Gmail warning: App developers are reading your private messages


Your private emails are being read by third-party Gmail app developers, an investigation into data privacy has revealed. 

Developers behind a number of popular online services designed to work with Gmail trawl through private messages sent and received from your email address, it claims.

It is common practice for some of these third-party app creators to instruct employees to read personal emails. 

One app, which is designed to help users manage their Gmail inbox, lets employees read ‘thousands’ of emails, the Wall Street Journal investigation found.

According to experts, this ‘dirty secret’ is now common practice among some firms.

The revelation comes just a few months after it was revealed political data firm Cambridge Analytica had siphoned private data from third-party apps on Facebook.

Scroll down for video

Third-party developers are reading people's private Gmail messages, according to an investigation (stock image)

Third-party developers are reading people’s private Gmail messages, according to an investigation (stock image)

According to the investigation into Gmail, the hugely-successful Google email client allows third-party developers to scan the inbox of anyone who installs their app.

These apps can provide additional functionality to the Gmail inbox, like the ability to compare prices from different online retailers, or quickly unsubscribe from any marketing emails sent to your address. 

The Wall Street Journal report was based on the testimonies of more than two dozen employees of companies who create services around Gmail – the most popular email service in the world, with 1.2 active monthly users.

One company involved in this practice is New York-based firm Return Path, which helps marketers drive revenue through email.

It has scanned the inbox of two million people, the report revealed.

Last year, Return Path employees trawled through 8,000 personal emails as part of an effort to train the company’s software, according to anonymous sources.

Employees at Mountain View-based Edison Software also reviewed the emails of hundreds of thousands of users while building a new feature for their mobile app, which is designed to help people organise their emails.

READ  Indonesia’s Institut Teknologi Bandung signs MoU for utilisation of science and technology in geospatial information

Neither company asked users for permission to read users’ messages but say the practice is covered by user agreements.

‘Some people might consider that to be a dirty secret,’ Thede Loder, the former technology officer at eDataSource, which provides competitive intelligence for email marketing, told the Wall Street Journal.

However, he said this type of behaviour was now ‘common practice’. 

The question of data privacy has been an increasingly important issue since Facebook’s Cambridge Analytica controversy. 

The social network allowed third-party apps to request permission to access users’ data, as well as data of all their Facebook friends.

This enabled developers to mine the private information of 87 million Facebook users, when only 270,000 people had used the service and granted permission. 

Almost anyone can build an app that connects to Gmail accounts using an application programming interface (API).

Last year Return Path employees read 8,000 emails while helping train the company's software, according to anonymous inside sources (stock image)

Last year Return Path employees read 8,000 emails while helping train the company’s software, according to anonymous inside sources (stock image)

HOW DO APPS PROVIDE ACCESS TO PRIVATE EMAILS ON GMAIL?

Hundreds of third-party developers have created online services that bring additional functionality to Gmail, the hugely-successful Google email client.

Almost anyone can build an app that connects to Gmail using the Application Programming Interface (API) supplied by Google.

These apps can provide additional functionality to the Gmail inbox, like the ability to compare prices from different online retailers, or quickly unsubscribe from any marketing emails sent to your address. 

When Gmail users sign-up for one of these third-party services, or open an app that accesses their Gmail, Google requires them to grant permission. 

If users grant permission, the app can access their inbox and can read the contents of sent and received messages.

READ  Cannabis Science and Tech Company Iaso Introduces Innovative New Products

Google does not disclose how many apps currently have access to Gmail. 

Trawling through the contents of users’ emails is useful for companies who want data on users’ shopping habits, travel itineraries and personal communications.

The practice is not illegal and is covered by user agreements, the developers claim.

However, an investigation by the Wall Street Journal discovered that developer employees say their customers are often not aware of what data is being collected and what companies are doing with it.

‘Some people might consider that to be a dirty secret,’ said Thede Loder, the former technology officer at eDataSource. 

If Gmail users open these apps a button asks for permission to access their inbox. 

If users grant permission, the app can access their inbox and can read the contents of sent and received messages. 

Google does not disclose how many apps currently have access to Gmail. 

Both Return Path and Edison have defended their actions.

‘The article mentions a specific incident at Return Path where approximately 8,000 emails were manually reviewed for classification’, wrote Matt Blumberg, founder of Reutrn Path in a blog post.

‘As anyone who knows anything about software knows, humans program software – artificial intelligence comes directly from human intelligence.

‘Any time our engineers or data scientists personally review emails in our panel (which again, is completely consistent with our policies), we take great care to limit who has access to the data’, he said.

Mr Blumbery said all data is destroyed after work on a new feature is completed.

Similarly, Mikael Berner, CEO of Edison, defended his company’s actions, but added that the practice has since been stopped.

He said the company had ‘expunged all such data in order to stay consistent with our company’s commitment to achieving the highest standards possible for ensuring privacy,’ according to Cnet.

READ  Tech Nation Tour Cambridge: Exchequer Secretary's speech

‘Our email app was mentioned in the context of our engineers having in the past the ability to read a small random sample of de-identified messages for R&D purposes.

‘This method was used to guide us in developing our Smart Reply functionality which was developed some time ago,’ he said.  

MailOnline has contacted Google for comment. 

WHAT IS THE CAMBRIDGE ANALYTICA SCANDAL?

Communications firm Cambridge Analytica has offices in London, New York, Washington, as well as Brazil and Malaysia.

The company boasts it can ‘find your voters and move them to action’ through data-driven campaigns and a team that includes data scientists and behavioural psychologists.

‘Within the United States alone, we have played a pivotal role in winning presidential races as well as congressional and state elections,’ with data on more than 230 million American voters, Cambridge Analytica claims on its website.

The company profited from a feature that meant apps could ask for permission to access your own data as well as the data of all your Facebook friends.

The data firm suspended its chief executive, Alexander Nix (pictured), after recordings emerged of him making a series of controversial claims, including boasts that Cambridge Analytica had a pivotal role in the election of Donald Trump

The data firm suspended its chief executive, Alexander Nix (pictured), after recordings emerged of him making a series of controversial claims, including boasts that Cambridge Analytica had a pivotal role in the election of Donald Trump

This meant the company was able to mine the information of 87 million Facebook users even though just 270,000 people gave them permission to do so.

This was designed to help them create software that can predict and influence voters’ choices at the ballot box.

The data firm suspended its chief executive, Alexander Nix, after recordings emerged of him making a series of controversial claims, including boasts that Cambridge Analytica had a pivotal role in the election of Donald Trump.

This information is said to have been used to help the Brexit campaign in the UK.

 





READ SOURCE

LEAVE A REPLY

Please enter your comment!
Please enter your name here