Gmail confirms private Gmail messages can be read by third parties

Google reassures users it's secure and within their best interests

Google has responded to The Wall Street Journal highlighting how common it is for third-party developers to view user Gmail messages.

The publication had previously reported that Google has a "dirty secret" by allowing developers to sift through Gmail due to users granting permission for third parties to do so.

Google said it makes it possible for applications from other developers to integrate with Gmail, such as email clients, trip planners and customer relationship management systems so that users have options around how they access and use email.

As a result of this, private messages in Gmail can be read not only by third-party systems but also by humans not intended to be the recipients of such emails.

The search giant stressed that it continuously works to vet developers and their apps that integrate with Gmail before it opens up them for general access. It said it also provides both enterprise admins and individual consumers transparency and control over how their data is used.

"A vibrant ecosystem of non-Google apps gives you choice and helps you get the most out of your email," said Suzanne Frey, Google Cloud's director of security, trust and privacy.

"However, before a published, non-Google app can access your Gmail messages, it goes through a multi-step review process that includes automated and manual review of the developer, assessment of the app's privacy policy and homepage to ensure it is a legitimate app, and in-app testing to ensure the app works as it says it does."

In order to pass Google's review process, non-Google apps must meet two key requirements. Firstly, apps should not misrepresent their identity and must be clear about how they are using your data and secondly, they must only request relevant data they need for their specific function, nothing more, and be clear about how they are using it.

The WSJ story did not unearth any wrongdoing from third-party apps or services using Gmail, but it has shone a light on a previously discreet industry practice that is under heavier scrutiny since Facebook's Cambridge Analytica data privacy scandal.

Google is now taking steps to actively defend its own data management and user privacy practices to convince users and businesses that is a responsible steward of sensitive user data.

Picture: Shutterstock

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

IT security awareness and training firm KnowBe4 acquires MediaPRO
Acquisition

IT security awareness and training firm KnowBe4 acquires MediaPRO

3 Mar 2021
High-risk email security threats increased by 32% last year
phishing

High-risk email security threats increased by 32% last year

3 Mar 2021
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

3 Mar 2021
Microsoft Exchange targeted by China-linked hackers
zero-day exploit

Microsoft Exchange targeted by China-linked hackers

3 Mar 2021

Most Popular

Star Alliance passenger data stolen in SITA data breach
data breaches

Star Alliance passenger data stolen in SITA data breach

5 Mar 2021
I went shopping at Amazon’s till-less supermarket so that you don’t have to
automation

I went shopping at Amazon’s till-less supermarket so that you don’t have to

5 Mar 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021