advertisement
The relationship between tech biggies and third-party app developers seems to be taking a huge toll on users globally as it is their data that’s on the line. Ever since the Cambridge Analytica fiasco came to light, many tech companies have updated their privacy policies thanks to the GDPR and stringent cyber laws.
Still, there have been certain stones left unturned. Now Gmail has been caught in an ugly storm. According to a Wall Street Journal report, some third-party app developers had gained access to users’ data on Gmail and were able to read whatever data was available online!
Google recently came out with a rebuttal saying that it was only “vetting third-party apps and not reading the data.”
Many might believe what Google is saying, but the rabbit hole goes deeper. Here’s a closer look at this whole mess that Google has got itself in.
Every time you use applications that need a Google login, you are allowing Google access to the content available in your Gmail inbox. Information like flight tickets, shopping bills, etc are sent to your inbox which Google has access to.
Here’s is the link to see which apps have access to Gmail: https://myaccount.google.com/permissions
Google uses the same data to make the user experience better by sending you notifications of flight timings, due bills and tracks your shopping trends,etc. Although, last year Google had said that it will stop snooping on users’ data, it still continues to let third-party apps have a go at users’ Gmail inboxes.
You have to understand, Google had to collect users’ data for advertisement purposes. Now, it’s looking to promote a business model, which works on offering users paid premium services via its Google Suite (G Suite).
In a report by The Wall Street Journal, Google has been accused of letting outside software developers scan through inboxes of millions of Gmail users who had subscribed for email-based services. These services offer automated flight ticket details, shopping comparisons and other tools.
The tech giant has also been accused of doing very little to keep a vigilant eye on these computers and in some cases developers who read the users' emails.
In the report, a company by the name Return Path Inc. was seen gaining access to the inboxes of more than 2 million Google users who signed up for a free app in Return Path’s partner network using a Gmail, Microsoft Corp. or Yahoo email address.
It’s safe to say that even if humans are reading your emails, your data isn’t being used for any unethical purposes. Not according to Google at least.
According to the WSJ report, there were computers doing the scanning and analyzing about 100 million emails a day while about two years ago it was the employees at Return Path who read about 8,000 unredacted emails to help train the company’s software.
There was another case where a Gmail developer who makes a mobile app for reading and organising emails, personally reviewed the inboxes of hundreds of users to build a new feature for his app. Neither of the parties asked for the user’s permission before reading the data.
Experts say that the practice of occasionally reviewing emails is done to improve software algorithms.
Yes, there are ways in which a person can be given access to a users’ data. Google says that it is only the company’s employees who read emails in very specific cases where it has the users’ consent, or where it needs to for security purposes, such as any legal investigations.
Couple of days post this controversy, Google had released a response saying that it is very conscientious in this matter and is continuously vetting developers and their apps that integrate with Gmail before it opens to developers.
It also went on to add that Google provides both enterprise admins and individual consumers full transparency and control over how their data is used. Many at Google are seeing this as a bit of a foofaraw, but the same cannot be said about the millions of users whose data might be at risk.
Though, the report doesn’t state any unethical practice or wrong-doing from the third-party’s side, this is just an eye-opener of what’s happening with your data behind curtains.
Since Facebook has been irresponsible with its data management capabilities, this gives Google a great opportunity to mend the leaks (if any) and also it is in a much stronger position to be more active and protect users' data and respect user privacy practices. All at the expense of Facebook’s mistakes.
Most applications, services and games need access to Google or Facebook to work. Just because your data is vulnerable doesn’t mean you’ll stop using these apps, right?
The most important thing that you need to do is quickly scan the users’ data privacy policy of any internet service that you are using. Before hitting that “I Agree” button it is important to scan through what all the company will be using your data for and who all will have access to your data.
I know scanning through a company's privacy policy isn’t a cakewalk, but there’s always an easy way around it. Here’s a look at how you should read a company’s privacy policy:
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)
Published: 06 Jul 2018,05:46 PM IST