By now, we’ve all heard how Facebook gave app developers unprecedented access to some of our most private data. But did you know that, depending on how you use your Google account, you could be allowing third parties to read your private emails?It all has to do with what is otherwise a rather convenient feature. Rather than creating a new account, some online apps and services let you log in using your Google account. Some even create apps that integrate with your Google account to boost their functionality. When those apps integrate with your account, they ask for various permissions. Theoretically, each app should only ask for as many Google permissions and use as much data as it needs to function correctly. What really happens, though, is that the user is asked to provide a rather broad array of account permissions. Some of them can be used to allow human developers to read your emails, even if that wasn’t what you intended. Some app integrations, like integrated email platforms, naturally need to be able to access your emails. However, a report by the Wall Street Journal has revealed that some companies have had their engineers process users’ emails in order to improve their machine-learning marketing efforts. Even Google warns users about the power of these settings. However, it does so deep in its settings panels in a place that few users will ever see: “When you give an app full account access, it can see and change nearly all information in your Google Account. But even with full access, an app can’t:
- Change your password
- Delete your account
- Use Google Pay to send, request, and receive money
- Make sure the app is installed on your computer, phone, or tablet.
- Make sure you trust the app.”