Joe Frost* says if you have a third-party app linked to your Gmail account, its developers can gain access to your inbox and skim over your emails.
We all know the Government, our ISPs and email providers are totally spying on us, but in a (sadly probably-not-all-that) shocking revelation, third-party app developers can get into your inbox too.
Specifically, if you have a third-party app linked to your Gmail account, the developers of said apps can likely gain access to your inbox and skim over your emails.
According to a report from the Wall Street Journal, the “common” practice is a “dirty secret”.
While it’s pretty broadly accepted that emails are often scanned by algorithms as a means to better understand and service the user, the Wall Street Journal’s investigation revealed that Gmail also allows humans working for outside companies to access your correspondence, with claims people at one particular company “read about 8,000 unredacted emails to help train the company’s software”.
In a statement, Google told the Wall Street Journal that their own employees only read emails “in very specific cases where you ask us to and give consent, or where we need to for security purposes, such as investigating a bug or abuse.”
As for the third parties, the two held up as examples by the investigation — Return Path and Edison Software — have privacy policies that allow them to access their users’ emails, although neither mention that it could be humans doing the perusing.
Regardless, it was an excuse that didn’t wash with Professor Alan Woodward from the University of Surrey in the UK.
“You can spend weeks of your life reading terms and conditions,” Professor Woodward told the BBC.
“It might well be mentioned in there, but it’s not what you would think of as reasonable, for a human being in a third-party company to be able to read your emails.”
It is worth noting that Edison Software provided a statement to The Verge which read: “We have since stopped this practice and expunged all such data in order to stay consistent with our company’s commitment to achieving the highest standards possible for ensuring privacy.”
What’s more, Google said they closely vet any and all companies that are granted access to users’ accounts.
As the company pointed out to the BBC, their developer policies state: “There should be no surprises for Google users: hidden features, services, or actions that are inconsistent with the marketed purpose of your application may lead Google to suspend your ability to access Google API Services.”
As for anyone using an email service provided by another company, the investigation pointed out that most of the major providers “have left the door open to others with different oversight practices”.
So, yeah, some total stranger likely has access to your email account.
And people called Ed Snowden crazy.
* Joe Frost is a subeditor for Conversant Media.
This article first appeared at www.techly.com.au.
