Google reportedly allows outside app developers to read people's Gmails

Kelley Robertson
July 4, 2018

Suzanne Frey, Director of Security, Trust, and Privacy for Google Cloud, said in a blog post that the goal of the third-party integration is to give users more options around how they use Gmail. The Alphabet offshoot, which did not immediately respond to a request for comment, did not disclose how many apps have Gmail access.

After the Facebook data misuse scandal hit the headlines in March, Apple was quick to point out that the iPhone maker doesn't have to sell user data because its customers aren't its product.

"Some people might consider that to be a dirty secret", says Mr. Loder. Both companies say the practice is covered by their user agreements, and that they used strict protocols for the employees who read emails. eDataSource says it previously allowed employees to read some email data but recently ended that practice to better protect user privacy. No, but third-party apps might be. Users may be giving permission to these apps in one way or another, but it may not always be clear what permission you're granting.

A new report says Google allows third-party applications to scan the emails of some Gmail users.

For example, the report said, a company called Return Path Inc. collects data for marketers "by scanning the inboxes of more than two million people who have signed up for one of the free apps in Return Path's partner network using a Gmail, Microsoft Corp. or Yahoo email address".


While these kind of apps do ask for user consent, numerous forms don't make it explicitly clear that a human will be reading through your emails, not just a machine. Developing those features isn't easy, though, and the WSJ reported that some developers read users' emails to help speed up the process.

Companies like Return Path and Edison Software lets their human engineers view the email messages to train their machine algorithms to handle the data.

"It might well be mentioned in there, but it's not what you would think of as reasonable, for a human being in a third-party company to be able to read your emails". It "flags potentially risky apps so you can revoke any previously granted permissions that you are no longer comfortable with", she wrote.

Before a published, non-Google app can access your Gmail messages, it goes through a multi-step review process at the company, it said.

The revelation comes at a bad time for Google and Gmail, the world's largest email service, with 1.4 billion users.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER