[ad_1]
Another week, another hubbub of data privacy. A report from Wall Street Journal reveals that third-party developers have read emails from Gmail users. According to the WSJ a number of companies admit that their engineers have read thousands of emails for reasons such as the formation of machine learning systems.
The controversy comes from applications – such as third-party email clients and CRM software – that require access to Gmail accounts. These integrations provide users with a wide range of additional features, but with the scandal of Facebook and Cambridge Analytica data pushing data sharing into the public consciousness, it was only a matter of time before Google would be examined more closely.
Google Cloud security, trust and privacy indirectly addressed some of the conclusions of the WSJ report and its response is interesting in terms of what it says and how what she does not say. 19659002] Entitled "Guaranteeing Your Security and Your Privacy in Gmail," the blog makes no reference to specific claims of confidentiality of the data, so anyone who missed the WSJ report would probably wonder why the problem was
What Frey says is that Google developers who request access to your Gmail messages must undergo a heavy validation process. She explains that approval involves two fundamental requirements: applications must accurately represent themselves and be clear about how they use the data, and they must only request relevant data.
"We are looking at non-Google applications to make sure that they" Frey does not claim, however, that third-party developers are explicitly prohibited from reading your emails. And once access to the API granted, it would be difficult for Google to control such a policy anyway. A quick glance at Google's guidelines on development policies reveals no statement about the developer's right to read user emails, although this activity is explicitly disclosed in the developer's privacy policy (which any Gmail user will obviously read …
It is true that Google requires the consent of the user for third party access via authorization screens, but, alas, many people click probably on "Permit" without really appreciating what they give permission of course, if you've learned anything from recent data privacy tricks, you should now be able to read everything before you consent. "
" Before an application other than Google can access your data, we display a permissions screen that clearly indicates the types of data that the & # 39; application can access and how it can access your data. use this data, "added Frey." We strongly encourage you to check the permissions screen before granting access to any application other than Google. "
Above: Permissions Gmail
But these permissions do not really allow to understand that human eyes, algorithm, can actually read your emails.There is no specific permission request that states: " An engineer from our company can read your emails from time to time "an omission that raises questions as to whether the user's consent is fully informed."
Recalls Cambridge Debacle Analytica, where Facebook has allowed users' data to be accessed for a reason, and the data has been exploited for more harmful purposes, it is simply impossible to know for sure how data from Gmail users is to genuinely
There is nothing to indicate that Google has given access to user emails to third parties. But the very fact that users' private messages can be read by a heap of unknowns, a practice we now know, is all the more remarkable in the light of data privacy scandals elsewhere. .
apparently does not dispute the claim that third-party developers are reading your emails, the company is absolutely adamant that no one to Google itself, and Frey reminded us that last year, the company did not does not even serve ads based on the content of your emails. "To be perfectly clear: no one at Google reads your Gmail except in very specific cases where you ask us and give your consent, or for security reasons, such as investigating a bug or abuse," says Frey . 19659002] Although Google did not specifically mention the WSJ report in its thinly veiled answer yesterday, it is clear that the company says: You can trust us because we strongly subject developers third parties – who can read your e-mails – and you have all given us permission to do so anyway.
Source link
