There’s one simple feature I want. Any API that has access to any portion of an email’s content should have their icon prominently displayed near the header in the field similar to ‘Bcc’ indicating that they have been sent a copy.
A click on that icon should display a popup which explains who it is, a link to the privacy policy, date when the Integration was enabled, count of how many emails it has seen, and provides an option to disable the integration with a single click. It would be nice to have the ability to apply filters to limit which emails are shared with that provider in the future.
It’s too easy for users to add an Integration at one point and forget months or years later that it’s active. But also mentally when people add these add-ons it often doesn’t really click exactly that you are literally Bcc’ing the add-on every message you send.
There is precedence for this kind of UX change and Google. It used to be that chrome extensions could optionally add icons to the Chrome menu (the icons to the right of the address bar). Now all Chrome extensions appear in the Chrome menu, both reminding the user that it is there and also giving an easy way to remove the extension should they no longer need it.
Before you shell out $15k-$75k be aware that Google's record of maintaining API's is very bad. They very aggressively deprecate API's with little or no warning and provide zero alternatives. In my opinion, they have very little concern or respect for people developing on their various platforms. Maybe it's not applicable here but I've been burned by them before because of this.
I imagine that's going to be a pretty bitter pill to swallow for a lot of companies. How do you think they'll continue to police it? What happens in a year's time when than company is sold to someone else, for example?
Personally, I feel like people in general are too quick to hand apps access to their machines. For example, I know a bunch of people who used grammarly, and I said to them at the time - wait, you're basically installing a key-logger that sends your data to a 3rd party - what happens when they lose it?
My experience is that many people simply don’t care. A friend of mine told me that he uses the Kayak app a lot. He gave them access to all his emails. They scan every incoming email for trip itineraries and push it to his app whenever they find something. I was a bit shocked and asked him if he didn’t care that they could read all his emails. He said “no I don’t care, there’s nothing I’d like to hide and I love the convenience”. Well, fair enough I thought.
And then, there’s is often nothing I can tell people to make them afraid. Sure,
I’d never do such a thing. But because I don’t trust the corps, not because I could really articulate what bad could possibly happen in the worst case.
I wonder if your friend would object if you asked to browse through his email right then and there, or download it all as an archive to look through later.
I imagine most people wouldn't really want to do that, even if they believed they had nothing to hide and use apps like kayak.
Might be a good way to make a point (or maybe not, but it's interesting to think about).
Yes that's also a very good question. I think if you combine the two, you get "would you prefer to give email access to your friend or to a random stranger" - it's actually a tough question for me to answer.
I guess maybe it's like how you're comfortable talking about a medical issue with a doctor you've never met before, but you wouldn't necessarily want to discuss it with friends.
Why do you need to "make them afraid"? Why is your feelings toward privacy the only correct one?
Owning a keyboard is potentially "giving everything you type to a company". Connecting to the internet at all is possibly giving the whole world access to your machine. Using ANY service is giving them information about you that could be used against you.
Why are those tradeoffs okay, but giving a company access to your email not (access, which is already given to Google as the one actually running the email service)?
Nobody is saying they want it to be a free-for-all where anyone that gets access to your information can use it any way they want with no security or tools in place to manage it. But I feel I should be allowed to decide who I'm able to give my information to, especially when I get something in return. And I want there to be controls in place to prevent abuse, I want to be able to revoke that access at any time, and I want the legal system to be on my side if things go wrong, but I don't want someone condescendingly trying to make me "afraid" of a conscientious decision I made that is making my life better and all parties involved are happy with.
Just like how you shouldn't be lambasted for using a keyboard which could possibly contain a keylogger embedded in the device, I shouldn't be insulted for wanting to use tools and services on my information that benefit me.
Thank you. That’s a very insightful question and it made me think. I have no answer yet why I (we) view some tradeoffs as ok and others not. Will think about this...
I came in a little hot in that comment, and pushed some of the arguments to their extreme, so I want to apologise for that.
But I really appreciate the response! It's a nice breath of fresh air when someone responds like you did, especially when my comment was a lot more aggressive.
There's not going to be an easy solution for this kind of stuff, but at the end of the day I feel it's a necessary evil, very similar to how many countries deal with freedoms or natural rights.
If we err on the side of giving people choice, that means that more bad actors will be able to hurt than if we didn't. But I feel that freedom is something to be protected, and it is worth the added work and risk of allowing bad actors to get a foothold.
No need to apologize! You didn't come across as "aggressive". Your comment made me think and that is important. Taking arguments to their extremes helps sometimes to get a discussion really going...
If you use AdBlock or any other browser extension then they also has access to all your email. But for some reason people on HN care more about granting API access than about what apps actually have access.
> And then, there’s is often nothing I can tell people to make them afraid.
You need only to send your friend an email:
"Steve,
Please remember to bring the poison and knife tonight when you meet me under the bridge at 12am at 1st and Congress. I will meet you there with the cocaine and unmarked bills. I appreciate your help in this matter, and suspect Bob will not see it coming."
Yes, that’s what I always used to say too. But then again in Europe this is almost impossibly from a regulations point of view. Also, no insurance has the capabilities to do that ;-)
How does this affect open-source apps? The other day we had a thread about using Emacs as an email client, and I linked to docs on how to get offlineimap to work with XOAUTH2. The Google docs currently say that you can opt in to using apps under development - so in practice, an end user of an open-source app can go to the Google developer console, get a key, and put that in their personal config file - but it sounds like that conflicts with the spirit of these policies. Is that changing?
> Applications that only store user data on end-user devices will not need to complete the full assessment but will need to be verified as non-malicious software. More information about the assessment will be posted here in January 2019. Existing Applications (as of this publication date) will have until the end of 2019 to complete the assessment.
Not clear what "verified as non-malicious" means in this case, w.r.t. cost.
Before even delving into API's, why not address the low hanging fruit of getting rid of Google Chrome extensions that harvest your click and traffic data? And selling it to marketers?
A click on that icon should display a popup which explains who it is, a link to the privacy policy, date when the Integration was enabled, count of how many emails it has seen, and provides an option to disable the integration with a single click. It would be nice to have the ability to apply filters to limit which emails are shared with that provider in the future.
It’s too easy for users to add an Integration at one point and forget months or years later that it’s active. But also mentally when people add these add-ons it often doesn’t really click exactly that you are literally Bcc’ing the add-on every message you send.