Proton
google privacy problem

The Wall Street Journal recently published an article highlighting privacy concerns related to Gmail’s use of third-party apps(new window). When users install tools known as “add-ons” in their Gmail accounts, they are often giving outside companies full access to their mailbox. In at least one instance, the WSJ reported, “engineers personally read through thousands of emails“.

In the public debate that followed, many people focused on Google’s poor oversight of these third-party developers and the inadequacy of their privacy policies. While these are important concerns, they distract from the fundamental problem with Google, which is that the company’s entire purpose is to spy on you and sell your private information to organizations that want to influence you.

The real purpose of Gmail

Google’s business model is primarily based on online advertising. The company earned over $95 billion last year selling the personal information(new window) of its users to advertisers.

For an advertiser, your emails are a gold mine because we often think of email as a private communication channel. When your bank contacts you or you address an email to your loved one, these seem like two-party conversations. In reality, Google treats your Gmail mailbox as company property, scanning them with powerful software to better understand you.

Founded in 2004, the service now has 1.4 billion users creating a perfect record of their thoughts, behaviors, and interactions. As Google CEO Eric Schmidt said in 2010, “We know where you are. We know where you’ve been. We can more or less know what you’re thinking about.(new window)

After years of lawsuits and waves of criticism, Gmail finally announced last year it would stop scanning users(new window)’ inboxes for advertising purposes. What they did not mention, however, was that they would continue allow other companies to do just that.

Third-party data mining in Gmail

Since 2014, Gmail has given third-party developers access to the platform’s API, which allows them to build software that can be used within the platform. These add-ons are usually productivity tools, such as task managers or document signing apps. When users install them, they grant these apps permission to read their emails.

What is not overtly stated, however, is that the add-ons may actually be a front for profitable marketing activities. Buried in their privacy policies are vague disclaimers that allow the companies to harvest and share your data with their advertising partners. Gmail allows this to happen because third-party apps make their platform more valuable.

By scanning your emails, companies can learn information about your email habits, the things you buy, how much you spend, and who you are. Typically this information is anonymized but not always. According to the Wall Street Journal, the add-on developers sometimes shared redacted screenshots of entire emails. In one instance, two engineers read through 8,000 personal emails in order to calibrate their algorithms. The users were never informed about this.

These activities are extremely similar to those that led to the recent Facebook-Cambridge Analytica scandal(new window). When the abusive practices of Facebook’s third-party app developers came to light, the fallout included a #DeleteFacebook hashtag and a congressional inquiry into Facebook’s privacy practices. Though Google has so far avoided intense controversy, its surveillance operations are far greater than Facebook’s.

Privacy is necessary for democracy

This is not just about strangers having access to your love letters, intimate photos and online purchases. It’s also about the kind of society we want to live in. Gmail is designed for mass surveillance, and such a powerful tool could be easily misused. The intelligence software Google is developing could someday be turned against us in ways we cannot predict. It’s no surprise there is a growing movement of people learning how to deGoogle their lives to take back control of their data.

Take action now: DeGoogle your life for $1

The Facebook scandal has already given us a glimpse of this power, which can even be used by malicious actors to undermine democracy. Imagine if Cambridge Analytica had access to your inbox.

Human rights defenders saw the potential for harm from the very beginning of Gmail. Five days after its launch, a group of privacy advocates wrote a letter to Google expressing their concerns. They said Gmail’s plan to scan emails for marketing purposes “violates the implicit trust of an email service provider.” Gmail has violated that trust again and again, and it will continue to do so because invading people’s privacy is essential to its business model.

How to protect your privacy in the age of Google

Fortunately, the ad-based business model is not the only viable way to commercialize online services. At Proton Mail, we implement end-to-end encryption, which means users have the only keys to their data. Your inbox is safe from corporate surveillance and offers increased security in the event of a data breach. Encryption also makes targeted advertising impossible. So while we offer free accounts, we are supported almost entirely by paid users. This means our interests are aligned with those of our users, most of whom believe paying money is preferable to paying with their data, given the privacy and security risks.

When you pay for the services you use, you can be sure you are the customer and not the product being sold to advertisers. If you’re tired of your personal information being sold, processed, and profiled, then consider switching to a service that puts privacy first.

To find out more, please see Best Gmail alternative for privacy and security(new window).

Sign up and get a free secure email(new window) account from Proton Mail.

We also provide a free VPN service(new window) to protect your privacy.

Proton Mail and Proton VPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan(new window). Thank you for your support!

Related articles

The cover image for a Proton Pass blog comparing SAML and OAuth as protocols for business protection
en
SAML and OAuth help your workers access your network securely, but what's the difference? Here's what you need to know.
Proton Lifetime Fundraiser 7th edition
en
Learn how to join our 2024 Lifetime Account Charity Fundraiser, your chance to win our most exclusive plan and fight for a better internet.
The cover image for a Proton Pass blog about zero trust security showing a dial marked 'zero trust' turned all the way to the right
en
Cybersecurity for businesses is harder than ever: find out how zero trust security can prevent data breaches within your business.
How to protect your inbox from an email extractor
en
  • Guias de privacidade
Learn how an email extractor works, why your email address is valuable, how to protect your inbox, and what to do if your email address is exposed.
How to whitelist an email address and keep important messages in your inbox
en
Find out what email whitelisting is, why it’s useful, how to whitelist email addresses on different platforms, and how Proton Mail can help.
The cover image for Proton blog about cyberthreats businesses will face in 2025, showing a webpage, a mask, and an error message hanging on a fishing hook
en
Thousands of businesses of all sizes were impacted by cybercrime in 2024. Here are the top cybersecurity threats we expect companies to face in 2025—and how Proton Pass can protect your business.