Much of our lives are now dictated by the technologies we use and the trust we have in the companies behind those technologies. Despite this, the past 12 to 18 months has shown that these firms cannot be so trusted with handling our personal data – but whoever actually thought they could be trusted? Now, US federal agencies having extended their investigation into the sharing of data beyond Cambridge Analytica to the actions and statements of Facebook itself, and Facebook has revealed the companies it gave special user data access to. But, perhaps bigger than that data news, Facebook’s fellow technology and advertising behemoth, Google, has admitted that third-party app developers can sometimes see the emails sent and received by Gmail users.
Firstly, it’s only right to explain how these third-party app developers gain access to the user emails within Gmail. So… Gmail users who have connected to their accounts to some third-party apps have agreed to allow these apps access to “read, send, delete and manage your email” when linking them. I’d imagine some people do read the requests an app is making when they connect it to their accounts, but I also know that it’s likely many more people don’t. And, well, Google has said that requesting permission to access Gmail accounts isn’t against its policies.
Of course, Google said that only ‘vetted’ companies are able to make the requests. But I’m sure that’s the same thing Facebook said and look at where we are with the social network now.
So, in reality, we once again see the blatant disregard for personal information from one of the biggest tech companies in the world. And I’ve written a lot on this about Google’s duopoly buddies over at Facebook. However, here, Google has really pushed the boundaries on what is acceptable.
I understand that requesting permission to view and interact with people’s emails does not breach any of Google’s policies – but that, in itself, is a startling revelation.
At what point do the big names in tech actually start to be made accountable for the flagrant manner in which they handle the data of their users? Yes, the General Data Protection Regulation (GDPR) was introduced within the European Union (EU) in May to give EU citizens more control over their data, but it’s difficult to know if and how this will actually be policed at this early stage. The US has been considering following a similar suit and bringing some form of GDPR-like regulation also. Despite this, I do wonder if the EU (or the US in the future) has any concrete idea on what the regulation that it created really means. And it remains to be seen if the EU will actually come down hard on those in breach.
Saying all that, in regard to Gmail users in the EU, Google would not be in breach of GDPR because the users would have provided consent to a third-party app in the first place. And, because Google cannot be sanctioned by law on this issue, it takes us into more of a debate about morals and ethics.
The likes of Google and Facebook have become pretty good at staying within the law (at times, arguably, even being above the law and bigger than governments) and falling short on their moral and ethical obligations.
For all the claims of the big boys that there are going to be more transparent with the data of their users, more news comes to the surface about areas in which they haven’t been transparent. Continually, we see it’s the case of companies announcing how transparent they will now be about something they are doing after that something has already been exposed to the public.
It’s easy for them to continue playing this game and it’s up to regulators and consumers alike to apply more pressure on the firms to be better. Until sanctions start getting placed on these companies or users stop using their services, they will continue to get away with their disregard for data. For now, at least, it looks like we’re going to have to continue with our data being passed without regard between the lions, tigers, and bears.