By now, we’ve all heard how Facebook gave app developers unprecedented access to some of our most private data. But did you know that, depending on how you use your Google account, you could be allowing third parties to read your private emails?
It all has to do with what is otherwise a rather convenient feature. Rather than creating a new account, some online apps and services let you log in using your Google account. Some even create apps that integrate with your Google account to boost their functionality.
When those apps integrate with your account, they ask for various permissions. Theoretically, each app should only ask for as many Google permissions and use as much data as it needs to function correctly. What really happens, though, is that the user is asked to provide a rather broad array of account permissions. Some of them can be used to allow human developers to read your emails, even if that wasn’t what you intended.
Some app integrations, like integrated email platforms, naturally need to be able to access your emails. However, a report by the Wall Street Journal has revealed that some companies have had their engineers process users’ emails in order to improve their machine-learning marketing efforts.
Even Google warns users about the power of these settings. However, it does so deep in its settings panels in a place that few users will ever see:
“When you give an app full account access, it can see and change nearly all information in your Google Account.
But even with full access, an app can’t:
Before you give an app full account access:
Google has been criticized in the past for scanning users’ emails to gather valuable digital marketing data. The company claims to have stopped this practice in response to public outrage, but it appears that developers may now be doing the same thing. What’s more, those third-party developers may also be capable of reading individual emails.
Fortunately, there is a way to review which apps have permission to access your account and to remove the ones you don’t trust (or all of them).
Step 1: Because you can access the app permissions panel with a link, the instructions will be the same for both desktop and mobile. Simply click here to see which apps have access to your account and what they can do.
Step 2: Review the apps. Does the trust you’ve placed in the app and its developers match the permissions you’ve given that app? Do the permissions it has match the functions that the app performs? If not, you can change those settings by clicking or pressing on the offending app and then choosing “Remove Access.”