— Rushi Bhavsar (@parapraxist) December 14, 2016
The paragraph that’s got most riled is the following: “If you would prefer to opt out of machine learning technologies on your content (including some which require some human review for oversight purposes), you can do so in your account settings, where it says, ‘Allow Evernote to use my data to improve my experience.’ If you do opt out, however, you may not be able to get the most out of your Evernote experience.
I’ve also read the section about Evernote sharing content and can’t see any explicit mention of workers poking at my notes. It may be covered under the section outlining Evernote’s right to investigate violations of terms of service and illegal activities. But it’s far from clear.
In its FAQ outlining why it’s explicitly allowing its staff to access user notes, Evernote does its best to describe what protections it has in place to ensure they won’t do anything amiss with users’ information. Those lucky few at Evernote granted dominion over customer privacy have gone through background checks and received “specific security and privacy training at least annually to ensure they are up to date on the latest privacy and security requirements and standards.” Evernote says it has strictly limited the number of people who are allowed to view user content too. Comforting.
I’ve asked Evernote which employees can view notes, what their roles are and what exact machine learning tools they’re planning on improving. I’ve also asked them if it’s actually possible to opt out of employees looking at your notes at all. I’ll update when the Redwood City, CA, company responds.
There’s one thing users can do (if they trust Evernote is handling its encryption right) and that’s lock up content with a password. You can do this by highlighting text you consider sensitive, right-clicking and choosing the encrypt option. That should mean you and only you can read the plaintext.
UPDATE Evernote’s head of comms Greg Chiemingo emailed the following in response to the above questions: “First, the employees who have access are verifying the veracity of the machine learning algorithm so the note content is dependent on the feature.
“In the example we’ve provided in the tech post [see link for details on Evernote’s plans for machine learning], an engineer would be assessing whether or not the machine learning algorithm has identified “United” as related to a flight itinerary and not a moving company so he or she isn’t reading the note content, they are verifying that piece of the content to ensure the system is working properly.
“For the existing access under the current policy, customer support staff only access to diagnose and troubleshoot errors or comply with legal requests from law enforcement.”
“Privacy has always been at the heart of Evernote, and we’re as committed as ever to upholding our Three Laws of Data Protection. These laws guide everything we do, and, I believe, represent industry-leading standards for privacy,” O’Neill added.