Internet search giant Google is again in the crosshairs of critics and web service users for allowing third-party developers to scan and read emails from its Gmail platform, despite making a promise to "keep privacy and security paramount".
Hundreds of third-party application developers offering email-based services, according to The Wall Street Journal, are "mining" data from users' email accounts without permission. The paper added that fetched data will be used as clues about consumers which will then be sold to marketers, hedge funds, and other businesses.
Marketing company Return Path and email organization tool designer Edison Software were both mentioned in the investigation. Both firms had admitted that they using their access to improve their products and develop new features.
In 2016, Return Path reportedly gave its employees access to about 8,000 full customer emails to train the company's software. Edison, on the other hand, allowed employees to go through hundreds of email accounts to create a new "smart replies" feature.
In a statement to IBTimes India, a representative from Edison Software said:
We believe in being transparent and are sorry for any confusion this has caused. We are an email app, and as such all users understand we need access to their email when they choose to connect us to their email accounts, whether that is an iCloud, Microsoft, Yahoo or Google account. We use that access to provide our services and to build new features. We communicate that clearly and users have always had to give us explicit permission, and of course have the option to opt out of data sharing with us without degradation to their app experience.
Having said that, we developed our Smart Reply functionality some time ago and have since stopped the practice of humans at Edison reading anonymized messages to develop tech like this. We mentioned this to the WSJ, but they decided not to include that information in their story.
We will continue to put privacy first in all the things we do at Edison Software, including that we never target users for ads and prevent other companies from tracking them while they are in our app."
Since 2017, Google stopped looking over Gmail messages for privacy reasons. Google said its own employees are allowed to read emails only in "very specific cases" such as per user's consent, security purposes, bug examination, or abuse.
Following the full implementation of the new General Data Protection Regulation (GDPR) last May by the European Union and two counts of billion-dollar penalties, Google had started to treat handling of personal information on its web services as a serious matter, until this instance.
While critics believe Google should implement stricter consumer protection regulations considering the scope of access developers can get, it is also on the user's end to take responsibility of how much information they should be giving out to the developers.
For concerned Gmail users, the best way to handle the situation is to carefully examine the permission requests from app developers and if access to email contents is not something that makes one comfortable, it's better to refuse from granting access and stick to first-party email services like Gmail or Inbox by Gmail.
Gmail currently has 1.4 billion users around the world and is 25 times larger than the average users of other email service providers.