Privacy · the inbox the AI now reads
AI in your email
30-second gist~30s read
When you say "yes" to a Copilot, Gemini, or third-party AI plug-in for email, you usually grant it the same access as the email app itself: read everything, draft replies, sometimes send.
For enterprise tools (Microsoft 365 Copilot, Google Workspace AI), what's read stays inside your organisation's data boundary. For consumer plug-ins, the picture is mixed and worth checking.
If you want more
What's typically true
- Microsoft 365 Copilot reads your mailbox using your existing permissions. It does not train on your data. Anything Copilot reads stays within your company's data boundary.
- Google Workspace Gemini follows the same pattern: bound to your account, doesn't train on the content.
- Personal Gmail / Outlook AI features are usually scoped to the consumer terms — read/draft is on, training-on-content depends on the setting in the previous topic.
- Third-party plug-ins (the long tail of "AI assistant for Gmail" extensions) vary wildly. Some only summarise the email currently open; others sweep the whole mailbox to learn your style. When you install one, it asks for permissions — the list of what it's allowed to read or change. That list is the actual contract.
What to switch on, what to switch off
- Switch on automatic categorisation if it helps. It's mostly local pattern-matching, not deep AI reading.
- Switch off "draft replies for me" until you've used it a few times — the auto-drafts can lose the thread, especially in long chains.
- Audit your connected apps twice a year. myaccount.google.com/security for Google; account.microsoft.com for Microsoft. Revoke anything you don't recognise.