Tech Developers Reveal Google’s ‘Dirty Secret,’ Engineers Scanning Emails

Software developers working with internet giant Google have been given the ability to read Gmail users’ emails, according to a report in The Wall Street Journal.

The report already has led to a lawsuit being filed against the company, according to the Courthouse News Service.

“Despite its representations to its users regarding the security and privacy of their Gmail messages, Google gave hundreds of third-party developers — like marketing and data-mining firms — privileged access to its users’ inboxes,” James and Michael Coyne of Ohio say in a class-action complaint filed Thursday in U.S. District Court in San Jose, California. “Such access allowed the developers’ employees to surreptitiously read Gmail user emails.”

The Journal report said not only do computers scan inboxes to determine trends in what users read, humans have been poking around as well.

Giving employees access to emails that users don’t know another human is reading is “common practice” for companies that collect this type of data, said Thede Loder, a former chief technology officer at eDataSource Inc. He said the practice was common when developing software algorithms.

TRENDING: Fact Check: Did Brett Kavanaugh Really Say the President is Above the Law?

“Some people might consider that to be a dirty secret. It’s kind of reality,” he said.

The Journal report said employees of Return Path Inc. browsed through about 8,000 emails while developing software. It also said employees of Edison Software scanned emails from hundreds of users.

The Journal report said there has been no evidence that user information was used inappropriately.

Google said in a statement to The Journal that its employees examine emails only “in very specific cases where you ask us to and give consent, or where we need to for security purposes, such as investigating a bug or abuse.”

Is what Google allowed an invasion of privacy?

As reported by the Silicon Valley Business Journal, Google tells users they are in control of who reads what.

“We’ll share personal information outside of Google when we have your consent,” the Google privacy policy reads. “For example, if you use Google Home to request a ride from a ride-sharing service, we’ll get your permission before sharing your address with that service. We’ll ask for your explicit consent to share any sensitive personal information.”

In its reporting on The Journal’s story, The Verge said it was told by Google that the only software developers allowed to read emails are those who have been thoroughly vetted by Google.

The site also published a statement from Edison Software indicating it has stopped reading emails.

“We have since stopped this practice and expunged all such data in order to stay consistent with our company’s commitment to achieving the highest standards possible for ensuring privacy,” the statement said.

RELATED: Privacy and Prosperity: European Union’s GDPR Attempts Difficult Balancing Act

Google also tried to calm the waters.

” … before a published, non-Google app can access your Gmail messages, it goes through a multi-step review process that includes automated and manual review of the developer, assessment of the app’s privacy policy and homepage to ensure it is a legitimate app, and in-app testing to ensure the app works as it says it does,” Suzanne Frey, director of security, trust and privacy for Google Cloud, wrote in a blog post.

“The practice of automatic processing has caused some to speculate mistakenly that Google ‘reads’ your emails,” she wrote, referring to the privacy policy to explain that this does not happen.

Facebook has greatly reduced the distribution of our stories in our readers’ newsfeeds and is instead promoting mainstream media sources. When you share to your friends, however, you greatly help distribute our content. Please take a moment and consider sharing this article with your friends and family. Thank you.


To Top