Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Some Third-Party Email Apps Let Employees Read User Emails
- Thread starter MacRumors
- Start date
- Sort by reaction score
[doublepost=1530584914][/doublepost]I have been using Spark for a few months, should I be worried about this one also?
Some third-party email providers that work with services like Gmail are letting their employees read customer emails to create new and optimized software tools, according to an article warning about third-party email apps and services published today by The Wall Street Journal.
Return Path, a service for email marketers that has 163 app partners, two years ago allowed its employees to read approximately 8,000 full customer emails to train the company's software.
Similarly, Edison Software, a company that makes the Edison Mail app for iOS, had employees read the emails of hundreds of users to craft a new "smart replies" feature.
According to The Wall Street Journal, neither company asked users for specific permission to read their emails, but have said the practice is covered in their user agreements. Employees who read the emails were governed by "strict protocols," and in Edison's case, user information was redacted.
Edison, Return Path, and other third-party email services also use computer scanning to analyze emails, a common practice. For its article, The Wall Street Journal interviewed over two dozen current and former employees from email and data companies.
Google no longer scans the inboxes of Gmail users itself as of last year for privacy reasons, but it continues to allow third-party software developers to do so. Other email services, like Yahoo and Microsoft, are similarly impacted, providing access with user consent.
Return Path, Edison, and other developers of apps that work with Gmail and similar email services don't appear to have misused customer information, but many customers are likely to be concerned about the fact that employees at some email companies are reading their emails. Many customers are also likely unaware they're consenting to such practices when signing up for a third-party email app.
In a written statement, Google said that it provides data to outside developers who have been vetted and who have been granted permission by users to access their email. Google says its own employees read emails only in "very specific cases where you ask us to and give consent, or where we need to for security purposes, such as investigating a bug or abuse."
As The Wall Street Journal points out, customers should be wary of email apps because Google does not have strong consumer protections in place when it comes to email. It's a simple process to build an app that connects to Gmail accounts, and with permission to access the Gmail inbox granted, a developer can see the entire contents of the inbox. It's not just large corporations that are able to get to this data - Google also gives permission to one-person startups, and data privacy protections can vary.
Customers concerned with how their emails are handled by third-party apps should stick with first-party apps such as Gmail or Inbox by Gmail for Gmail users and/or take a close look at the app's privacy policies and ask further questions about data usage.
Article Link: Some Third-Party Email Apps Like Edison Let Employees Read User Emails
This is why one should never buy a Google phone like the Pixel 2 because all your contacts have to be backed up to your Google Gmail account. Everything on that phone has to be saved to your Gmail account. You have no option to save anything to your smartphone. I can understand if people were given options but Google gives you no option on Pixel 2 series smartphones. On the iPhone you have the option to backup to iCloud (not recommended), save to your iPhone or backup to your computer. Apple gives you 3 different options where as Google gives you no option with Pixel 2 smartphone. Nothing good follows when you are not given an option. Similar to Facebook preinstalling Facebook on Google phones with no uninstall option. When it is preinstalled with no uninstall option don’t kid yourself over disable features.
Saw some reviews of this app and I thought "cool"so I went to their website to learn more and glanced at their privacy policy and TOS —something did not sit right with me, so I never used it.
This article confirms my instincts!
This article confirms my instincts!
Gmail for iOS is no different than gmail.com or gmail for android. If you use gmail as your email provider google has access to your emails as they go through their servers.
Weirdly, I've read quite a few articles about this issue that take a tone of "darn you Google" and so do quite a few people posting here. But nobody seems to be taking into account that Google asked you if you wanted to let others read your email and almost everyone agreed.
:|
:|
You are so wrong. There are options with the Pixel 2 (I am using one) that let you disable syncing. If you turn syncing off for things like calendar, contacts, Chrome...etc it gets stored locally on the phone just like the iPhone.
That is false. Everything is synced to gmail. Go online and you will find all your contacts in your Gmail account. With each automatic update everything is also synced. When you add a new contact you can only save it to your Gmail account
Not if you do a good job.
Of course, you can't prove a negative. I can't prove my server is bullet-proof, but then Google can't either.
SSL is orthogonal to mail authentication. I do, however, have SSL certs and the SMTP and IMAP connections I use are encrypted.
I take all of the appropriate authentication steps to demonstrate that the mail from my server/domain is legitimate, including DKIM signing and SPF records and on and on.
Oh sure, but that applies to the professionals too.
That's entirely fair. I have to trust myself, which as you point out is a little harder to do. But at the same time, I'm a much smaller target than Google or Apple are. Can you imagine the debacle if it were demonstrated that hackers penetrated either?
So what do you think happens when you turn off contacts sync for your Google Contacts?
I never trust disable features. If they don’t give you an option there is a reason behind it. Look at all that stuff Facebook is involved in these days about data theft.
Previously each time an app was updated default settings went back in to place. With default settings everything is set to sync. Default should always be your smartphone with no sync options. If someone wants to sync and backup then they could do so on their own.
Go look at some of the new Samsung and LG smartphones. They come with Facebook preinstalled on them with no uninstall options. Dummies will tell you that it has a disable feature only later to read all the news online about data theft from Facebook. You open up any browser without having visited any Facebook page and see Facebook cookies and Facebook usage stored in your browser.
https://www.androidcentral.com/app-developers-are-going-through-your-email
People want to believe that using clouds, webmail, e-shopping, GPS, and phones connected 24/7 to the Internet is safe because the companies will respect them. But truth is that you cannot (and shouldn’t) trust Google, Facebook, nor Apple, nor no other company that can access your data (if they can access your data, they cannot be trusted, no matter if they do “cool” things like fighting the FBI -way childish, BTW).
Uh-huh. So, basically, you don't know what you're talking about.
Which has nothing at all to do with this.
[doublepost=1530594344][/doublepost]
Read about how Apple protects your data before lumping them in with everyone else.
Show me how you can save a contact to your Google Pixel smartphone then without saving it to your Gmail account.? Add new contact and take a screenshot. The only way to add a contact is to save it to your Gmail account
On the iPhone and iPad you can
That's why I never left it.
It's your computer connected to the mail server, nothing fancy, no third party.
And the said mail server can be your own mail server (like Hillary's).
[doublepost=1530596805][/doublepost]
Yes, it's not.
That's why you use IMAPS and STMPTS.
That's why S/MIME exists.
That's why Google doesn't allow you to use S/MIME.
…just use Mail
Customers concerned with how their emails are handled by third-party apps should [blah blah blah…]
Last edited:
Just use Mail
Wait. You're saying that if you don't want third parties to be able to read email you can just not give them access?