Gmail Privacy Fears Emerge Over Third-Party Apps

Google is at the center of a new privacy storm after it was revealed that third-party app developers can read the content of Gmail users’ emails.

This “dirty secret,” as one source described it to the Wall Street Journal, affects users who choose to link their Gmail accounts to third-party applications for things like travel or shopping.

In so doing they’re asked to grant permissions for the app to “Read, send, delete and manage your email.”

However, many users may not be aware that human eyes are perusing their personal emails as well as computer algorithms. 

The report claimed that in the case of marketing app Return Path, employees of the company read around 8000 Gmail users’ emails to help develop the app. Email management app developer Edison Software also allowed its employees to read “thousands” of emails to hone the Smart Reply feature.

For its part, Google claimed to have strictly vetted those firms allowed access to users’ emails and said users are asked explicitly for their permission to do so, consistent with its policies.

However, when it comes to third-party apps, user privacy has become a major issue following the Cambridge Analytica scandal in which the details of 87m Facebook users were sold by an app developer for use in targeted political advertising.

The social network changed a policy in 2015 which allowed third party developers to access the data of app users’ friends.

Evgeny Chereshnev, CEO of privacy firm Biolink.Tech, claimed that the GDPR demands organizations improve awareness among users around how their data is being used.

“This type of access is going to going to continue, and people need to be aware that every time they connect to, or install, a third-party application on their mobile device, they are giving rights to those applications – often without even thinking about it,” he added.

“These applications gain access to users’ contacts, information about the user of the phone as well as things like GPS location, so this needs to be taken very seriously.”

 

via:  infosecurity-magazine


Save pagePDF pageEmail pagePrint page

One Response

  1. Marbry Hardin says:

    So you agree to “Read, send, delete and manage your email.”, but somehow think that doesn’t mean “Read, send, delete and manage your email.”

    Unless you want to take in-depth precautions, you can assume that anything you do online, or on a connected machine, has the potential to become public knowledge. The tools that enable this awesome degree of data sharing and communication, through design, subterfuge or mis-configuration have the potential for exposure rather than security.

    And your cell phone is eavesdropping on your conversations. Film at 11:00.

Leave a Reply

Your email address will not be published. Required fields are marked *