Google Says It Continues to Allow Apps to Scan Data From Gmail Accounts
Google Says It Continues to Allow Apps to Scan Data From
Gmail Accounts
Lawmakers had asked company to explain policy in wake of
WSJ report
In a letter to senators, a top Google official said the
company allows app developers to scan Gmail accounts, even though Google itself
stopped the practice for the purpose of ad targeting last year.
By John D. McKinnon and Douglas MacMillan Updated Sept.
20, 2018 12:27 p.m. ET
WASHINGTON—Google Inc. told lawmakers it continues to
allow other companies to scan and share data from Gmail accounts, responding to
questions raised on Capitol Hill about privacy and potential misuse of the
information contained in users’ emails.
In a letter to senators, a top Google official said the
company allows app developers to scan Gmail accounts, even though Google itself
stopped the practice for the purpose of ad targeting last year. The company
also disclosed that app developers generally are free to share the data with
others, as long as Google determines that their privacy policies adequately
disclose potential uses.
“Developers may share data with third parties so long as
they are transparent with the users about how they are using the data,” Susan
Molinari, the company’s vice president for public policy and government affairs
for the Americas, wrote in the letter. She added that the company, a unit of
Alphabet Inc., makes sure the relevant privacy policy is “easily accessible to
users to review before deciding whether to grant access.”
Using software tools provided by Gmail and other email
services, outside app developers can access information about what products
people buy, where they travel and which friends and colleagues they interact
with the most. In some cases, employees at these app companies have read
people’s actual emails in order to improve their software algorithms.
Google’s letter, received by lawmakers in July, came in
response to written questions from several lawmakers, including Commerce
Committee Chairman John Thune (R., S.D.), following a Wall Street Journal
report detailing how app developers frequently gain access to the contents of
users’ Gmail accounts.
Google’s letter likely will provide fodder for what could
be a contentious Commerce Committee hearing Wednesday on data privacy practices
of other internet platforms, as well as some telecommunications firms.
In the letter, the company outlined the steps it takes to
vet third-party email apps, including manually reviewing privacy policies and
using computer tools to detect any significant changes to the behavior of the
apps.
A Google spokesman said the company has no comment beyond
the letter it provided to Congress.
Lawmakers have expressed concerns about tech giants
including Google, Facebook Inc. and Twitter Inc. on a range of issues such as
privacy and manipulation by foreign actors. In particular, Facebook has come in
for tough criticism following disclosures that data of millions of its users
found its way to Cambridge Analytica, a data firm that worked for President
Trump’s 2016 campaign.
The latest disclosure echoes recent concerns about
software developers sharing data from users of Facebook, and shows that “the
privacy policy model is simply broken beyond repair,” said Marc Rotenberg,
president of the Electronic Privacy Information Center, a nonprofit research
group. “There is simply no way that Gmail users could imagine that their
personal data would be transferred to third parties.”
Google and other email providers have permitted hundreds
of third-party apps to collect data with the permission of users. They often
perform useful tasks, like tracking shopping receipts and planning travel
itineraries, by analyzing the billions of emails that arrive in inboxes every
day.
Some of those apps share email data with partners, who
use it to understand the behavior of users and improve their ability to target
ads to them. When users sign up to Earny, a tool that compares receipts in
inboxes to prices across the web, their inboxes are also scanned by the
computers of a different company, Return Path Inc., which collects data for
marketers.
Google’s statement to Congress suggests that the company
is fine with arrangements like these, as long as Earny tells users what is
happening with their data. Return Path and Earny have both said they give users
clear notice about the email monitoring. Earny’s privacy policy states that
Return Path would “have access to your information and will be permitted to use
that information according to their own privacy policy.”
Google didn’t address some questions in the senators’
letter, including a request to list all of the times Google has suspended an
email app for not complying with its rules, and a list of detailed instances in
which an app has shared data with a third party.
The company has drawn criticism from members of Congress
on both sides of the aisle, who say the company has failed to address their
questions. Google parent Alphabet declined to send Chief Executive Larry Page
to appear at a Senate Intelligence Committee hearing earlier this month, where
lawmakers grilled Facebook Chief Operating Officer Sheryl Sandberg and Twitter
CEO Jack Dorsey about issues including Russian meddling, online privacy and
political bias on tech platforms.
Next Wednesday’s Commerce Committee hearing will feature
privacy officials from Google as well as Apple Inc., Amazon.com Inc., Twitter,
AT&T Inc. and Charter Communications Inc.
Sen. Mark Warner of Virginia, the Intelligence
Committee’s top Democrat, recently asked Google to explain why it’s developing
a censored search engine for China. He said the company’s response failed to
provide “any information” about the plan.
“I am truly disappointed with Google’s response,” Sen.
Warner said in a statement earlier this month. “I believe Google should be more
up front about this fundamental issue of public accountability.”
Comments
Post a Comment