• by Ray Schultz , Columnist, July 9, 2018

Just when it seemed the privacy uproar might be calming down — slightly — Google is in another mess. The search giant has been lambasted — and sued — for granting access to users' Gmails to third-party app developers.

The Wall Street Journal reported the scanning last week. In doing so, it dragged two companies that most consumers were probably not even dimly aware of — Return Path and Edison Software — into the spotlight.

How unfortunate. Those firms scan data only with permission. As Slate writes today: “Google requires those app developers to tell users in advance what type of data they’ll be collecting, and users have to agree to that before they can start using the apps.”

It adds: “To Google’s credit, that permissions pop-up is written in plain, concise English, unlike the long, legalistic privacy policies that accompany most online services.”

Then there’s this distortion, which has entered most of the headlines: that these companies “read” the emails.

In 1904, Ladies’ Home Journal reported that letters written to patent-medicine companies by mothers of young girls in trouble were routinely read and enjoyed by employees who often read “the good parts” out loud.

That’s not the way it is here. The whole basis of modern marketing is automation. Firms like Return Path rely on algorithms to do almost everything. On the rare occasion that manual intervention is required, it’s for the purpose of building algorithms.

Why did Return Path and Edison have such access? So they could power those free features we all love in Gmail. There’s “no suggestion that any companies have misused the data they've accessed,” Wired says.

Drill down, and you have “the option to remove access,” Wired notes. But it warns that “if you remove access to third-party developers, it's highly likely that some of the services you've been using won't work in the same way, if at all.” 

Google could have told you the same thing, but it’s good to see it coming from an outside, presumably neutral, source. 

Yet all this leads us to a larger issue, one that has exploded in the wake of the Facebook-Cambridge Analytica scandal. Privacy is now on top of the fold, as they used to say in the news business. TV news shows now have features called “Privacy Watch.”

Virtual reality pioneer Jaron Lanier contends “the early libertarian idealism of the internet has resulted in the creation of ‘gargantuan, global data monopolies,’” The Financial Times reported on Saturday.

Lanier adds: “There’s never been a society in which everybody is under constant observation, constant surveillance and in which they’re constantly receiving this stream of experience that is being dynamically adjusted to find ways of manipulating them.”

It’s hard to argue with that.

Surveys show that consumers are willing to trade a little privacy for benefits. At the very least, they’ll share email addresses with companies they trust. But consumers remain wary, and the surge of privacy headlines isn’t making them any more agreeable. 

Figuring out who has access to what data is like trying to unravel spaghetti strands. The GDPR is designed to eliminate that problem, first by requiring transparency; second, by demanding that companies police their data partners.

Do we want GDPR here? It’s already on its way: We’re going to have a slightly less exacting but still tough version of it in 2020 — in California.