[ad_1]
In a blog post, Google's security director, Suzanne Frey, explains that before an application can even ask permission to read your Gmail messages, it must pass a rigorous review.
your Gmail messages, it goes through a multi-step review process that includes an automated and manual review of the developer, an evaluation of the privacy policy and the homepage of the l & # 39; application to verify that it is a legitimate application and built-in tests. he says that he does, "Frey said.
Loading
In short, developers must show that they do what they do. They tell users what they are doing, and they have to prove that they need to access e-mail to do it.The result of all this, ideally, is that the only people who have access to your email are the developers who make the services you want to use, and to whom you are happy to give access.
In reality, of course, people often flock through security prompts because they want to use the application or service immediately.And once they have finished using the service, they may not remember that they have given continuous access to the developer to read their emails.
If you want to check if the developers have permission to read yours, If you are signed in with your Google Account, you will see a tab called "Third Party Access". Here you can see which applications have access to what data, and revoke everything you like.
What does "reading" really mean?
What is the most controversial point in history WSJ is that explicitly allowing an application to "read" one's email may not realize what it means in its true measure. People are surprised to find that what they thought they were in agreement with – perhaps a disrespectful piece of software scanning their emails in a harmless way – could involve a real human reading of their doctor's appointments or their loves.
We must trust companies to be responsible with data, and when they are financially instigated to not be that can be a problem.
Security Expert Troy Hunt
Security expert Troy Hunt says that agreeing to give any application access to your email is a serious decision with Great implications for your privacy and data security, but that the possibility for another person to see your private communications is not really the part that you should be concerned about. Granting permissions like this removes your data from Google, and it may not be possible to know what it is.
"There are other third parties who have a written code that reads your email.May be analyzed for keywords, it could be sent to another third party who will read it.It is what the granting of permissions does. It really puts you in the hands of this third party, "Hunt said. "When you have someone's code that analyzes your emails, it can very quickly consume a lot of information, but we are less concerned about what computers do and more concerned about what other humans see." . "
In most cases, says Hunt, humans and the code they write are working together to crunch their data in every possible way to create and monetize their products.
" C & # 39 is the worst of both worlds "says." The code analyzes and aggregates your data, with the results transmitted to humans to read them. "
Hunt says the best thing you can do is think about it. application that you install, then think about the app permissions really needs and approves accordingly.If this is an application that controls the flashlight on your phone, for example, it will not need to 39; access your GPS.
"There is a very, very small number of applications, in the" Hunt says.
Why humans?
Of course, there are many applications that request permission from your e-mail, and many have a legitimate reason to do it. But why would a company use humans to read your emails, and how could Google agree that this access was justified to provide the advertised function of the application?
One of the developers mentioned in the story WSJ Edison Software (formerly EasilyDo), manufactures an email application that "intelligently manages" your mail from Google or a number from other suppliers. One feature is that the app will suggest responses to the emails you receive, but to develop and test this feature, the developers had to see it in action.
"Two of his artificial intelligence engineers have signed agreements to share nothing, read," says Mikael Berner, CEO of Edison, in the report WSJ "Then, working on machines that prevented them from downloading information on other devices, they were reading the personal emails of hundreds of users .User information already written – as well as the responses suggested by the system, manually indicating whether each had a meaning. "
Of course, if this appears to be a reasonable use of the data, the users whose emails were used for the exercise probably did not explicitly consent. They clicked a button to allow Edison to "read" or "manage" their email, but it is possible that they imagined these actions in the context of sorting and managing messages.
The crux of the matter
And that's really the crux of the matter. To fully understand how your data was going to be used, in this scenario, you must read and accept the permissions that Google provides when you install the application and you must search for "
" And who will do that, we know that no one will really read them, "says Hunt
" [Terms and policies] exercises, and I do not think that the fact that they are documented really makes a big difference. "
" This is due to the fact that we really have to trust that companies are responsible for the data, and when they "
Hunt says that he hopes that new regulations such as the European General Regulation on Data Protection (GDPR), which requires companies to clarify what they do with data, will make things better.
Tim is the publisher of Fairfax t
The most seen in technology
Loading
Bulletin of the morning and afternoon
Comes Mon-Fri
Source link