At the beginning of this month, WSJ announced that third-party app developers can read the email of Gmail users. According to Google, we, users, have given these app-developers our consent to do this. There also have not been any reports of misuse by third-party developers. So, then why doesn’t it feel right?
One of the reasons is that we don’t think about what happens after we click the accept button. Yes, we know we’re sharing our data. What we don’t know is what data exactly we’re sharing and what third-party companies do with this data.
We don’t think about these things because all we want is to make use of the benefits offered by these apps as quickly as possible. That is until a newspaper like WSJ forces us to face the facts.
Still, even armed with all the relevant knowledge, people don’t seem inclined to stop using Google services. Why is that? Well, easy. The benefits offered by Google by sharing your data are great. Think about Google Maps, the flight and hotel suggestions in Google search, or the recently announced Google AI assistant. These are features many people are willing to pay for with personal data.
Google knows this. The question is, to what extent should Google take responsibility for the sometimes irresponsible actions we, as users, take?
Make Sure Users Know What They’re Accepting
The way I see it, that at a minimum, Google is responsible for making sure users know what they’re accepting. When a user clicks a button, it should be clear who gets to see what data and what can or will happen with it.
Right now, what you can know if you read the small print, is that third-parties have access to your name, email address and profile picture and ‘data associated with the application’. However, although Google provides some examples in their terms of service, you don’t know exactly what data is ‘relevant to the application’ and how third-party companies will use it.
You also don’t know whether it’s humans at these third-parties that can read your data or machines. Google says it reviews applications to make sure they comply with Google policies, in the end, they don’t control the activities of these providers.
Use UX Design To Shield Data Privacy
Then there is the UX. Right now, Google UX is designed in such a way that it is easy to click accept buttons without actually reading the relevant explanations. UX could help make the consequences of clicking the accept button very clear. Medium has a nice blog about UX for privacy, if you have time, do read it.
Still, even if Google would take these measures, fact remains that when you use Gmail and third-party apps, you are sharing your data with Google and companies you don’t know. If you don’t want this, what are the alternatives?
Keep Control, Hosting Your Email Yourself
If you really want to be sure that your email data is secure, you should probably consider hosting your software yourself. In this way, you control who has access to your data and what happens to it. The thing here is, that self-hosting indeed offers you the possibility to protect your data in the best way possible, however, you do need to put some effort into it. There are many companies who are self-hosting their open source software, but are still vulnerable because they did not take the right security measures. So then, how do you make sure your email data is safe?
Of course, there are many things you can and should do, and most of these measures depend on your specific situation. However, there are (at least) two things everyone should take care of :
Update your applications
First and foremost: update, update, update! Why? Because software that is not updated is vulnerable for inside and outside attacks. Updates not only (often) introduce new or improved features. They also include improvements in the performance, stability and security of your application. The easiest way to go about updating is to use software that scans your computer and notifies you if anything needs to be updated. You can also monitor updates yourself, but that does require you to be a professional. Companies usually have a lot of applications which means that installing and keeping track of all updates is complicated and time-consuming.
Follow the principle of least privilege
The principle of least privilege is the idea that at any user, program, or process should have only the bare minimum privileges necessary to perform its function. For example, a user account created for pulling records from a database doesn’t need admin rights, while a programmer whose main function is updating lines of legacy code doesn’t need access to financial records. The principle of least privilege can also be referred to as the principle of minimal privilege (POMP) or the principle of least authority (POLA). Following the principle of least privilege is considered a best practice in information security.
The principle of least privilege also applies to administrators. By default, they should use a regular user account and only switch to their administrator account when they need to perform an admin task.
In the end, there is no single best way to keep your email safe. Not all, but certainly multiple roads lead to Rome.
