Millions of people are believed to have installed Gmail apps.
Suzanne Frey, the director of the company's Security, Trust, & Privacy division of Google Cloud, said, "A vibrant ecosystem of non-Google apps gives you choice and helps you get the most out of your email".
"Some people might consider that to be a dirty secret". Both companies say the practice is covered by their user agreements, and that they used strict protocols for the employees who read emails. eDataSource says it previously allowed employees to read some email data but recently ended that practice to better protect user privacy.
The furore continues an ongoing theme in Silicon Valley: the security risks posed by third-party apps attached to popular web platforms.
"Before a non-Google app is able to access your data, we show a permissions screen that clearly shows the types of data the app can access and how it can use that data".
In a statement, a Google rep said that the practice involved only vetted companies and that users are willingly agreeing to it, as they submit their accounts to this when granting apps email access. Google, for its part, has always maintained that it doesn't read anyone's email, and instead uses an automated system to scan for keywords (no humans are involved).
Almost every major email provider allows developers to access inboxes of their users, so it isn't surprising that Google is doing the same.
They include Return Path, a company that collects data for advertisers, and email organisation tool Edison Software.
Edison Software told the newspaper it had reviewed the emails of hundreds of users to build a new software feature.
Many software developers also said they go through inboxes to improve the user experience.
The category that you'll want to pay particularly close attention to, however, are apps that are labeled "Third-party apps with account access". While the WSJ found no evidence that these companies misused the data they collected, it's still a blow to user confidence, especially as companies like Google and Facebook keep saying that they're protecting your data. In a tone that sounds very similar to Apple's, Google says that it doesn't make any money by giving developers API access.
Google's developer policies state: "There should be no surprises for Google users: hidden features, services, or actions that are inconsistent with the marketed goal of your application may lead Google to suspend your ability to access Google API Services".