Google Admits Allowing Third Party Developers To Share Gmail Account Data

Google Allows Third Party Developers To Share Gmail Data
David Paul Morris / Getty Images

Google announced last year that it will stop scanning people’s Gmail emails for keywords that may be used to target ads at them. A Wall Street Journal report in early July, however, showed that the company still allows third-party services to access people’s Gmail accounts.

The report prompted U.S. lawmakers to send Google a letter asking information about the company’s practice of allowing third-party app developers to access Gmail users’ data.

The search giant replied to the questions in a letter sent in July and addressed to lawmakers, who include Senator John Thune, the South Dakota Republican who chairs the Senate Commerce Committee

On it, Google admitted that it continues to give third party access to Gmail accounts and that it allows developers to share the data they find from these accounts with other third parties.

Google’s VP of public policy and government affairs Susan Molinari nonetheless said that the access is restricted. She explained that before a developer can access the data of a Gmail user, it must first obtain consent from the user.

She said that these developers also need a privacy policy explaining how the data will be used and that the developers are allowed to share the data they have accessed provided there is transparency about this.

Gmail Data Shared By Third Party Developers
  Steve Buissinne / Pixabay

“Developers may share data with third parties so long as they are transparent with the users about how they are using the data,” said Molinari in the letter published by The Hill on Thursday.

The company also noted that it has a process for identifying apps that misrepresent themselves or are not transparent about how they use personal data.

In a July 3 blog post, Google revealed the kinds of third-party services that it allows to plug into Gmail. These include trip planners, email clients, and customer relationship management systems.

These services typically read emails in an automated manner, albeit humans sometimes read them as well. Users have to actively give permission to these apps to access their account and they can also revoke this permission later.

“Before a non-Google app is able to access your data, we show a permissions screen that clearly shows the types of data the app can access and how it can use that data,” the post on Google blog reads.

Privacy officials from Google, as well as those from Amazon, Twitter, Apple, AT&T, and Charter Communications, are set to speak in front of the Senate Commerce Committee on Wednesday.