A WSJ report yesterday talked about what has remained a widely known “dirty secret” in the tech industry – the ability for third-party app developers to access your inboxes. Google had promised its users last year that it will stop reading their emails to better target them with advertising, however, it continues to give this prized access to outsiders.
While this practice has been long known, it shouldn’t take a Cambridge Anayltica-like scandal to hit Google before this access is removed. As reported yesterday, it’s not always computers and algorithms that go through your emails to target for keywords, but humans who get access to unredacted communications.
Related Things Get Serious: FBI, FTC and SEC Join the Justice Department to Investigate Facebookâs Cambridge Analytica Disclosures
The company is now responding to these fresh concerns by suggesting that we should trust its vetting system and start paying attention to permission screens.
Google responds to controversy over outside developers having access to your inboxes
“We make it possible for applications from other developers to integrate with Gmail – like email clients, trip planners and customer relationship management (CRM) systems – so that you have options around how you access and use your email,” Suzanne Frey, the director of Security, Trust, Privacy of Google Cloud, wrote.
Frey assured that these apps go through a rigorous vetting process before they are given access.
Related Facebookâs Privacy Blunders Continue – Company Reports a New Bug That Unblocked People
“We continuously work to vet developers and their apps that integrate with Gmail before we open them for general access, and we give both enterprise admins and individual consumers transparency and control over how their data is used.”
Google is right when it says it gives transparency and control to the end user. You always have the option to head over to your settings and remove access to any of the apps that have asked you for permission to read your inboxes to offer you services like email and calendar reminders. However, looking at how easily users can be tricked into giving apps access, this seems like a bet that Google shouldn’t risk taking.
In its blog post, Google is trying to portray itself as a company that isn’t like Facebook that would give access of hundreds of millions of users’ data to a random researcher. In a tone that sounds very similar to Apple’s, Google says that it doesn’t make any money by giving developers API access.
Gmail’s primary business model is to sell our paid email service to organizations as a part of G Suite. We do show ads in consumer Gmail, but those ads are not based on the content of your emails.
After the Facebook data misuse scandal hit the headlines in March, Apple was quick to point out that the iPhone maker doesn’t have to sell user data because its customers aren’t its product. Google is now taking a similar approach: we don’t get compensated by giving someone access to your data; we do that to give you more choice, as we get paid by businesses for our email services.
The company continues to justify giving this access to developers by saying that “a vibrant ecosystem of non-Google apps gives” users the choice and helps them “get the most out of” email.
“The practice of automatic processing has caused some to speculate mistakenly that Google “reads” your emails,” Google writes. “To be absolutely clear: no one at Google reads your Gmail, except in very specific cases where you ask us to and give consent, or where we need to for security purposes, such as investigating a bug or abuse.”