cc Hot Wife: Gmail exposes contact names
I sent an email out to a few friends and family members this week, CC'ing my wife.
A few minutes later, my friend sent the following screenshot:
"Hot Wife" --- What the hell? Yes, that was the contact name I was using for my (smokin' hot) wife, but why was my friend able to see it?
Well, when Gmail autocompletes a recipient from your contacts, it also sends along the name you have for them in the email headers.
Here's a look at a part of the headers of the raw email:
Subject: [redacted]
From: Nate Meyer <[redacted]@gmail.com>
To: Nate Meyer <[redacted]@gmail.com>
Cc: Hot Wife <[redacted]@gmail.com>
In some respects, this makes sense. It's more human friendly and, surely in most cases, their name in your contacts list is accurate. So, when others are CC'd in an email that includes recipients they don't personally have in their contacts, including their names could very well be handy.
However, from my testing, even if one of the recipients has the other person in their contacts, Gmail will still opt for the contact name from the sender's contacts, since that's the name specified in the headers of the email.
Privacy concerns
At the end of the day, this is how email is supposed to work, but ask yourself this: did you know Gmail was actually doing this? Did you know that your personal Google Contacts names were shared with all recipients when sending emails?
Consider also the same scenario happening in a professional environment. If someone saves their boss as "Micromanaging Nightmare" and then CCs them on an email then, in theory, everyone else would also see that name.
To me, this seems like a lapse in privacy, or at least certainly a UX failure. Particularly for non-technical users, if Gmail is going to autocomplete recipients with details from your Contacts so aggressively, I would expect there to be much clearer messaging around the implications of doing so.
I understand that Gmail is trying to make the product more user friendly, but I think it's making some questionable decisions without the user's knowledge. And unlike some email clients that allow users to choose whether to include contact names when sending, Gmail enforces this behavior with no setting to disable it.
What Gmail should do (but hasn’t)
Instead, I think Gmail should:
- Not be so aggressive in autocompleting emails with contact chips, which currently makes it next to impossible to send just the raw email, and make it clear and obvious that certain information from your contacts will be shared with other recipients.
- Issue a warning or otherwise make it clear before sending when a contact name differs from the email's official sender name.
- Improve handling of display names in contact management, ensuring only intended names are visible to recipients.
Comments