Last year, Google said that it will keep the privacy of its users paramount and would stop its computers from scanning the inboxes of Gmail users for information to personalize advertisements. However, it is continuing to let third-party app developers scan the inboxes of millions of Gmail users who sign up for email-based services
A recent Wall Street Journal research has found that Google is not doing enough to prevent those developers from reading their users’ emails, some of which even train their computers, as well as their employees for the job.
One such company is Return Path, which collects data for marketers by scanning the inboxes of more than two million people who have signed up for one of the free apps in its partner network using a Gmail, Microsoft or Yahoo email address. Its computers analyze about 100 million emails a day, while employees reading as much as 8,000 unredacted emails at one point.
Letting employees read user emails has become “common practice” for companies that collect this type of data, says Thede Loder, the former chief technology officer at eDataSource Inc., a rival to Return Path. He says engineers at eDataSource occasionally reviewed emails when building and improving software algorithms. “Some people might consider that to be a dirty secret,” says Mr. Loder. “It’s kind of reality.”
Google’s developer agreement prohibits exposing a user’s private data to anyone else “without explicit opt-in consent from that user.” Its rules also bar app developers from making permanent copies of user data and storing them in a database.
Although Return Path declined to comment on details of the incident, it did say it sometimes lets employees see emails when fixing problems with its algorithms.