How to stop third-party apps accessing your Google account
In the wake of the revelations that research firm Cambridge Analytica has harvested the data of millions of Facebook users via a seemingly benign third-party app, it’s a good time to think about who can see your other personal account info.
No organizations are known to have harvested info from Google accounts for nefarious purposes, but it’s still a good idea to review which apps you’ve given permission to see and use your data, and revoke access to any you no longer need, or trust.
Google Account access
Different third-party apps will request different levels of access to your account information
What Google account data is shared?
Like Facebook, Google uses a login API (Google Sign-In) that allows you to log into third-party apps and services with your Google account. For you, it’s more convenient than registering with an email address and new password, and for the app developer it means there’s less friction so more users are likely to sign up.
These third-party apps can also request information and access to your Google account. Apps with full access can see virtually everything about your account (though they can’t delete it or make payments via Google Play), but most will receive what Google calls ‘basic profile information’. This includes publicly visible information from your Google+ profile, such as your name, email address, country and approximate age.
Managing third party apps with Google account access
If you haven’t checked your account permissions before, you might be surprised how many third parties can read your personal information
Manage connected apps
To check which apps are connected to your Google account, visit your App Permissions page. This list will include both desktop and mobile apps you’ve given access to your account, as well as the information they receive.
You might be surprised how much information some apps require. For example, a shopping app might request data about people in your Google+ Circles.
Look out for any apps for which the ‘Access given to’ URL is substantially different to the service’s homepage. The homepage isn’t verified by Google; it’s simply provided by the developer that registers the app, so it might be a fake.
Google profile information
You might not have used Google+ for years, but your info is still there, and a surprising amount of it might be public
Check your Google+ profile
Once you’ve taken a look at your apps, it’s a good idea to review your Google+ Profile and see how much information is publicly available – particularly if you haven’t used Google’s social network for a while. The site encourages you to enter personal details like your full name, employment history, and details of other social media accounts – all linked together to create a unique fingerprint.
Almost all third-party apps can access your public profile, so if there’s anything you’d prefer not to share, either click the green icon to make it private or delete it completely.