While there is no substantial new insight into industry practices, Google does outline the use of G Suite to protect the privacy and security of users and business organisations. The company also reiterated its commitment to review third-party applications and services that have access to sensitive Gmail data.
Google’s blog post was written by Suzanne Frey, head of the company’s Google Cloud security, trust and privacy department.
“A vibrant ecosystem of non-Google apps gives you choice and helps you get the most out of your email. However, before a published, non-Google app can access your Gmail messages, it goes through a multi-step review process that includes automated and manual review of the developer, assessment of the app’s privacy policy and homepage to ensure it is a legitimate app, and in-app testing to ensure the app works as it says it does.“
Frey provides some tips to ensure that users’ data is in the hands of reliable sources. This includes viewing the permissions screen before accessing non-Google apps and using the company’s security checker to check which devices logged into the user’s account, which third-party apps can access the user’s Gmail, and what permissions those apps have. She also said that Google’s review process is designed to ensure that companies and individuals only request data related to the features they provide.
Last year, Google announced that it would stop scanning Gmail user mail content for advertising purposes as part of its strategy to make its G Suite products more attractive to corporate customers. Before the Cambridge analysis scandal, Google believed that targeting ads based on people’s private conversations were not a particularly smart business strategy, especially when some users didn’t have a good grasp of how Gmail monetized. Frey reiterated this in her blog post on Tuesday, and she cautiously pointed out that “Gmail’s primary business model is to sell our paid email service to organizations as a part of G Suite.”
Frey writes: “The practice of automatic processing has caused some to speculate mistakenly that Google ‘reads’ your emails. To be absolutely clear: no one at Google reads your Gmail, except in very specific cases where you ask us to and give consent, or where we need to for security purposes, such as investigating a bug or abuse.”
Source: theverge
