
Google explains Gmail privacy after controversy - benryon
https://www.cnet.com/news/google-explains-gmail-privacy-after-controversy/
======
mankash666
When people signed up for Google, the expectation was for Google (at worst) to
have access to email content. But divvying up personal email to third parties
shouldn't have been so much as a thought at Google, let alone an API!

Everyone knows no body reads TOS. This is a beach of trust in Google's part

~~~
sqdbps
They don't "divvy up personal emails", you do, by clicking the "allow" button
under an explicit permission screen ([https://storage.googleapis.com/gweb-
uniblog-publish-prod/ima...](https://storage.googleapis.com/gweb-uniblog-
publish-
prod/images/gsuite_gmail_security_checkup_third_party_.max-1000x1000.jpg)).

And you might give that access for reasons you deem useful, like CRMs and what
not.

Are people really not getting this? because I'm starting to think that this is
an elaborate prank on my expense.

~~~
mankash666
People perfectly get this. When Google is used as an auth provider, people get
accustomed to robo-clicking the "allow" button.

While there are legit use cases to grant permission to emails, _many_ 3rd
parties rely on you robo-allowing them access. It's _Google 's_ duty to
protect users from such apps

~~~
sqdbps
Who says they don't? they've listed the ways in the linked blogpost:

[https://www.blog.google/technology/safety-
security/ensuring-...](https://www.blog.google/technology/safety-
security/ensuring-your-security-and-privacy-within-gmail/),
[https://support.google.com/a/answer/7281227?hl=en](https://support.google.com/a/answer/7281227?hl=en),
[https://support.google.com/googleapi/answer/7394288#ensure-a...](https://support.google.com/googleapi/answer/7394288#ensure-
approval), [https://developers.google.com/terms/api-services-user-
data-p...](https://developers.google.com/terms/api-services-user-data-policy)

Certain people have determined to catch google in the wrong here even if that
isn't the case so they are conveniently framing the situation and omitting key
details.

Not to mention that having the user abdicate all responsibility to their
actions in any situation is infantilizing and stupid.

~~~
mankash666
1\. You appear to be a Google employee, or a huge Google fanboy. Either is
fine with me, but I hope you see your pro-Google bias.

2\. In general, I'm defensive of Google, against all the unreasonable shite
hurled at them. However, I stand my ground on email access to 3rd parties. My
mom, your mom, your grandad, etc. aren't reading through legalese & Google
blog/support. As the world's largest internet company, people expect Google to
prevent these vulnerable people from being exploited.

3\. Even the tech savvy rarely read TOS, especially on _trusted_ sites like
Google. They just expect Google to do the right thing.

------
sqdbps
The only controversy here is that of shoddy (and malicious) reporting.

~~~
extralego
It appears to me that Google’s blog post admits guilt of the accusations. No?

~~~
sqdbps
What's the accusation? that they provide an API?

~~~
extralego
Fair enough. You have a point. But, that is active and explicit permission-
giving.

