Third-party app developers can read the emails of millions of Gmail users, a report from Wall Street Journal highlighted today. Gmail access settings allow data companies and app developers to view people's email and view private details, including recipient addresses, timestamps, and entire messages. And while these programs need to get the user's consent, consent is not clear that it would allow people – and not just computers – to read your emails.
Still, it is clear that there are many apps with this approach, from Salesforce and Microsoft Office to lesser known email applications. If you've ever seen a request like the one below when you enter your Gmail account in an app, you may have granted the app permission to read your email. And as WSJ reports, other email services in addition to Gmail, third-party applications provide equal access, so it's not only Google that may have these issues.
The situation is reminded of the conditions that led to Facebook's Cambridge Analytica data sharing failure: something that was common practice for many years – allowing third party app access to Facebook data – was eventually abused and fell under public and public control when it became known .
Although there is no evidence that third-party Gmail add-ons have misused data, just being able to view and read. Private email messages seem like crossing a privacy limit. And it is not clear how secure this system really is; Last year, Google users were exposed to a phishing attack that was hidden as a permission request from Google Docs to access user contacts using the same authorization system. Although Google says it has made a number of improvements since then, the attack attacked vulnerabilities in Google's licensing system.
We have come to the return route, Edison software and other popular third party apps for more information. If you want to see which apps have permissions for your Gmail account and revoke those you no longer use, or look suspicious, click here.