Some Third-Party Email Apps Let Employees Read User Emails

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Jul 2, 2018.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Some third-party email providers that work with services like Gmail are letting their employees read customer emails to create new and optimized software tools, according to an article warning about third-party email apps and services published today by The Wall Street Journal.

    Return Path, a service for email marketers that has 163 app partners, two years ago allowed its employees to read approximately 8,000 full customer emails to train the company's software.

    [​IMG]

    Similarly, Edison Software, a company that makes the Edison Mail app for iOS, had employees read the emails of hundreds of users to craft a new "smart replies" feature.

    According to The Wall Street Journal, neither company asked users for specific permission to read their emails, but have said the practice is covered in their user agreements. Employees who read the emails were governed by "strict protocols," and in Edison's case, user information was redacted.

    Edison, Return Path, and other third-party email services also use computer scanning to analyze emails, a common practice. For its article, The Wall Street Journal interviewed over two dozen current and former employees from email and data companies.

    Google no longer scans the inboxes of Gmail users itself as of last year for privacy reasons, but it continues to allow third-party software developers to do so. Other email services, like Yahoo and Microsoft, are similarly impacted, providing access with user consent.

    Return Path, Edison, and other developers of apps that work with Gmail and similar email services don't appear to have misused customer information, but many customers are likely to be concerned about the fact that employees at some email companies are reading their emails. Many customers are also likely unaware they're consenting to such practices when signing up for a third-party email app.

    In a written statement, Google said that it provides data to outside developers who have been vetted and who have been granted permission by users to access their email. Google says its own employees read emails only in "very specific cases where you ask us to and give consent, or where we need to for security purposes, such as investigating a bug or abuse."

    As The Wall Street Journal points out, customers should be wary of email apps because Google does not have strong consumer protections in place when it comes to email. It's a simple process to build an app that connects to Gmail accounts, and with permission to access the Gmail inbox granted, a developer can see the entire contents of the inbox. It's not just large corporations that are able to get to this data - Google also gives permission to one-person startups, and data privacy protections can vary.

    Customers concerned with how their emails are handled by third-party apps should stick with first-party apps such as Gmail or Inbox by Gmail for Gmail users and/or take a close look at the app's privacy policies and ask further questions about data usage.

    Article Link: Some Third-Party Email Apps Let Employees Read User Emails
     
  2. reden macrumors 6502a

    Joined:
    Aug 30, 2006
    #2
    This is real scary and completely irresponsible for Google to allow this.
     
  3. CerebralX macrumors 6502

    CerebralX

    Joined:
    Jun 28, 2013
    Location:
    Looking for a place of freedom and rationality
    #3
    This is why I switched back to Apple's own Mail application..
     
  4. goonie4life9 macrumors regular

    Joined:
    Jun 16, 2010
    #4
    Ruh-roh! This is something that should be highlighted when a user registers. The classic response of “It’s in the user agreement” just comes across as tone deaf. I wonder how long before we get the usual, “We’re sorry we weren’t up-front about this. We promise to move in a new direction in the future and will always make you fully aware how we use your personal information.”
     
  5. macduke macrumors G3

    macduke

    Joined:
    Jun 27, 2007
    Location:
    Central U.S.
    #5
    I'm honestly surprised this isn't exploited more. Consumers are dumb and will grant access to anything.
     
  6. lucasrant macrumors regular

    Joined:
    Oct 24, 2008
    #6
    yikes. I used to use an Edison email app, now use outlook for iphone/ipad.
     
  7. beanbaguk macrumors 6502a

    beanbaguk

    Joined:
    Mar 19, 2014
    Location:
    Europe
  8. Radon87000 macrumors 604

    Joined:
    Nov 29, 2013
  9. techpr macrumors 6502

    techpr

    Joined:
    Sep 9, 2008
    Location:
    San Juan, PR
    #9
    This is WHY my primary email is on protonmail.com
     
  10. ArtOfWarfare macrumors G3

    ArtOfWarfare

    Joined:
    Nov 26, 2007
    #10
    Anything you send via email can be intercepted and read by people in the middle. Which app you use doesn't matter. Neither POP nor IMAP are particularly secure. SMTP security is laughable. Exchange might be, but if you're using Exchange, somebody is paying for it.
     
  11. Rocko99991 macrumors 6502a

    Rocko99991

    Joined:
    Jul 25, 2017
  12. Kaibelf macrumors 68020

    Kaibelf

    Joined:
    Apr 29, 2009
    Location:
    Silicon Valley, CA
    #12
    This is why I gave up on just about all third party clients. They all want to mine you to death.
     
  13. AlxM macrumors newbie

    AlxM

    Joined:
    Mar 21, 2018
    Location:
    North America
    #13
    That's why for sensitive information like emails, I don't trust third party software.
     
  14. EvilEvil macrumors 6502a

    EvilEvil

    Joined:
    Jan 8, 2007
    Location:
    New York City
    #15
    Not surprising for an app named after an inventor thief Thomas Edison.
     
  15. cobracnvt macrumors 6502

    cobracnvt

    Joined:
    Apr 6, 2017
    #16
    Agreed. Email isn't a secure platform, period.
     
  16. usarioclave macrumors 65816

    Joined:
    Sep 26, 2003
    #17
    These companies may be in a heap of HIPAA trouble if anyone can prove that they read anything that might contain PHI.
     
  17. jclo Editor

    jclo

    Staff Member

    Joined:
    Dec 7, 2012
    Location:
    California
    #18
    Welcome. I don't want to fear monger or defame good email apps who are using this data for legitimate feature purposes like Edison seems to be doing, but read privacy policies and approach all apps like this that potentially have access to swathes of data with caution. Ask questions. Demand answers.
     
  18. BasicGreatGuy Contributor

    BasicGreatGuy

    Joined:
    Sep 21, 2012
    Location:
    In the middle of several books.
    #19
    I think you were very fair and responsible with your reporting. And I agree with you. Consumers need to be aware of what an app may allow, and how to take action. This kind of article is very much needed.
     
  19. Bollockser macrumors regular

    Joined:
    Oct 28, 2014
    #20
    Lives up to its name, Edison was an exploitative a$$hole.
     
  20. Xgm541 macrumors 65816

    Joined:
    May 3, 2011
    #21
    Wouldnt the burden fall on the user who signed up to use this app?
     
  21. roncron macrumors 6502

    roncron

    Joined:
    Aug 15, 2011
    #22
    I’ve been using Edison Mail for a year or so and like it better than others. I might go back to Gmail’s iOS app, which is fine except for lack of unified inbox. Or the stock iOS mail app, which had unified inbox but often takes 10-30 minutes longer than others to show new email (and yes I have fetch/push settings correct).

    On the other hand, I’m not sure this news is as big a deal as I thought when I initially read the article.

    If you’re using Edison, are you gonna drop it?
     
  22. az431 macrumors 6502a

    az431

    Joined:
    Sep 13, 2008
    Location:
    Portland, OR
    #23
    Yeah because Google truly cares about your privacy and would never use or sell your data. o_O
     
  23. Defthand macrumors 6502a

    Joined:
    Sep 1, 2010
    #24
    I very much liked Edison Mail’s UX and AI generated responses. I merely test drove it and was aware that they analyzed emails to improve the AI abilities. However, I was wary of the fact that they also read emails in order to target users for outside marketers.

    It’s a shame. I would gladly subscribe to (pay for) an email app with Edison’s features if they could maintain my privacy and refrain from selling data about me to others. Millennials had better change their attitude about not paying for apps, services, and content. Otherwise, they shouldn’t complain about privacy invasions.
     
  24. jclo Editor

    jclo

    Staff Member

    Joined:
    Dec 7, 2012
    Location:
    California
    #25
    From Edison on Twitter: "To confirm, our employees will no longer read the sample of de-identified emails for creating new AI features - instead we’ll offer an opt-in for explicit consent in the app moving forward when needed.

    We had shared that update with the WSJ but they decided not to include in their story. As a reminder, we also offer our users the ability to opt-out of data sharing with no degradation to use of the app."

    Source: https://twitter.com/Edison_apps/status/1013891960178860034
     

Share This Page