Third party app developers can read users’ messages on Gmail

Third party app developers can read users’ messages on Gmail

Third party app developers can read users' messages on Gmail

Google has warned Gmail users to stay vigilant and to review privacy policies of third party apps before subscribing to such apps as they can read user messages in real time.

Following the publication of some reports that claimed Google reads Gmail messages of users, Google published a blog post recently in which it stated that it never reads users’ emails except when a user authorises the company to do so or in cases where it needs to investigate a bug or abuse.

Third party apps reading users’ messages

However, the company said that third-party non-Google apps can read users’ Gmail messages to optimise their service and as such, users should stay vigilant and carefully review privacy policies of third party apps before subscribing to them.

“We make it possible for applications from other developers to integrate with Gmail—like email clients, trip planners and customer relationship management (CRM) systems—so that you have options around how you access and use your email,” Google said.

“Before a published, non-Google app can access your Gmail messages, it goes through a multi-step review process that includes automated and manual review of the developer, assessment of the app’s privacy policy and homepage to ensure it is a legitimate app, and in-app testing to ensure the app works as it says it does.

“Before a non-Google app is able to access your data, we show a permissions screen that clearly shows the types of data the app can access and how it can use that data. We strongly encourage you to review the permissions screen before granting access to any non-Google application,” it added.

The company added that not only can a Gmail user view and control permissions within under “Apps with account access”, but can also take advantage of Security Checkup to view all non-Google apps that have access to data and to revoke previously-granted permissions to apps that are flagged as potentially risky.

“We do not process email content to serve ads, and we are not compensated by developers for API access. Gmail’s primary business model is to sell our paid email service to organizations as a part of G Suite. We do show ads in consumer Gmail, but those ads are not based on the content of your emails,” it added.

Third-party access to emails an open secret

Commenting on the revelation that non-Google apps on Gmail can read users’ emails, Evgeny Chereshnev, CEO and founder of Biolink.Tech, told TEISS that when a user connects through third-party email applications, the application has access to all content because, technically, your connection to the email application is via the mail server where all emails are stored. So, it’s true that all third-party email applications have access to your Gmail accounts, if you connected them.

“This type of access is going to going to continue, and people need to be aware that every time they connect to, or install, a third-party application on their mobile device, they are giving rights to those applications – often without even thinking about it. These applications gain access to users’ contacts, information about the user of the phone as well as things like GPS location, so this needs to be taken very seriously.

“Now that GDPR is in force, a lot of effort needs to be taken to create awareness around cybersecurity and privacy among the general population, not just security specialists,” he added.


Facebook & Google sued to the tune of £6.7bn for violating GDPR

App developer alleges Facebook covertly carried out mass surveillance on users

Fresh phishing attack spams hundreds of Gmail accounts, gains access to contact lists

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]