After that report from the Wall Street Journal saying that Google is giving 3rd party apps access to your Gmail inbox, we of course expected the tech giant to respond. They did not deny of course that this is happening since it is after all part of the information exchange among them, the developer, and the user itself. But what they gave us is an explanation of their app developer vetting process and a reminder that the user can actually control what information they give these services. Well, at least on paper.
Google is also reminding users that they have the control over their data and what they share with the developers of the apps that they use. Whenever a non-Google app is requesting access to your information, you see a permissions screen where all the types of data that need to be accessed are listed and how they’ll use that data. Oftentimes, we just don’t read through it, but if you’re one of those who got bothered by the WSJ article, then you should probably review this screen before saying yes or no when using a 3rd-party app.
Google also has data controls made easier to access and use if you want to change things any time you want to. The Security Checkup page actually shows you all the non-Google apps that have access to your data. It will also tell you “potentially risky” apps so that you can revoke permissions if you need to. If you are part of an organization that uses G Suites, your admins also have access to tools to control what data non-Google apps can have access to.
At the end of the day, while Gmail has removed the practice of scanning through your emails to give you targeted advertising, they do still “conduct automatic processing of emails” to give you other features like Smart Reply. But they’re clarifying that Google doesn’t read your emails except during certain instances where you give them access to it or for security purposes (investigating abuse or a bug). Whether or not you trust them that they’re only reading it during those circumstances, that is between you and your Gmail.