That article is just describing gmail APIs, which requires explicit user consent via oauth to enable. This is no more shocking than gmail supporting IMAP.
"The companies said they had not asked users for specific permission to read their Gmail messages, because the practice was covered by their user agreements."
Regardless of what those third party companies told their users, users would have had to accept a pretty clear dialog [1] delegating access to their Gmail accounts. That's just how google oauth works.
