> We do not scan or read your Gmail messages to show you ads
If you have a work or school account, you will never be shown ads in Gmail.
> When you use your personal Google account and open the promotions or social tabs in Gmail, you'll see ads that were selected to be the most useful and relevant for you. The process of selecting and showing personalized ads in Gmail is fully automated. These ads are shown to you based on your online activity while you're signed into Google, however we do not process email content to serve ads.
I know a company that once worked on an unannounced product, X, a few years ago. At the time, you could Google "who made X," and Google would correctly show you that company. It was a start-up size business using GSuite, so far too unlikely to be a lucky guess by Google.
This caused no damage as the public needed to know what X was to Google it, and it was unannounced. But it was suspicious. Either Google was scanning GSuite Gmail or Drive accounts, or perhaps someone stored a document on or sent an email to a personal Google account with some keywords. How these things happen is always very opaque with companies like Google.
Our maybe an internal page was accidentally externally accessible, someone internal visited it in Chrome, and the URL got added to the list of things to scrape.
I've see this without Gsuite vector. Could be employees logged in to personal device and leaking through those interactions. Or email to external investors, consultants, or contractors? Send something out to your external translation or localization team, ad agency, or copy editor? Difficult not to have some leakage.
All of these could be true. However, the start-up was using GSuite a lot. It constituted about 90% of the company's interactions with Google. It's impossible to certainly know what happened since Google can't be asked where it got its data.
End-to-end encryption with keys only you control is really the only type that matters from a privacy point of view. Encryption at rest or in transit behind the scenes helps protect against some actors but does not give you privacy.
The zero-setup encryption offered by cloud providers is also smoke and mirrors. It's a key they control, so while it may improve security against someone internal snooping on a raw SAN device it doesn't do much for your privacy.
In most cases the same information you can glean from someone’s email inbox, you can likely glean the same accuracy by looking at their google search history.
I would guess Google doesn’t read emails because the data is more difficult to parse (there’s a lot of it) and, when compared to intent based interests that can be gleaned from your google searches, the value of the content in your inbox is lower than most people think.
> We do not scan or read your Gmail messages to show you ads If you have a work or school account, you will never be shown ads in Gmail.
> When you use your personal Google account and open the promotions or social tabs in Gmail, you'll see ads that were selected to be the most useful and relevant for you. The process of selecting and showing personalized ads in Gmail is fully automated. These ads are shown to you based on your online activity while you're signed into Google, however we do not process email content to serve ads.