checkup page allows you to see all third-party apps with access to your Gmail data and separates them into high-risk and low-risk categories. Disallowing access is as simple as clicking the “Remove Access” button associated with each app.
You can also go to your Google account settings and revoke developer permissions there. Find the “Apps With Account Access” link under the Sign-In & Security menu on the left side of the screen. Proceed to click the “Manage Apps” button to tweak your permissions as desired.
Google Can Read Your Emails, Too
This recent development centered on third-party app developers. When responding to the issue, Google clarified that those entities get vetted and must pass an approval check. Additionally, they cannot read emails if the app they’re developing doesn’t relate to email.
A Google representative also said that Google representatives do not read users emails. However, information immediately following that statement specified that Google workers could, in fact, read your emails in specific cases, such as when it’s necessary to do so for security purposes or after getting permission from the people in question.
Notably, the blog post published by Google about this matter doesn’t specify that the company gets permission in the former instance, which might understandably cause you to have further doubts.
Is It Safe to Use Gmail?
Knowing what you do now might make you resistant to using Gmail even after checking the developer permission specifics. However, it’s important to keep a balanced perspective and remember that Gmail has features rarely offered by other providers.
One of them is a confidential mode that lets senders set expiration dates for messages, and it’s available to anyone with the most current version of Gmail.
Users can also opt for Advanced Protection, which safeguards people with personal Gmail accounts from targeted attacks via physical keys used within the two-step authentication process. It’s geared towards people who are activists, journalists or in abusive relationships, for example.
Let Information Empower You
The news of third-party developers potentially reading your emails is undoubtedly concerning. Fortunately, you now know how to check permissions you’ve granted and remove them if that’s preferable. It’s also wise to be especially careful before agreeing to terms and conditions to know what you allow when linking an app.