Warning: Google’s Gemini AI Is Reading Your Emails—Here’s How to Get It to Stop

4 weeks ago 51 Back

<?xml encoding="utf-8" ?>

Gmail is by far the planet’s most popular email service. Chances are, you’re one of the estimated 1.8 billion people who use it—yes, that’s billion with a b. Google’s free, ad-supported email is easy to use, it’s available across multiple devices and you can manage your messages from anywhere on the planet. What’s not to love? Well, hold that thought.

Recently, Google began rolling out a major update to Gmail, transforming it into a proactive “personal assistant” powered by Gemini 3, Google’s own AI model. (If you’re not sure what that is, think of it as Google’s version of ChatGPT.) These new Gmail features can summarize your emails, improve your search results, create to-do lists and help you draft better replies—but people are sounding the alarm over what they say are major security concerns.

Should you be worried? I talked to two privacy experts from Avast, a leading cybersecurity company: Michal Salat, Avast’s threat intelligence director, and Luis Corrons, a security evangelist for Avast and its parent company, Gen, to separate fact from fiction. I also combed through Google’s publicly available information to determine the impact of these new features, as well as any potential trade-offs for your security and privacy.

Keep reading to learn more about Google’s Gemini AI, how it will affect your Gmail account—and how you can turn it off.

Get Reader’s Digest’s Read Up newsletter for more tech, cleaning, humor, travel and fun facts all week long.

So, what is Gemini?

Anadolu/Getty Images

Gemini is Google’s AI assistant, and it’s already deployed across many Google services. So you’ve probably used Google’s AI without even realizing it. Google Gemini generates the summaries you see at the top of many Google Search result pages, plus it can understand and create text, images, audio and computer code. Like ChatGPT, you can converse with it as if it were a human.

Gemini is also integrated into apps like Maps, Docs and Gmail to help find and summarize information and perform key tasks. Google Nest smart speakers and smart displays also use Google Gemini as their new voice assistants, having replaced the original Google Assistant in 2025. This brings us to January 2026, when Google started to roll out the new, AI-enhanced Gmail to customers across the United States.

What’s Gemini AI doing in your inbox?

Coming up, we have a list of key highlights, but the first thing you’ll notice is the new Gmail interface. Called the “AI Inbox” view, it’s a shift from a chronological list to a prioritized overview of tasks and key info, like messages from VIP contacts or those with urgent-sounding language. The look is cleaner and more vibrant, with soft colors and rounded corners.

Here are the new Gemini-enhanced changes rolling out to users:

AI Overview: Once an optional toggle, AI Overview now appears at the top of all long email threads. Overview summarizes the messages so you don’t have to wade through them to find important facts (for example, “Julie inquiring when the report will be done; due Monday”).
Help Me Write: Get help drafting a response to an email; the system suggests replies that match your writing style.
To-Do List: The AI scans your emails to automatically identify and list actionable items, including calendar appointments, upcoming bill payments or client requests that need a reply.
Topics to Catch Up On: This feature groups messages by theme, such as projects, conversations or events.

The above features are included at no cost with basic Gmail, but a fuller suite of AI-enhancements, like proofreading tools and a more robust AI that lets you ask questions (“When did Julie need that report?”) and complete tasks (“Summarize Julie’s last three emails”), are available for paid subscribers.

So, does Google read your emails?

Not in the way you think. Google says human employees are not reading your Gmail messages—but Salat says that’s not the whole story. (There’s always a but, isn’t there?)

“In order for Gemini AI to work, the system needs to have read access,” Salat says. (“Read access” means permission to view, but not modify, files or data.) Overall, this type of information extraction is not new: Gmail already has features that need to read your email to work, such as the ability to create calendar events from ticket reservations or travel arrangements.

What’s different about the new AI assistant is that it scours your email to help prioritize messages, generate to-do lists, suggest smart replies and generally offer a more holistic suite of interpretive tools. It’s not just sorting your mail, it’s contextualizing it—which can feel odd and invasive. But Google insists employees are not reading your private messages.

“AI introduces new security challenges, but not that your email is spying on you,” Salat confirms.

Is Gmail using your messages to train its AI?

Person holding tablet displaying gmail and gemini ai

No. Google says Gemini does not use personal email content to train its AI models: “We do not use your Workspace data to train or improve the underlying generative AI and large language models that power Gemini, Search and other systems outside of Workspace without permission.”

That “without permission” is doing a lot of work here, as they go on to say in their FAQs: “If you choose to connect your content apps to Search services, we may use that data to improve Google services for everyone, including by training generative AI models.”

In other words, Gemini will not scan and search your email without your permission. But if you engage with your new Gmail AI view to search, say, for a restaurant recommendation for an upcoming trip, that gives the AI permission to use the relevant data for training purposes.

Am I getting personalized ads because my emails are scanned?

No, though you’d be forgiven for wondering. “Ad personalization is so precise these days that it’s easy to feel like you’re being spied on,” Salat says.

But that’s not what Gemini is doing, and Google voluntarily stopped this practice in 2017. Ads shown in Gmail are based on your general online activity, though, such as your Google search history, YouTube activity, sites visited and, when signed in, services and games connected to your Gmail account. But it’s not because your emails are being read or scanned for advertising purposes.

“Gemini, like all AI, isn’t conscious and doesn’t act on its own; it works as an assistant, pulling relevant information from emails only when it’s helpful to a task you’ve requested,” Salat says.

Just how secure is your private information?

While Google employees aren’t reading your messages to personalize your experience or train Google’s AI models, any data transfer and/or retention can be vulnerable to attack by bad actors. A recent report from Mozilla’s GenAI Bug Bounty program found that Gemini could be prompted to act on malicious code inserted into an email—when users asked Gemini to “summarize this email,” the AI complied, launching the hidden attack.

“No online service is completely immune to data breaches, and even well-protected platforms can be compromised through social engineering,” says Corrons. “Any time data is processed or shared, it creates potential opportunities for attackers to hide malicious content or exploit trust in everyday digital interactions.” Corrons says this isn’t unique to AI tools, but just the reality of modern online services.

Google says it’s continually working behind the scenes to address vulnerabilities as they come up. In response to the Mozilla report, they launched a “layered security approach” to train their AI models to mitigate threats from malicious prompts. Attempts by PC Mag to duplicate the attack were unsuccessful, leading analysts there to conclude that Google patched the bug.

Can you opt out of Gemini in your Gmail?

Yes. To opt out of Gemini in Gmail, you need to turn off “Smart Features” in Settings. Here’s what to do:

On desktop (Gmail.com)

Open Gmail
Click the Settings cog in the top right
Select “See all settings” and navigate to the General tab
Scroll down to “Smart features” and uncheck the box
Click “Save Changes” at the bottom

You can also disable AI features across your entire Google Workspace. These settings are found right below the “Smart features” toggle in your Gmail settings window.

On mobile (Gmail app for iOS or Android)

Tap the menu icon (aka the 3-line “hamburger”)
Tap Settings
Select “Data privacy”
Toggle off “Smart features” and “Google Workspace smart features”

Note: If an administrator controls access to your email or other Google services, like work- or school-issued Gmail accounts, you may need to ask them to turn off Gemini for you.

Where else will you find Gemini AI?

Google’s Gemini isn’t restricted to summarizing your Gmail messages. You can download the Gemini app for both Android and Apple devices, and the company is continuing to roll out Live Search, which allows you to talk, share camera images and receive spoken answers. Chrome users no doubt have noticed the integration of Gemini AI into search, and you can also find AI summaries at the top of Google web searches in other browsers too. And of course, you can visit Gemini directly on the web at gemini.google.com.

About the experts

Michal Salat is director of threat intelligence for Avast, an award-winning cyber safety brand and part of Gen, which protects nearly 500 million users in more than 150 countries. He leads Avast’s global efforts to identify and analyze emerging malware and cyberthreats. Salat began his career as a malware analyst at Avast and went on to build and lead the company’s threat analysis function. He has expertise in malware research, advanced threat detection and IoT security.
Luis Corrons is a veteran cybersecurity expert and security evangelist for Gen, the parent company of Avast and other cybersecurity brands like AVG, Avira and Norton. Corrons specializes in threat analysis, malware and emerging online dangers. With more than 20 years of industry experience, including roles at other security companies, Corrons now acts as a company spokesperson, educating the public on complex security issues and tracking threat trends.

Why trust us

Reader’s Digest has published hundreds of articles on personal technology, arming readers with the knowledge to protect themselves against cybersecurity threats and internet scams as well as revealing the best tips, tricks and shortcuts for computers, cellphones, apps, texting, social media and more. For this piece, Marc Saltzman tapped his 30-plus years of experience as a technology journalist, the author of several books and the host of the syndicated Tech It Out radio show and podcast to ensure that all information is accurate and offers the best possible advice to readers. We rely on credentialed experts with personal experience and know-how as well as primary sources including tech companies, professional organizations and academic institutions. We verify all facts and data and revisit them over time to ensure they remain accurate and up to date. Read more about our team, our contributors and our editorial policies.

Sources:

Michal Salat, director of threat intelligence for Avast; interviewed January 2026
Luis Corrons, cybersecurity expert and security evangelist for Gen; interviewed January 2026
Google: “Gmail is entering the Gemini era”
PC Mag: “Google Gemini Bug Turns Gmail Summaries into Phishing Attack”
Google Security Blog: “Mitigating prompt injection attacks with a layered defense strategy”
0DIN: “Phishing for Gemini”
New York Times: “A.I. Has Arrived in Gmail. Here’s What to Know.”
YouTube: “Gmail in the Gemini era: Explore the new features”
Reddit: “Google is unleashing Gemini AI features on Gmail. Users will have to opt out”
Google: “Gemini Live”