On Monday, Vice’s Motherboard broke yet another story revealing the extent to which companies are monetizing their users.
Reporter Joseph Cox’s investigation(nouvelle fenêtre) revealed how Edison, an email productivity app, is scraping users’ personal inboxes for purchase receipts and shipment tracking updates.
Using this data, the company can create “detailed behavior patterns(nouvelle fenêtre)” for its users, selling information about what its users bought and how much they paid for it — extremely valuable information for e-commerce or travel sites, which purchase this data from Edison.
This tracks closely along the contours of previous scandals involving free email apps. In July, The New York Times reported on the email-monitoring practices of Superhuman, another pro-sumer app that has access to your personal inbox. The invasion of users’ privacy is integral to the products themselves, while also being something the companies would like to downplay.
In the latest article, Cox relies on documents obtained from JP Morgan that show several companies buying data from Edison that was sourced from personal inboxes. Although the data is allegedly anonymized, true anonymization is an extremely high standard(nouvelle fenêtre) that companies don’t always live up to.
Moreover, it wasn’t clear to many Edison users that this data scraping was even happening. The company’s privacy policy does state that it “accesses and processes email messages in any email accounts you have connected and data collected from other Internet accounts you connect.” But Cox interviewed one Edison user who said the marketing surrounding the product seemed deliberately misleading: “Their website is all like ‘No Ads’ and ‘Privacy First.’”
Edison is hardly the only offender. Several other free email services also serve as data mines for corporate clients.
Cleanfox(nouvelle fenêtre), an app that organizes and cleans out your inbox, was found scraping and selling data to consulting companies like Bain & Company and McKinsey & Company, according to a confidential presentation obtained by Motherboard.
Similarly, Rakuten’s Slice(nouvelle fenêtre), an app that scans your inbox for recent purchases so you can track your shipments and receive refunds, creates detailed records of what you buy and how much you paid. Companies will pay upwards of $100,000 to get access to Rakuten’s data on one product category, according to emails obtained by Motherboard.
The promise of privacy
The late 2010s will go down in history as the period when we realized the true cost of giving so much personal information to tech companies. This culminated in 2018 with the Cambridge-Analytica election hacking scandal(nouvelle fenêtre) and subsequent fallout, which affected every player in the ad tech industry.
Sensing a public relations crisis, many companies began to “pivot to privacy(nouvelle fenêtre).” Edison has followed this trend, repeatedly emphasizing its implementation of “privacy by design” and being ad free (they have a blog post(nouvelle fenêtre) on the subject). Whatever the truth of these claims, the lack of total transparency and public relations spin seems to have misled users in their expectations of privacy.
This prevents users from making informed decisions. While privacy online has undoubtedly improved over the last few years, the business model of monetizing users remains incompatible with privacy.
How Proton Mail treats your inbox
We recognized in 2014 what true privacy requires: a different business model.
Starting from our crowdfunding campaign(nouvelle fenêtre), we have depended primarily on community support to fund our operations, so that our interests are aligned with our users. This allows us to see our users as people, not data producers. We believe everyone has a right to freedom, privacy, and security, and our mission is to increase global access to these rights.
Although we offer paid plans with additional features, like extra storage and multiple email addresses, we will always offer a Free plan. Our Free plans are supported by those who upgrade to paid subscriptions, so we do not need to collect and sell personal data.
Our products themselves are designed to put you in control of your personal information. With end-to-end encryption(nouvelle fenêtre), only you have the key to your inbox. And our zero-access encryption(nouvelle fenêtre) ensures that even messages between Proton Mail and non-Proton Mail accounts are not accessible on our servers.
Because we have EU users and fall under the General Data Protection Regulation (GDPR)(nouvelle fenêtre), we are legally bound by our privacy claims, and these are explicitly detailed in our privacy policy(nouvelle fenêtre).
We’re building a safe Internet that respects your personal life. If you believe in this mission, sign up(nouvelle fenêtre) today. Thank you for your support.
UPDATE March 9, 2020: We updated this article to clarify some aspects of Edison’s policies about the use of data.
You can get a free secure email account from Proton Mail here.
We also provide a free VPN service(nouvelle fenêtre) to protect your privacy.
Proton Mail and Proton VPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan(nouvelle fenêtre). Thank you for your support.
