Many users do not pay attention themselves give permission to do so.
Developers of third-party applications that use the Gmail API, for example, for authorization, can read the contents of users’ letters. It’s about both email clients and many other services. This was reported by The Wall Street Journal with reference to its own sources among developers.
According to the interlocutor WSJ, usually users’ mail is viewed by the program, but people are often attracted to configure such systems. The journalists of the newspaper found out that in 2016, the employee of the company Return Path, engaged in the development of tools for email marketing, read 8,000 user letters.
Google explained that they only provide data to trusted developers and only if users explicitly gave permission to do so. Google employees themselves read messages in case users need help or when investigating errors.
The publication noted that in fact, almost anyone can create an application with which you can read, delete and manage user messages. It’s enough to get permission from the user through the Gmail API.
Until 2017, Google itself scanned users’ letters to show them personalized ads. However, after several scandals the company refused this practice, but allowed to collect private data to third-party developers.