Google clarifies Gmail app privacy

Following a Wall Street Journal report that Google allows outside software developers to scan the inboxes of users who had signed up for Gmail-integrated services, Google has published a blog post outlining how it works with third-party developers, and how users can review which outside parties have access to their Google account.

Third-party apps must "accurately represent themselves" and "only request relevant data" to meet Google’s requirements, said the post, written by Suzanne Frey, director of security, trust and privacy for Google Cloud. The company’s review process to vet third parties includes automated and manual reviews, assessment of an app’s privacy policy and homepage, and in-app testing, it said.

Users have long had the ability to manage their information using Google’s data controls, the company added. "We strongly encourage you to review the permissions screen before granting access to any non-Google application."

Google said last year it would stop scanning the contents of individual Gmail users for advertising purposes. This week, the company moved to clarify how Google itself treats user data, saying: "The practice of automatic processing has caused some to speculate mistakenly that Google ‘reads’ your emails. To be absolutely clear: no one at Google reads your Gmail, except in very specific cases where you ask us to and give consent, or where we need to for security purposes, such as investigating a bug or abuse."