Google Gmail AI Personalization Setting May Expose 1.8 B Users’ Data
What Happened — Google rolled out AI‑driven personalization in Gmail, automatically generating smart replies and subject suggestions based on users’ email content. The feature relies on large‑scale data processing and can be toggled via a new privacy setting that many users have not reviewed.
Why It Matters for TPRM —
- AI‑enabled services can broaden data exposure beyond traditional email content.
- Unchecked personalization settings may conflict with contractual data‑handling clauses.
- Vendors that embed Google Workspace into their workflows inherit the same privacy risk.
Who Is Affected — Cloud‑based email providers, SaaS platforms integrating Gmail, enterprises of all sizes that rely on Google Workspace, and end‑users (≈1.8 B accounts).
Recommended Actions — Review the Gmail AI personalization toggle for all corporate accounts, update your vendor risk questionnaire to capture AI‑related data handling, and ensure contractual clauses address automated content analysis.
Technical Notes — The AI feature operates via Google’s internal large language models; no public CVE or vulnerability is disclosed. The privacy setting is accessed through Gmail Settings → “Smart Compose & Smart Reply” → “Data usage for AI”. Source: TechRepublic