Evernote Reverses Policy On Reading User Notes

Here’s an example of how not to handle privacy policy changes.

On December 14 Evernote announced that it would be updating its Privacy Policy with details around new machine learning tools that were to be implemented. As part of said update and in order for the machine learning to function properly, we also learned that a human review of your notes could be required along with several other reasons why employees at Evernote might need to read your notes.

According to the post, which you can read here, in order to help Evernote verify that the machine reading is functioning as expected, it would sometimes be necessary for employees to manually check the machine output versus the contents of your notes.

Employees could also read your notes for a host of other reasons and while some are perfectly valid and acceptable (like as a result of Evernote being served with a valid Court order or warrant), others are pretty loose, like if they need to “maintain and improve the service”.

Of course not every employee would have the ability to read notes though, and while you could also opt-out of the “reading for machine learning purposes” part that didn’t exclude your notes being read for the other, aforementioned reasons.

As you might have expected, there has been an outcry and Evernote has been forced to back-track and post the following:

After receiving a lot of customer feedback expressing concerns about our upcoming Privacy Policy changes over the past few days, Evernote is reaffirming its commitment to keep privacy at the center of what we do. As a result, we will not implement the previously announced Privacy Policy changes that were scheduled to go into effect January 23, 2017.

Instead, in the coming months we will be revising our existing Privacy Policy to address our customers’ concerns, reinforce that their data remains private by default, and confirm the trust they have placed in Evernote is well founded. In addition, we will make machine learning technologies available to our users, but no employees will be reading note content as part of this process unless users opt in. We will invite Evernote customers to help us build a better product by joining the program.

Great, they admitted they screwed up and said they won’t do it again, but their choice of words is amusing. Instead of Evernote “reaffirming its commitment to keep privacy at the center of what we do”, given that they broke that commitment in the first place, shouldn’t Evernote be “re-committing” instead?

The thing is, once a company has actually said that they could/would invade your privacy for the reasons given, saying that “of course we’d never do it without your express permission” doesn’t carry all that much weight. And it’s not like there isn’t a plethora of note-taking alternatives to choose from. That said, you may want to take a look at the alternatives’ privacy policies also!