Yahoo & AOL Just Gave Themselves Permission To Read Your Bank Statements

Fact checked
Yahoo give themselves permission to read your emails and bank statements

Yahoo and AOL have both quietly updated their privacy policies, granting themselves permission to read your emails and extract sensitive financial data from your credit card and bank statements.

Though Yahoo has long been in the business of scanning its users’ emails to maximize ad opportunities, its updated privacy policy is more Orwellian than ever before.

Cnet.com reports: When we logged in to a Yahoo Mail account Friday, we were greeted with the privacy policy you see below (Jason Kint had pointed to the policy earlier on Twitter). In it, Oath notes that it has the right to read your emails, instant messages, posts, photos and even look at your message attachments. And it might share that data with parent company Verizon, too.

To be clear, Yahoo’s previous privacy policy had already stated that Yahoo “analyzes and stores all communications content, including email content,” so the company has previously disclosed that it’s been able to scan the contents of your emails, at least. (AOL’s legacy privacy policy doesn’t say anything like that.)

When you dig further into Oath’s policy about what it might do with your words, photos, and attachments, the company clarifies that it’s utilizing automated systems that help the company with security, research and providing targeted ads — and that those automated systems should strip out personally identifying information before letting any humans look at your data. But there are no explicit guarantees on that.

Notably, Google used to scan its Gmail messages for better ad targeting, though it stopped the practice in June of 2017.

There’s also this paragraph:

In other words, emails related to your banking and financial transactions appear to be equally in the crosshairs of Oath’s ad targeting engine.

There appears to be another big change for Yahoo users, too: Oath’s previous mutual arbitration clause and class-action waiver has been updated and extended across the company’s services to include Yahoo as well. What it means is if you don’t like what the company does with your data, you’ll have a hard time suing.

In response to several specific questions related to the new privacy policy, an Oath spokesperson replied only with this statement: “The launch of a unified Oath privacy policy and terms of service is a key stepping stone toward creating what’s next for our consumers while empowering them with transparency and controls over how and when their data is used.”

None of this is necessarily unexpected behavior for a big tech company in 2018, and our collective expectation of privacy may be smaller than ever today. But in in a post-Cambridge Analytica world, think twice before hitting that “OK” button.

You can read the entire Oath privacy policy right here.

2 Comments

Leave a Reply

Your email address will not be published.




This site uses Akismet to reduce spam. Learn how your comment data is processed.