In 2018, Google launched Gmail Add-ons, as a new way for developers to integrate their apps into Gmail. One of the biggest goals was to create an ecosystem with a security model where user information is only shared with a developer/company when a user takes a specific action.
At the start of 2019, (January 15th to be specific) Google will strengthen their policy by adding additional security and assurance for users through the implementation of a new Gmail API Policy.
From a high-level, the new policy:
- Ensures consumers know exactly what’s going on with their data and how it’s being used.
- Defines how data should be handled and managed.
- Requires developers who handle email data to be qualified and vetted
Let’s look a little deeper at the specifics around the new Google API policy.
Covered Gmail API Scopes
All apps accessing the Covered Gmail APIs, such as those listed below, will be required to submit an application review via the Google API Console. If reviews are not submitted on time, Google will revoke your access.
Google also encourages developers to update project roles to help ensure that email address and groups are up-to-date.
If you haven’t already, take the time to review the full Google API Policy and make sure your email processes and data gathering/management systems will be compliant to the upcoming changes.