Google explains policies on data sharing

Google said that it relies on automated scans and reports from security researchers to monitor add-ons after launch.
Google said that it relies on automated scans and reports from security researchers to monitor add-ons after launch.PHOTO: REUTERS

It tells US senators how Gmail add-ons work, but is mum on violations by third parties

WASHINGTON/SAN FRANCISCO • Alphabet’s Google gave details about its policies for thirdparty Gmail add-ons but stopped short of fully addressing questions from US senators about developers who break its e-mailscanning rules.

How user data flows between big technology platforms such as Google and Facebook and their partners has come under scrutiny around the world this year since Facebook revealed it had done little to monitor such relationships.

In a letter to US senators that was made public on Thursday, Google said that it relies on automated scans and reports from security researchers to monitor add-ons after launch, but did not respond to lawmakers’ request to say how many have been caught violating the company’s policies.

Senators may seek further clarity on Gmail’s operations at a Commerce Committee hearing about privacy practices scheduled for next Wednesday with officials from Google, Apple, AT&T and Twitter.

Gmail users must give their consent to activate extensions, which can help them send e-mails on a time delay, get price-match rebates from retailers and remove unwanted mailing lists.

Under Google’s policies, software firms that create these addons must inform users about how they collect and share Gmail data.

The lawmakers’ inquiry came after the Wall Street Journal reported in July that some add-on makers did not make clear to users that their employees could review Gmail messages and that their data could be shared with additional parties.

Software experts said in March that auditing of apps that interact with Gmail, Facebook and other services is lax. To be sure, sharing with a fourth party is essential to the functioning of some add-ons.

The lawmakers’ inquiry came after the Wall Street Journal reported in July that some add-on makers did not make clear to users that their employees could review Gmail messages and that their data could be shared with additional parties.

For instance, a trip-planning app may scan a users’ email for upcoming flight details and then use the data to query an airline for updated departure information.

Google told senators that it has suspended apps due to “a lack of transparency to users”, without identifying violators or when enforcement actions took place.

Gmail, used by 1.4 billion people, is not the only Google service drawing lawmaker questions about oversight.

House lawmakers asked Google in a separate letter in July whether smartphones with the voice assistant tool can or do collect so-called “non-triggered” audio in order to recognise phrases like “Okay Google” that activate voice controls.

The lawmakers cited media reports and said there had been suggestions that third-party applications have access to and use this non-triggered data without disclosure to users.

REUTERS

A version of this article appeared in the print edition of The Straits Times on September 22, 2018, with the headline 'Google explains policies on data sharing'. Print Edition | Subscribe