Fresh privacy concerns have been raised after it reported that third-party app developers can read the emails of millions of Gmail users.
And to make matters worse, it seems that Google employees can also read Gmail emails, but this is done on a more limited basis.
Google for its part is insisting it has done nothing wrong, but the issue is sure to raise privacy concerns about the use of their online data.
The issue came to light after the Wall Street Journal highlighted how Gmail’s access settings allows data companies and app developers to see people’s emails and view private details.
This data for example can include recipient addresses, time stamps, and even entire messages.
Criticism is being levelled at Google, as although this only happens if the user has granted consent, it is not clear from the form that it also allows humans (and not just computers) to read emails.
Google meanwhile has told The Verge that it only gives data to vetted third-party developers and with users’ explicit consent.
It is reported that Google’s vetting process involves checking whether a company’s identity is correctly represented by its app, its privacy policy states that it will monitor emails, and the data that the company is requesting makes sense for what the company does.
These ‘trusted’ companies can include email managing firms such as Return Path and Edison Software.
The WSJ apparently contacted both companies, which said they had human engineers view hundreds to thousands of email messages in order to train machine algorithms to handle the data.
And it also seems that Google staffers can read people’s emails but only in “very specific cases. This is the user has granted his or her consent, or where the company needs to do so for security purposes, such as investigating a bug or abuse,” the search engine giant told the WSJ.
The discovery will no doubt cause concern for some, especially amid a heightened sense of alarm caused by the likes of Facebook allowing firms such as Cambridge Analytica to harvest people’s data.
And there is also a question of security.
Last year for example, Google users fell victim to a phishing attack that disguised itself as a permissions request from Google Docs to gain access to user contacts using the same authorisation system.
And earlier this week it was reported that both Google and Facebook may be breaking the newly introduced General Data Protection Regulation (GDPR) with “dark patterns” that effectively trick users into choosing privacy-intrusive options, campaigners have said.
Can you protect your privacy online? Take our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…