Google Says It Continues to Allow Apps to Scan Data From Gmail Accounts

Google Says It Continues to Allow Apps to Scan Data From Gmail Accounts

Lawmakers had asked company to explain policy in wake of WSJ report

In a letter to senators, a top Google official said the company allows app developers to scan Gmail accounts, even though Google itself stopped the practice for the purpose of ad targeting last year.

By John D. McKinnon and Douglas MacMillan Updated Sept. 20, 2018 12:27 p.m. ET

WASHINGTON—Google Inc. told lawmakers it continues to allow other companies to scan and share data from Gmail accounts, responding to questions raised on Capitol Hill about privacy and potential misuse of the information contained in users’ emails.

In a letter to senators, a top Google official said the company allows app developers to scan Gmail accounts, even though Google itself stopped the practice for the purpose of ad targeting last year. The company also disclosed that app developers generally are free to share the data with others, as long as Google determines that their privacy policies adequately disclose potential uses.

“Developers may share data with third parties so long as they are transparent with the users about how they are using the data,” Susan Molinari, the company’s vice president for public policy and government affairs for the Americas, wrote in the letter. She added that the company, a unit of Alphabet Inc., makes sure the relevant privacy policy is “easily accessible to users to review before deciding whether to grant access.”

Using software tools provided by Gmail and other email services, outside app developers can access information about what products people buy, where they travel and which friends and colleagues they interact with the most. In some cases, employees at these app companies have read people’s actual emails in order to improve their software algorithms.

Google’s letter, received by lawmakers in July, came in response to written questions from several lawmakers, including Commerce Committee Chairman John Thune (R., S.D.), following a Wall Street Journal report detailing how app developers frequently gain access to the contents of users’ Gmail accounts.

Google’s letter likely will provide fodder for what could be a contentious Commerce Committee hearing Wednesday on data privacy practices of other internet platforms, as well as some telecommunications firms.

In the letter, the company outlined the steps it takes to vet third-party email apps, including manually reviewing privacy policies and using computer tools to detect any significant changes to the behavior of the apps.

A Google spokesman said the company has no comment beyond the letter it provided to Congress.

​Lawmakers have expressed concerns about tech giants including Google, Facebook Inc. and Twitter Inc. on a range of issues such as privacy and manipulation by foreign actors. In particular, Facebook has come in for tough criticism following disclosures that data of millions of its users found its way to Cambridge Analytica, a data firm that worked for President Trump’s 2016 campaign.

The latest disclosure echoes recent concerns about software developers sharing data from users of Facebook, and shows that “the privacy policy model is simply broken beyond repair,” said Marc Rotenberg, president of the Electronic Privacy Information Center, a nonprofit research group. “There is simply no way that Gmail users could imagine that their personal data would be transferred to third parties.”

Google and other email providers have permitted hundreds of third-party apps to collect data with the permission of users. They often perform useful tasks, like tracking shopping receipts and planning travel itineraries, by analyzing the billions of emails that arrive in inboxes every day.

Some of those apps share email data with partners, who use it to understand the behavior of users and improve their ability to target ads to them. When users sign up to Earny, a tool that compares receipts in inboxes to prices across the web, their inboxes are also scanned by the computers of a different company, Return Path Inc., which collects data for marketers.

Google’s statement to Congress suggests that the company is fine with arrangements like these, as long as Earny tells users what is happening with their data. Return Path and Earny have both said they give users clear notice about the email monitoring. Earny’s privacy policy states that Return Path would “have access to your information and will be permitted to use that information according to their own privacy policy.”

Google didn’t address some questions in the senators’ letter, including a request to list all of the times Google has suspended an email app for not complying with its rules, and a list of detailed instances in which an app has shared data with a third party.

The company has drawn criticism from members of Congress on both sides of the aisle, who say the company has failed to address their questions. Google parent Alphabet declined to send Chief Executive Larry Page to appear at a Senate Intelligence Committee hearing earlier this month, where lawmakers grilled Facebook Chief Operating Officer Sheryl Sandberg and Twitter CEO Jack Dorsey about issues including Russian meddling, online privacy and political bias on tech platforms.

Next Wednesday’s Commerce Committee hearing will feature privacy officials from Google as well as Apple Inc., Inc., Twitter, AT&T Inc. and Charter Communications Inc.

Sen. Mark Warner of Virginia, the Intelligence Committee’s top Democrat, recently asked Google to explain why it’s developing a censored search engine for China. He said the company’s response failed to provide “any information” about the plan.

“I am truly disappointed with Google’s response,” Sen. Warner said in a statement earlier this month. “I believe Google should be more up front about this fundamental issue of public accountability.”


Popular posts from this blog

Report: World’s 1st remote brain surgery via 5G network performed in China

Visualizing The Power Of The World's Supercomputers

BMW traps alleged thief by remotely locking him in car