Since the creation of Gmail 13 years ago, Google has analysed content on personal accounts in order to target account holders with tailored adverts. In 2014, these email scanning practices were clarified in a terms of service update, stating that incoming and outgoing emails were analysed by automated software. This system would only target customers using the free version of Gmail for personal use.
The description of this service from 2014 stated: “Our automated systems analyse your content (including emails) to provide you personally relevant product features, such as customised search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.”
This feature is compulsory and cannot be turned off. In contrast, users of its business offering, G Suite, have never had their emails scanned.
“G Suite’s Gmail is already not used as input for ads personalisation,” writes Diane Greene, the senior vice president in charge of Google Cloud. “Google has decided to follow suit later this year in our free consumer Gmail service. Consumer Gmail content will not be used or scanned for any ads personalisation after this change.”
Customers on personal accounts will no longer have their emails analysed. Advertisement personalisation will continue to be a feature across the service, using data derived from activity on users’ profiles, Google searches, browsing activity, and location tracking.
Furthermore, the promise of discontinuing scanning of personal Gmail accounts does not set aside other privacy concerns about the service. Google apps can still scan data using artificial intelligence services, to provide customers with various ‘SmartReply features’ – meaning automated systems will still read through email sections when this feature is used.
“Consumer Gmail content will not be used or scanned for any ads personalisation after this change.”
It is worth noting that Gmail is not the only service that reads through consumer emails.
Microsoft’s Hotmail service was exposed in 2014 when the company was found to have read through a user’s inbox.
In addition, the Yahoo email hack of 2015 revealed that user emails had been scanned on behalf of the United States’ government. This was done through a tool that could search through every email and attachment for specific sets of characters and phrases. A report by Reuters stated that the program was discovered by Yahoo’s security team in May 2015, within weeks of its installation, and that it was originally thought to be the result of a hack. Reuters was unable to determine whether the 2015 demand went to other companies, or if any complied.
While law enforcement officials require a warrant to look through personal emails, internet email providers such as Google and Microsoft do not. This access to personal content is legal under the user policy.
As concerns about cybersecurity grow more pressing, the question of data security has come to the forefront for internet providers. With Google adjusting its policies to restrict certain scanning features, the question remains – which will out: privacy or personalisation?