Third-party app developers can read emails of millions of Gmail users, confirms a report. Gmail’s access settings allow these data companies to gain access to almost all information of every Gmail user, like recipient addresses, email content, timestamps etc. The user consent forms that these companies produce do not clearly mention that it would allow humans, and not just computers, to read your emails.
Google confirms that it provides access to only vetted companies, and the vetting process involves checking for a company’s identity, its privacy policies that hide provisions to gain access to user data, and its use to the company. Google employees may also read emails, but for very specific purposes like investigating for a bug or abuse, for cybersecurity purposes, and in many other crucial conditions.
Return Path and Edison Software are such third-party giants who have had opportunities to access thousands of emails. They said that they allow their human engineers to access emails only to feed the AI algorithms with necessary training data, so as to delegate them to handle the data in future, and that would ensure security and privacy.
Even though there is no evidence of data misuse, allowing third-party apps to read private emails may pose severe problems. Google users fell victims to a phishing attack through its very own access systems via Google Docs. This attack exposed vulnerabilities in the Google’s permission system; however, Google says it has revamped the system since then.