Google Finally Adds App Privacy Labels to Gmail App

[TechieGeek]

Yeah right… they just sell the content to other companies who read it instead.

Google admits it still lets HUNDREDS of companies read your Gmail emails

GOOGLE has admitted it’s still letting companies read your emails – but no longer scans them itself. These companies are able to snoop on the sender and recipient, the time the email was sent…

www.thesun.co.uk

This article is about third-party apps that you authorize to access your emails...this is fear mongering.

You can see which third-party apps you've authorized at https://myaccount.google.com/security-checkup

 

[Williesleg]

What's crazy is they all do it.

 

[bsolar]

It could be as simple as that needing location to make sure that is you for that prompt from your IP address.

The "Coarse Location" label appears under the "Third-Party Advertising" category too, which means it's definitely not only used to prevent unauthorized access.

 

[Jason2000]

I appreciate Apple doing this but will these privacy labels really make a difference ? How many people will read these before downloading an app. And will it make a difference to the average person as long as they are not having to pay for it with actually money ? I read that Apple doesn't even verify these labels and instead relies on the dev being honest ?

 

[grantew1]

You've never logged into Gmail and gotten a "was this you at this location signing in?" It could be as simple as that needing location to make sure that is you for that prompt from your IP address. As everyone is saying the labels are vague.

I have never heard of any allegation in all the years of the Gmail app that it was tracking the location of users constantly.

Further, the Gmail app doesn't even have location permissions in its app settings either and not listed in Location Services in iOS settings.

So it may be much ado about nothing. Some common sense must be used here before the pitchforks come out.

It wouldn't be internet cool to research before the pitchforks coming out.

 

[grantew1]

I appreciate Apple doing this but will these privacy labels really make a difference ? How many people will read these before downloading an app. And will it make a difference to the average person as long as they are not having to pay for it with actually money ? I read that Apple doesn't even verify these labels and instead relies on the dev being honest ?

The people who don't read them, don't care about what's happening. Free is free to them.

 

[SuperMatt]

This article is about third-party apps that you authorize to access your emails...this is fear mongering.

You can see which third-party apps you've authorized at https://myaccount.google.com/security-checkup

No, it’s not fear-mongering. You download a free email app and give it permission to read your Google email. It’s an email program; of course it needs to read your email. What is NOT disclosed is that the company is scraping all your emails for personal info about you.

Just because I can supposedly go to some well-hidden page on Google.com to find out who is getting my info doesn’t excuse the behavior. And it’s NOT transparent when I think I’m giving an app permission to do something reasonable like catalog my emails so I can search them and read them, and it’s instead using my emails for marketing purposes.

One such firm, ReturnPath Inc., reportedly scanned the inboxes of a staggering 2million people to collect marketing data after they'd signed up for one of the free apps produced by its partners.

Not acceptable, not transparent, and clearly deceptive. This is NOT what people think they are signing up for when an email app says it needs permission to access their emails. And Google allows it, and is profiting from it.

 

[SuperMatt]

I appreciate Apple doing this but will these privacy labels really make a difference ? How many people will read these before downloading an app. And will it make a difference to the average person as long as they are not having to pay for it with actually money ? I read that Apple doesn't even verify these labels and instead relies on the dev being honest ?

True enough, but there are a lot of people who ignore actual nutrition labels on food too…. And the multiple warnings on cigarette packs. You can lead a horse to water, but you can’t make it drink.

 

[kc9hzn]

Why is an email client (Gmail) 295MB in size?
Also why does an email client need device diagnostic data, or location data? It’s an email client, not food services app (where it would use location data to find the closest store)

Diagnostic data is crash logs and the like. That’s actually very useful for developers, especially developers whose applications handle content from unknown/untrusted locations (like an email client does). That one is most likely perfectly harmless (though I suppose it could be used more maliciously, but I doubt Google’s developers are all “here, business-side, here are the latest crash logs tied to certain user accounts for advertising mining purposes”, that would probably be a bridge too far even for Google’s developers).

Location data is helpful for account protection purposes. “Did you log in from that location?” “No…, oh shoot, let me
change my password.”

As for a 300MB email client, that’s harder to defend. The reason is probably because Google probably insists on using some in-house or publicly available cross-platform GUI development tool that adds a lot of bloat (like Facebook’s React Native). That’s not necessarily objectionable from a privacy perspective, but, as a developer, I think it’s fairly indefensible. “Our toolchain is so dependent on a language that’s not suited for mobile GUI development, but we’d rather give a worse user experience than change our toolchain.”

 

[vader3d1]

Oh look at that mac users with thier pretend pitchfork. If google left out a category then you would say they are lying, they include the category then you say it's too much and creepy. It's the same users that are outrage that are using Google services. Billions of users trust Google so it's in their best interest to not damage that trust. If you have trust issues then there is the full apple ecosystem icloud and all...hahaha.

 

[vader3d1]

Why an email app needs to be tracking your location is a bit beyond me. Oh yeah, Google hawks that data, which essentially means any third party can know where you are any time, and Google makes $$$ from it. Sketchy.

There needs to be gov regulation making this kind of thing totally illegal IMHO. No reason online ads tracking the location of Americans behind their backs should even be a thing, at all. We let this get way out of hand and it needs to be reigned in ENTIRELY. As in, made totally illegal. Location tracking should be tied to product features only, and should be totally anonymous from the developer's perspective. This garbage is ridiculous.

Your are so wrong, third-party don't know you're data. Apple knows your data does that mean third-party knows when you are at all time? If I say it then it must true... right? I mean I am ignorant to think that so it must be true...

 

[Antes]

So if I route all my emails to the stock Mail app- does this at least limit some of the privacy issues? I feel like somewhere along the line you have to either download or use one google app extensively which in the end siphons all the data.

 

[kc9hzn]

I don’t think so. I have a Gmail account that I mostly use for services I’ve had for years and for account recovery purposes. I don’t use the Gmail app or Gmail on the web. I imagine Google is still running data collection on my email to display ads, even if I never see the ads.

 

[antiprotest]

Why did this take so long? Everybody already assumed that they track everything. They should have just checked all the labels and gotten it over with. I am actually surprised that they took this long and still had so many labels instead of finding ways around them or hiding them. It was just a massive waste of time then.

 

[jk1221]

The "Coarse Location" label appears under the "Third-Party Advertising" category too, which means it's definitely not only used to prevent unauthorized access.

I didn't say only but one reason for it. Knowing what city your phone is in by IP address is not exactly damning information that can be used for much of anything. Right now 99% of people are in their home cities due to COVID which is public information where you live (county property ownership, voting record, etc).

"IP based geolocation services can only provide an approximate measure of geolocation accuracy. With these services, you can obtain 95 percent to 99 percent accuracy of a user’s country. IP based geolocation services provide 55 percent to 80 percent accuracy for a user’s region or state. And they provide 50 percent to 75 percent accuracy for a user’s city."

It is also highly inaccurate and a very rough generalization of where the user is located without GPS data. A city-level idea at best, and not very accurate even at that broad of a level.

Location data is helpful for account protection purposes. “Did you log in from that location?” “No…, oh shoot, let me
change my password.”

It's really not worth the effort trying to convince people. Anyone who doesn't want to hear it won't. It's 2021 where conspiracy theories can be fact without a shred of evidence.

Oh look at that mac users with thier pretend pitchfork. If google left out a category then you would say they are lying, they include the category then you say it's too much and creepy. It's the same users that are outrage that are using Google services. Billions of users trust Google so it's in their best interest to not damage that trust. If you have trust issues then there is the full apple ecosystem icloud and all...hahaha.

Exactly. And will keep using the service, considering Gmail has 1.8 BILLION users (as of some point in 2020 that data was taken). Almost 25% of the world's population. The irony.

I appreciate Apple doing this but will these privacy labels really make a difference ? How many people will read these before downloading an app. And will it make a difference to the average person as long as they are not having to pay for it with actually money ? I read that Apple doesn't even verify these labels and instead relies on the dev being honest ?

A fraction of a fraction of a fraction of a fraction of iOS users. An inconceivably small number. It is too buried and most people simply don't scroll when downloading an app. They find it, hit download, and exit the app store.

 

[bsolar]

I didn't say only but one reason for it. Knowing what city your phone is in by IP address is not exactly damning information that can be used for much of anything. Right now 99% of people are in their home cities due to COVID which is public information where you live (county property ownership, voting record, etc).

I didn't say "only" either... but the original question was "why an email app needs to be tracking your location" and, other uses notwithstanding, the privacy labels do offer the information that it is used for third-party advertising.

 

[dk001]

No earth shattering revelations here. It's everything we all knew they were doing.
This is the price you pay for their "free" apps.

With the breadth of Google Services I would have been surprised if it was less than this.
What would be great is if Apple verified the privacy claims for each app.

 

[dk001]

"The Gmail app doesn't even have location permissions in its app settings either and not listed in Location Services in iOS settings." Go check for yourself, it is fact.


The app HAS NO LOCATION GPS ACCESS IN IOS. It's simply not there. No matter how you want to skew it. This only takes a minute amount of logical reasoning here.

From google's sown terms of service


IP rough location is likely what is going on here, nothing new. Tons of apps like your bank use that to verify you are you logging in. The Gmail app has no iOS location/GPS access; this can be verified in about 10 seconds by anyone on their device.


"Buh buh the big bad Google" is not a logical rebuttal to the facts being presented about the location being checked. That is the only point I have addressed. Not what Google is or isn't; I fully get what they do and are.

But I get it, the truth isn't sexy or fitting a certain narrative wanting to be told. Or as Adam Savage famously says: "I reject your reality and substitute my own!"

I see the location flag from Gmail (and get the confirmation notification in my backup email) any time I access one of my Gmail accounts via a new method; device, app, or browser. This is an access confirmation. You are correct about location. Thanks.

No surprises but it is humorous to see what some try to attribute to it.

 

[dk001]

This article is about third-party apps that you authorize to access your emails...this is fear mongering.

You can see which third-party apps you've authorized at https://myaccount.google.com/security-checkup

It's appalling at the number of folks that go "Arnold Dingfelder Horschak" on this topic.

 

[bsolar]

I see the location flag from Gmail (and get the confirmation notification in my backup email) any time I access one of my Gmail accounts via a new method; device, app, or browser. This is an access confirmation. You are correct about location. Thanks.

Google itself discloses that they do use Coarse Location data for Third-Party Advertising in their own submitted Privacy Labels:

 

[dk001]

Google itself discloses that they do use Coarse Location data for Third-Party Advertising in their own submitted Privacy Labels:

View attachment 1734243

Think about that though.
If I am in a hotel accessing Gmail in a business center, or on my phone, or.... it pings off the IP for the area - targeted advertising at best. When I am at home in Cali on my work computer Google thinks I am in NJ.

 

[bsolar]

If I am in a hotel accessing Gmail in a business center, or on my phone, or.... it pings off the IP for the area - targeted advertising at best. When I am at home in Cali on my work computer Google thinks I am in NJ.

Even just the coarse location is worth something for better targeted ads. Whether it's invasive enough to be concerned about privacy is a personal matter, but that's the point of the Privacy Labels: to disclose and allow the user to quickly evaluate and decide.

About your work computer being detected as in NJ, it might be due to your Internet traffic being routed through a company VPN. You can get a similar result privately by using one of the many VPN offers available.

 

[dk001]

Even just the coarse location is worth something for better targeted ads. Whether it's invasive enough to be concerned about privacy is a personal matter, but that's the point of the Privacy Labels: to disclose and allow the user to quickly evaluate and decide.

About your work computer being detected as in NJ, it might be due to your Internet traffic being routed through a company VPN. You can get a similar result privately by using one of the many VPN offers available.

True and yes.
If I am in San Fran I would prefer ads be relevant.

 

[jk1221]

Even just the coarse location is worth something for better targeted ads. Whether it's invasive enough to be concerned about privacy is a personal matter, but that's the point of the Privacy Labels: to disclose and allow the user to quickly evaluate and decide.

About your work computer being detected as in NJ, it might be due to your Internet traffic being routed through a company VPN. You can get a similar result privately by using one of the many VPN offers available.

Right, but there is the issue. People see "location" and lights go off. It is not specific enough at first glance. It just says location until you click into the full details. And then understand course vs precise location.

People are going to jump to "da big bad Goggles tracking me" like some here have without an ounce of thought.

The labels are a good start, but still too confusing for most people. Hell even tech nerds here cant figure out what some mean exactly.

I personally don't care if I get an ad for a local pizza joint or a local company if I'm getting ads anyway. It's better than something random and irrelevant like women's clothing, boner pills, etc. Which f you're using Google search like 99% of the world your account is serving you regardless.

I don't find course location so offensive.

 

[katbel]

Is it Google snooping not only how you use their apps or out on your iPhone too?
Do they have the ability to sniff around with everything you do?
Same question for all the other apps.
Identifiers: your iPhone serial number for example?