Compliance Management, Network Security, Privacy

Evernote cancels privacy policy allowing employees to read user content

The note-taking and organizational app Evernote has stirred up controversy after announcing a revised privacy policy that permits a limited number of employees to access and read users' content under specific circumstances. The policy becomes effective on Jan. 23, 2017.

Redwood City, Calif.-based Evernote Corp. amended its policy in anticipation of deploying machine-learning capabilities that, according to a company FAQ page, will allow the app service to automate certain functions, such as the creation of to-do lists and itineraries. The company is promising that the functionality will create more a convenient, personalized experience. But there is a trade-off: according to Evernote, its data scientists must perform spot checks on the technology to make sure it is processing information correctly – and this requires access to user content.

“While our computer systems do a pretty good job, sometimes a limited amount of human review is simply unavoidable in order to make sure everything is working exactly as it should,” reads the FAQ page.

Users have been given the choice to opt out of the machine-learning program. However, in making its announcement, Evernote also drew attention to several conditions in its current policy that already give employees the right to review content under additional circumstances. In an update to its FAQ page, the company clarified that such exceptional circumstances include when a warrant is served, when harmful or illegal content is reported, and when troubleshooting the service at the request of a user.

In Evernote's online forums, some users have expressed dismay over the forthcoming changes to the policy – in several cases threatening to abandon the service.

In a company blog post on Thursday, Evernote CEO Chris O'Neill sought to ease fears over how app users' content will be treated by data scientists working on the machine-learning technology. “Select Evernote employees may see random content to ensure the features are working properly, but they won't know who it belongs to,” wrote O'Neill. “They'll only see the snippet they're checking. Not only that, but if a machine identifies any personal information, it will mask it from the employee.”

UPDATE 12/16: In response to mounting criticism, Evernote has scrapped plans to implement its revised privacy policy, according to an announcement posted last night on the company blog.

The app developer noted that it will still make machine-learning technologies available to users, "but no employees will be reading note content as part of this process unless users opt in." Under the rejected policy, users would have had to opt out of the program.

“We announced a change to our privacy policy that made it seem like we didn't care about the privacy of our customers or their notes. This was not our intent, and our customers let us know that we messed up, in no uncertain terms," said Evernote CEO Chris O'Neill in the blog post. “We are excited about what we can offer Evernote customers thanks to the use of machine learning, but we must ask for permission, not assume we have it."

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.