GOOGLE has admitted it's still letting companies read your emails – but no longer scans them itself.
These companies are able to snoop on the sender and recipient, the time the email was sent, and even the contents of the email.
Worse still, Google even allows these outsider companies to share that data onto other third-parties.
That means it's not just developers who make apps that could see your Gmail emails, but entirely separate firms too.
The revelation came in a letter from Google to US senators detailing its privacy practices.
In the letter, Google policy chief Susan Molinari wrote: "Developers may share data with third parties so long as they are transparent with the users about how they are using the data."
Last year, Google vowed to stop scanning the emails of Gmail users.
The company had been mining personal data from emails since the service launched back in 2004.
Google said it did this to improve ad-targeting: by learning about what you talk about in emails, Google can deliver more effective ads to you.
That means Google was profiting from reading your emails – something many users probably never realised was happening.
The company halted the practice in 2017, but didn't stop allowing app developers to do the same.
In July this year, the Wall Street Journal revealed that Google was letting "hundreds" of app makers scan the inboxes of millions of users.
These companies generally offered email-based services, like shopping price comparisons, automated travel-itinerary planners, and other tools.
In most cases, this simply involved automated computer systems analysing around 100million emails each day.
One such firm, ReturnPath Inc., reportedly scanned the inboxes of a staggering 2million people to collect marketing data after they'd signed up for one of the free apps produced by its partners.
And at one point around two years ago, the company's employees also read around 8,000 uncensored emails to help train the firm's software.
These companies can also pass information onto other companies, who can use your data to improve ad-targeting systems.
Since that revelation, it appears nothing has changed.
Google's statement suggests that the practice is OK, as long as developers are transparent about how they use the data.
Google says it vets third-party email apps that get access to your mail data.
This includes reviewing privacy policies of these apps manually.
It also involves using software to check if developers make any significant changes to the way their apps behave.
When asked for comment, Google redirected us to a blog post from July that outlines its security policies.
In the post, Google's Suzanne Frey writes: "We make it possible for applications from other developers to integrate with Gmail—like email clients, trip planners and customer relationship management (CRM) systems—so that you have options around how you access and use your email.
"We continuously work to vet developers and their apps that integrate with Gmail before we open them for general access, and we give both enterprise admins and individual consumers transparency and control over how their data is used."
The fiasco is reminiscent of Facebook's Cambridge Analytica scandal.
The rival tech firm was exposed for letting app makers harvest the data of tens of millions of users without their permission.
A rogue policy at the social network let developers hoover up the personal info of not only app users, but Facebook friends of those app users too.
These friends have never given permission for their data to be taken.
Facebook has since apologised for the blunder, and no longer allows developers to scoop up data in this way.
Which tech company do you trust the most: Apple, Facebook, Google or Microsoft? Let us know in the comments!
Culled from the Sun.