Google has confirmed that its third-party app developers have access to private Gmail messages, but only if the developer and app have been vetted and only if users have given their explicit permission.
Google's response, which was made in a blog post on Tuesday (Jul 3), comes after Wall Street Journal detailed in a report on Monday how Google gives hundreds of external software developers permission to "scan the inboxes of millions of Gmail users who signed up for email-based services offering shopping price comparisons, automated travel-itinerary planners or other tools".
In the blogpost Tuesday, Ms Suzanne Frey, Director, Security, Trust & Privacy, Google Cloud, said that such third-party apps have to go through a "multi-step review process" before they can access Gmail messages.
The developers and apps that integrate with Gmail also continuously vetted "before we open them for general access", she added.
Gmail users also have to give permission to such apps to access their data.
"Before a non-Google app is able to access your data, we show a permissions screen that clearly shows the types of data the app can access and how it can use that data," she said.
"We strongly encourage you to review the permissions screen before granting access to any non-Google application."
In addition, Frey said that "no one at Google reads your Gmail" except in specific cases where consent is asked for and given, or for security purposes.