After stepping on its trunk in a privacy imbroglio, the Evernote elephant issued a clarification on Thursday, saying user concerns were triggered because "we communicated poorly."
Evernote (whose mascot is an elephant, because an elephant never forgets) promises to protect user privacy, but reserves the authority to view user content when legally required to do so. "Like other Internet companies, we must comply with legal requirements such as responding to a warrant, investigating violations of our Terms of Service such as reports of harmful or illegal content, and troubleshooting at the request of users. The number of employees who are authorized to view this content is extremely limited by our existing policies, and I am personally involved in defining them," O'Neill says.
O'Neill clarifies the updated policy in his blog post Thursday: Evernote plans to improve its machine learning to "automate functions you now have to do manually, like creating to-do lists or putting together travel itineraries. Machine learning might sound like science fiction where computers make their own decisions. In reality, machines still need a human to check on them. To get there, Evernote data scientists need to do spot checks as they develop the technology," O'Neill says.
"Select Evernote employees may see random content to ensure the features are working properly but they won't know who it belongs to," O'Neill says. "They'll only see the snippet they're checking. Not only that, but if a machine identifies any personal information, it will mask it from the employee."
That change is scheduled for Jan. 23. Users can opt out of the new machine learning capabilities, which will also opt them out of Evernote employees gaining access to data.
O'Neill's statement generated mixed reactions on social media.
"[S]till cancelling account," says Quinn Murphy on Twitter, who identifies himself as an operations engineer and game designer.
"I applaud @Evernote for taking responsibility, owning their misstep & providing clarity. Thx," says Christi Avampato on Twitter, who identifies herself as a freelance writer for the Washington Post and product director at a healthcare AI startup.
Meanwhile, on reddit.com/r/evernote:
"Sometimes the CEO needs to step into place and clarify things. [The] legalese made it sound a lot more [scary] than it really is," says "rechnergott." "Also - this is why PR is a thing."
But "iwannabethecyberguy" notes that Evernote says that data is encrypted in transit, but does not say whether it's encrypted at rest. "This means if Evernote were to be [compromised] all of your data would open to view. Sure, you probably don't care because [all] you have [are] recipes, saved articles, and harmless notes, but if that's the case, send me your Evernote username and password (and two-factor tokens) so I can look at [y]our notes. [They're] harmless notes so you won't mind right?"
Also, see discussion on this Reddit thread: Users seem equally split between (1) Dumping Evernote because they feel the privacy imbroglio is the latest of a series of bad decisions that mean the company is doomed and (2) Staying with Evernote because they don't believe there's an alternative.
— Mitch Wagner, , Editor, Light Reading Enterprise Cloud