If this is the same article going around social media, the article is highly misleading. While I don't doubt google is doing nefarious things with your email, this mostly boiled down to "Some...
If this is the same article going around social media, the article is highly misleading. While I don't doubt google is doing nefarious things with your email, this mostly boiled down to "Some idiots are shocked that apps can read your email when you specifically allowed them to in an OAuth Confirmation Dialog" and it's not even misleading language....
It reads something along the lines of:
Do you wish to give DerpyApp99 access to read, send, delete, change, etc... your emails on your gmail account.
Unfortunately I cannot confirm if this article is the same one being paraphrased elsewhere since it's a paywalled site.
It’s interesting from a product and PR POV for google... Sure they technically cover their own butt by giving people the popup with the permissions, but the average Joe or Jane does not read stuff...
It’s interesting from a product and PR POV for google... Sure they technically cover their own butt by giving people the popup with the permissions, but the average Joe or Jane does not read stuff like that and likely assumes that google would not do something to compromise their privacy.
It all comes back onto Google in the press. Even if Google’s intentions were just to allow an extentendable platform.
Edit: changed last paragraph phrasing, and added the part in italics.
I'm always torn on this issue. I'm tech literate so I know what's going on, but there are many people who aren't. But how do you legislate against this or ensure certain precautions are taken? I...
the average Joe or Jane does not read stuff like that and likely assumes that google would not do something to compromise their privacy.
I'm always torn on this issue. I'm tech literate so I know what's going on, but there are many people who aren't. But how do you legislate against this or ensure certain precautions are taken?
I certainly think being able to read your email is something that no app truly needs. They do it because they can request access and that gives them data. So I think I'd be okay with legislation saying that this is just not something companies can get access to. Advertisers can't open up your physical mail, why should they have access to electronic mail? I think the same can be said for text messages, voice mail, etc. Communication should be private.
By educating folks and not falling into either end of the privacy spectrum. It will always be a balancing act, and the only way to change those kind of equilibrium is by educating people. On one...
I'm always torn on this issue. I'm tech literate so I know what's going on, but there are many people who aren't. But how do you legislate against this or ensure certain precautions are taken?
By educating folks and not falling into either end of the privacy spectrum. It will always be a balancing act, and the only way to change those kind of equilibrium is by educating people. On one hand, you don't want Google, FB etc ... to become stronger walled gardens, it'll allow them to continue expanding their predatory tactics. On the other hand, you don't want Google, FB etc ... to simplify the data access process ( most giants are now rolling out manual reviews of apps using higher-tier perms for instance, and it's both a great thing and a terrible one )
It's also why: "everyone should own its data" is pointless if it's not dwarfed by an even stronger movement for stronger privacy education: folks need to understand and care about what's being defended or else fighting for it is worth nothing.
I can think of plenty of ways where you can have access to send mail or access to the mail you are currently writing (although I'd argue they shouldn't have access to the content of it), but not...
I can think of plenty of ways where you can have access to send mail or access to the mail you are currently writing (although I'd argue they shouldn't have access to the content of it), but not have access to the content of other mail in your inbox.
But like, an email app. Like, Outlook, or the Samsung default email app that comes with phones. Apps you use to actually check and read your emails, not just send them. I suppose they could use...
But like, an email app. Like, Outlook, or the Samsung default email app that comes with phones. Apps you use to actually check and read your emails, not just send them.
I suppose they could use POP3 or IMAP instead of the gmail API via OAuth, but that's not really any better, in fact it's worse since you have to give your password.
Or, I don't know, I don't use such apps, but something like an app that offers to scan your emails for coupons you receive in your junk mail, then put those into a folder for you. Or idk, something that scans your emails for anything that looks like an appointment then adds it to your calendar. These sorts of apps need access to your emails to work.
I for one think it's obvious. It's like if i hired someone to sort my physical mail and I gave them a copy of my housekey, I would not be surprised to find out they are able to snoop through my drawers if they wanted to. There's no easy way to give them a key only to my foyer where the mailbox is, so I know I need to either deal with the inconvenience of sorting my own mail, or deal with the chances the mail sorter is stealing from my home when I'm not looking.
I don't think there's a good solution here other than to make the warnings really big and obvious.
I dunno, I know people tend to handwave these warnings like all those ActiveX warnings of the windows98-windowsXP days but with how willfully ignorant people are about using technology at some...
I dunno, I know people tend to handwave these warnings like all those ActiveX warnings of the windows98-windowsXP days but with how willfully ignorant people are about using technology at some point we have to hold people accountable for stabbing their own foot, especially when the knife says "Caution, sharp... this will cut you"
If this is the same article going around social media, the article is highly misleading. While I don't doubt google is doing nefarious things with your email, this mostly boiled down to "Some idiots are shocked that apps can read your email when you specifically allowed them to in an OAuth Confirmation Dialog" and it's not even misleading language....
It reads something along the lines of:
Unfortunately I cannot confirm if this article is the same one being paraphrased elsewhere since it's a paywalled site.
It’s interesting from a product and PR POV for google... Sure they technically cover their own butt by giving people the popup with the permissions, but the average Joe or Jane does not read stuff like that and likely assumes that google would not do something to compromise their privacy.
It all comes back onto Google in the press. Even if Google’s intentions were just to allow an extentendable platform.
Edit: changed last paragraph phrasing, and added the part in italics.
I'm always torn on this issue. I'm tech literate so I know what's going on, but there are many people who aren't. But how do you legislate against this or ensure certain precautions are taken?
I certainly think being able to read your email is something that no app truly needs. They do it because they can request access and that gives them data. So I think I'd be okay with legislation saying that this is just not something companies can get access to. Advertisers can't open up your physical mail, why should they have access to electronic mail? I think the same can be said for text messages, voice mail, etc. Communication should be private.
By educating folks and not falling into either end of the privacy spectrum. It will always be a balancing act, and the only way to change those kind of equilibrium is by educating people. On one hand, you don't want Google, FB etc ... to become stronger walled gardens, it'll allow them to continue expanding their predatory tactics. On the other hand, you don't want Google, FB etc ... to simplify the data access process ( most giants are now rolling out manual reviews of apps using higher-tier perms for instance, and it's both a great thing and a terrible one )
It's also why: "everyone should own its data" is pointless if it's not dwarfed by an even stronger movement for stronger privacy education: folks need to understand and care about what's being defended or else fighting for it is worth nothing.
I can think of plenty of ways where you can have access to send mail or access to the mail you are currently writing (although I'd argue they shouldn't have access to the content of it), but not have access to the content of other mail in your inbox.
But like, an email app. Like, Outlook, or the Samsung default email app that comes with phones. Apps you use to actually check and read your emails, not just send them.
I suppose they could use POP3 or IMAP instead of the gmail API via OAuth, but that's not really any better, in fact it's worse since you have to give your password.
Or, I don't know, I don't use such apps, but something like an app that offers to scan your emails for coupons you receive in your junk mail, then put those into a folder for you. Or idk, something that scans your emails for anything that looks like an appointment then adds it to your calendar. These sorts of apps need access to your emails to work.
I for one think it's obvious. It's like if i hired someone to sort my physical mail and I gave them a copy of my housekey, I would not be surprised to find out they are able to snoop through my drawers if they wanted to. There's no easy way to give them a key only to my foyer where the mailbox is, so I know I need to either deal with the inconvenience of sorting my own mail, or deal with the chances the mail sorter is stealing from my home when I'm not looking.
I don't think there's a good solution here other than to make the warnings really big and obvious.
I dunno, I know people tend to handwave these warnings like all those ActiveX warnings of the windows98-windowsXP days but with how willfully ignorant people are about using technology at some point we have to hold people accountable for stabbing their own foot, especially when the knife says "Caution, sharp... this will cut you"
Paywalled. Can’t read a thing.
For WSJ articles you can always just put "outline.com/" in front of the url and it should circumvent it (and is easier to read too): https://outline.com/https://www.wsj.com/articles/techs-dirty-secret-the-app-developers-sifting-through-your-gmail-1530544442
You can bypass the paywall by using private mode on your browser.