[ad_1]
Third-party app developers can read emails from millions of Gmail users, a report from The Wall Street Journal highlighted today. Gmail access settings allow data companies and app developers to view users' e-mail and view private details, including recipient addresses, timestamps, and messages. integers. And although these applications must receive the consent of the user, the consent form is not entirely clear that it would allow humans – not just computers – to read your emails.
Google said The Verge only gives data to approved third-party developers and with the express consent of users. The verification process involves checking if the identity of a company is correctly represented by its application, its privacy policy states that it will monitor emails, and the data that the company requests have a meaning for what the company does. An email application, for example, should have access to Gmail. Some developers have requested access to Gmail but have not obtained authorization, although the company does not say the number.
only in "very specific cases where you ask us and give your consent, or when we need it for reasons of security, such as investigating an insect or abuse, "said the company at WSJ . it is clear that there are many applications with this access, from Salesforce and Microsoft Office to lesser known email applications. If you've ever seen a request like this when entering your Gmail account into an app, you may have allowed the app to read your email. And as reported WSJ other non-Gmail e-mail services offer third-party applications similar access, so it's not just Google that can have these problems.
:format(webp)/cdn.vox-cdn.com/uploads/chorus_badet/file/11633293/SampleApplication_new.jpg)
Image: Google
Trusted companies include the Return Path Email Management Companies and Edison Software, who have had the opportunity in the past to access thousands of email accounts. WSJ spoke to both companies, who said they saw human engineers see hundreds to thousands of emails in order to form machine algorithms to manage the data. The privacy policies of Return Path and Edison Software mention that companies will monitor emails. Yet, they do not mention that human engineers and not just machines have access.
The situation is reminiscent of the conditions that led to Facebook's Google Analytica data sharing fiasco: something that had been common practice for years – allowing third-party applications to access Facebook's data – was finally mistreated and fell under the scrutiny of the government and the public once it became well known.
Gmail compliment developers misused data, the simple fact To be able to read and read private emails seems to have to cross a confidentiality limit. And the security of this system is not clear. Last year, Google users were victims of a phishing attack that disguised itself as a Google Docs permission request to access users' contacts using the same authorization system. While Google claims to have made a lot of improvements since then, the attack has highlighted the vulnerabilities of Google 's permissions system.
We contacted Return Path, Edison Software and other third party applications for more information. If you want to see which apps have permissions on your Gmail account and revoke the ones you no longer use or which you think are suspicious, click here.
Source link
