Why Yahoo Should Abandon Email Scanning 94
twoheadedboy writes "Yahoo has come under fire for updating its terms and conditions so it can scan user emails. The move has attracted the attention of notable privacy group Big Brother Watch, which has called on the email provider to scrap the feature altogether. Yahoo says it is only doing the scanning to identify spam and better target ads, but that still hasn't put people off from criticizing the firm."
And GMail gets a pass? (Score:5, Insightful)
Is this the same scanning that Google does with GMail? If so, why no outcry there?
Re:And GMail gets a pass? (Score:5, Funny)
Is this the same scanning that Google does with GMail? If so, why no outcry there?
But everyone loves Google, and we all know Yahoo is a washed up has-been looking for any way to turn a profit to keep its zombie brain-eating existance alive. /snark
Re: (Score:1)
Re: (Score:2)
I was very upset and still strongly dislike the fact that Google scans my mail and get creeped out when ads are obviously targeted based on some keyboard within. But, I continue to use them rather than switch to the e-mail provided by my ISP (Comcast - yeah, much better). But if someone objects strongly enough, there's a plethora of e-mail providers out there that they can pick from.
It doesn't make it right, but the most effective complaint form is simply walking away to another provider that treats you b
Re: (Score:3)
But if someone objects strongly enough, there's a plethora of e-mail providers out there that they can pick from.
It doesn't make it right, but the most effective complaint form is simply walking away to another provider that treats you better. With ISPs and several other services, that's sometimes tough, but with e-mail it's easy.
Free options are always going to have privacy issues.
A non-free option is to register your own domain and get basic web/email hosting, total cost $25 - $75/year depending on the registrar and hosting company you use.
Re: (Score:2)
Free options are always going to have privacy issues.
There's no such thing as a "free" option, but there are many options. About the closest you'll get to "free" is one bundled with something you already pay for (e.g. through your ISP). Other than that, you'll pay $$, by viewing ads, by sacrificing privacy, or some combination of the three.
Re: (Score:1)
Where are the [irony] tags? My ISP (AT&T) bundles Yahoo for e-mail.
Re: (Score:2)
A number of years ago my then ISP switched their email to Hotmail. As first I didn't care because I had my own mail server and didn't need use any of my included accounts. Then they required me to create a Hotmail profile to access their support site so I left.
Unfortunately a lot of large ISPs outsource their email to Yahoo, Gmail, Hotmail, etc.
Re: (Score:2)
Yes I know there are no "free" options. I was using "free" in the sense that most people who use these services use it, that it does not cost money.
I thought since I went on to explain the cost of hosting your own private email it was clear which definition of "free" I was using.
Re: (Score:2)
Uhm, why? Look at free software like the Linux distros. There are no privacy issues there.
What you really mean is external web based email is always going to have privacy issues. That's the problem: If people don't handle email themselves on their own machines, then the company who handles it for them is in a positition to read it. Duh. The Cloud Strikes Again.
The answer is for the Free Software Community to build personal email appliances that are
Re: (Score:2)
1. Own domain - $10/year
2. Setup IMAP mail server in a headless virtual machine - $0 (add time commitment)
3.
4. Profit.
Re: (Score:3)
But everyone loves Google, and we all know Yahoo is a washed up has-been looking for any way to turn a profit to keep its zombie brain-eating existance alive. /snark
Pretty much. Google pulled out of China, at least in large part because they didn't like the hardline government there and the censorship they imposed. I respect that. Are they angels? No. But if we don't reward the companies that do right, what incentive do they have to do it? If enough consumers make choices in the companies we support based on their moral and ethical behavior, then we create an environment where companies compete to be perceived to be the most ethical. Hopefully, that will involve actual
Re: (Score:1)
Re: (Score:2)
Google? How about every email provider and ISP?
Let's see:
Microsoft sells your info. Not just "what's in your email", but your personal info.
ISP's track your clicks.
If you don't want this "in-email" tracking on a free service, host your own pop3/smtp server.
Re: (Score:2)
which do you want, microsoft or an ISP?
ISPs: http://www.techdirt.com/articles/20071211/024003.shtml [techdirt.com]
Microsoft:http://www.dslreports.com/forum/remark,25448106?hilite=google
or: http://advertising.microsoft.com/windows-live-hotmail [microsoft.com]
love that last one where it goes:
Re: (Score:1)
The Hotmail ad info is just about basic and anynomous ad targeting (like also done here on Slashdot btw). Where does it say that they sell your personal info?
I have never claimed Google is selling my personal info (but they are doing ad targeting that surpass the Hotmail link you provided)
Re: (Score:3)
That's about people paying to advetise on hotmail. It says nothing about Microsoft selling user's info.
Re:And GMail gets a pass? (Score:5, Funny)
You're not actually anonymous.
Cheers,
Google
Re: (Score:2)
Re: (Score:2)
Well, technical, what they are calling 'scanning' happens in every email message sent via SMTP, the server 'scans' every message that comes in off the network so it can find the bits of the message that tell it what to do.
The irony of it is, the same people bitching are the same morons who use those little store specific 'loyalty' cards ... whose sole purpose is to collect the same sort of information about a person.
Re: (Score:3, Informative)
There was an outcry when google first launched GMail. A senator form CA even proposed a bill to curb GMail's scanning [cnet.com] abilities.
Re:And GMail gets a pass? (Score:5, Interesting)
Because they've always done it.
I have a gmail account. it's only a couple of years old. I've moved everything to it because of convenience, and I have not been spammed to hell-and-back with Google Ads over the years on other sites.
Also....
If you tend toward tinfoil, you have no excuse not using gpg or other encryption for your messages. Plaintext is plaintext and sending email across half the planet is nearly literally sending a postcard and anyone along the way can read it. If you value your email privacy that much to not use Gmail because of scanning for ad serving, then you should be encrypting everything.
Phil Zimmerman nearly went to jail so you could use encryption. If you don't want people looking at your stuff, friggin' get off your ass and use it.
Which brings me to the Cloud and the privacy concerns with that. If you're going to upload sensitive stuff to Dropbox and other providers, without encrypting, you're a complete idiot. With encryption I can put shit up on a public FTP or anywhere that shares files with the public as a "poor man's offsite backup" (you'd have to be really poor, but hey) and nobody can see /anything/ unless they have the key.
So in that light...
Yes, Google gets a pass because the nature of the beast is a known quantity.
>Pretending that Hotmail protects your privacy or that any public email provider does.
No. You cannot trust this shit blindly. There are privacy policies that are written up to say "we can change this at any time" and unless you check these things daily, they can change under your nose and you'd never know. Don't trust 'em. Treat them like you would treat Google. Treat them all the same.
I could go on a rant about FB paranoia, but that is a digression too far.
--
BMO
Re: (Score:1)
I was never paranoid about F8. I use it all the time.
Re: (Score:2)
I love privacy and all... (Score:4, Insightful)
...but I wouldn't use a webmail service that doesn't have a SPAM filtering system.
Every time when you are entrusting your mails to a third-party, they can abuse it, whether the terms of service say so or not. Even if the company doesn't, some of the employees might, unless the database is designed in such way that no employee can access it. All you have is their word that they won't use the information stored there.
They have your data, and all you have is their word (and probably unenforcible legal responsibility), and you have trouble with the fact that they are analysing the incoming mails to protect your mailbox from SPAM?
If privacy mattered that much:
1. You wouldn't use a third-party for your emails
2. You would use PGP/GPG to encrypt your correspondence
3. You'd ask your correspondents to not use webmail either
Until then, you can't really complain unless there is any evidence that they abused their access to your data or that they added terms that allow them to abuse it.
And no, targeted advertising is not abuse, although it's another vector that can be used for abuse. But the main vector is that you gave your data to someone else.
Re: (Score:2)
...but I wouldn't use a webmail service that doesn't have a SPAM filtering system.
I have no problem with this, as long as the user can enable/disable it at will.
What I do have a problem with is the "and to better target ads". This means they actually read your e-mail and store info about the contents. So if you get e-mail from the Audobon society, expect a boatload of pr0n ads when they see the word "tits".
Re: (Score:2)
Many SPAM detection techniques also "read" your e-mail and store information about the contents. You could argue that merely storing and rendering the e-mail for you does the same. What you need is a guarantee that this information isn't sent to third parties or read by the employees.
Re: (Score:2)
Is this the same scanning that Google does with GMail? If so, why no outcry there?
Because I just never left yahoo due to privacy concerns with Google. Now it may be time to leave yahoo... Of course since ATT uses yahoo for e-mail, that might be tough for some... I wonder if this will apply to the commercial users as well?
Nothing to see here, move along.... (Score:4, Insightful)
No, Gmail did NOT get a pass. It was one of their biggest criticisms. Then people actually took the time to understand what Gmail was doing, and realized that EVERY email system that does virus scans "scans" every message. Gmail was just additionally using to target ads. Some didn't (and don't) like it and used another service.
Re: (Score:2)
Because there was an outcry when it started, and then people stopped caring.
For the record, I never cared that much; if I did, I wouldnt use their free product (referring to google).
Some people care, some don't. (Score:5, Insightful)
There was a lot of complaining about this when GMail was launched. Some people (myself included) refuse to use it to this day because of that reason. Until now many of these people found Yahoo to be a better alternative to GMail because it had a better privacy policy. Now they have lost that choice, and are understandably upset.
Another big difference is that GMail had this "feature" since the day it was launched. You knew exactly what you were getting into by signing up for a GMail account. Many of the folks that are complaining have been using their Yahoo account for years or decades, and will have a difficult time transitioning to another address.
Of course, it is a free service, and you get what you pay for. But at the least they could agree to not scan emails that are being forwarded or accessed via POP for advertisement purposes. They already offer these connection options, and they won't be showing any targeted ads to folks that don't use webmail anyway, so why waste cycles scanning that mail?
Re: (Score:2)
There was a lot of complaining about this when GMail was launched. Some people (myself included) refuse to use it to this day because of that reason.
You could use the paid version. Those versions do not have ads, thought as administrator, it does allow me to serve my own "web clips" for all my domain users and scan/backup all their emails as well, so you would have to make sure you're the one paying the bill and not let some other person or family member pay it for you (otherwise, you'd just be handing over your privacy to them instead).
They already offer these connection options, and they won't be showing any targeted ads to folks that don't use webmail anyway, so why waste cycles scanning that mail?
Doesn't Yahoo insert ads everywhere, even inside the emails themselves? At least, that's what Yahoo Groups does, and I
Re: (Score:2)
They already offer these connection options, and they won't be showing any targeted ads to folks that don't use webmail anyway, so why waste cycles scanning that mail?
Is there a way to turn off webmail? The answer is no. Can you guarantee Google that you will never check your email through webmail (for an emergency or something)? The answer again is no (also, most people love the convenience of having access to webmail even if they never use it).
It's not like Google scans your email at the last possible second every time you check it, that would be too intense. It probably scans emails just like it scans web pages, in batches, and then it build indexes of keywords, so it
Re: (Score:2)
I transitioned over to Gmail from Yahoo about 3 years ago and finally deleted my Yahoo account that I'd had for over a decade. The reason I made the switch was the amount of ads (spam) from Yahoo customers that filled my inbox and buried messages from friends and family.
Once I finished moving my address book over and giving all of my contacts my new address, I saw little reason to retain the yahoo address that had become a spam tar baby. It just wasn't worth my time/effort to use it any longer and with Gmai
Re: (Score:2)
When GMail started there was an outcry about it.
Re: (Score:2)
Well, Google does feed us porn....
Re: (Score:2)
Yahoo wants you cell phone number with no opt out just to create an account. GMail at least allows you a "no thanks that is private information" option.
Yahoo promises never to send you spam if you opt out. This is a bald face lie. I know this because when Yahoo! demanded a backup email addy I specified an alt email addy that is used for nothing else (I never gave that addy t
Re: (Score:2)
Little outcry because opened with that already in place, and there was an alternative to GMail, Yahoo.
If this remains, there's no remaining reason for me not to leave Yahoo entirely.
Re: (Score:2)
There was an outcry. [privacyrights.org] Complete with allegations of wiretap violations.
I am becoming convinced that this talk about "privacy" completely misses the mark about what's really going on. Someone wants privacy they want secrecy. He or she is afraid that exposing a secret will injure him or her in someway. The injury is greatest if it's exposed someone the person knows, or to someone that has power over them. In social network mining (email being the oldest online social network) no one actually reads the mes
What about Google? (Score:1)
Re: (Score:2)
What ads on the side?
Oh, you mean, if you use the gmail web mail website.*
They support IMAP. Use it with the mail client of your choice et voilà, no ads.
*If you must use webmail, AdblockPlus is your friend.
Google? (Score:1)
Re: (Score:2)
I think you are right, both companies are as ruthless as each other, with our content.
why you'd trust one over the other, that's beyond me.
I do block all ads (adblock, noscript) and so far, yahoo mail has been ad-free for me. but this could change at any time, of course. its always an arms race with websites (sigh). they want to FORCE stuff in the stream and we want to be selective in the stream.
Re: (Score:2)
Don't like it, change your email address.
They'll wind up like Excite, for example. Too many freeloaders, not enough clicks on ads.
Re: (Score:2)
If you're not paying for it, they can do whatever they want with it, how else are they supposed to make money off the customer for providing the service?
Selling e-mail services to ATT, perhaps? I wonder if that will also be scanned?
Re: (Score:2)
Who cares. (Score:1)
Re: (Score:2)
Google does the same thing, it will make them more money, and, frankly, nobody cares.
Actually a lot of people do care. They will leave. They didn't leave Google because they never joined.
Re: (Score:2)
valid for fairly small values of "a lot."
Re: (Score:2)
If by a lot you mean a very small portion of the population with tin foil hates on who overreact to things they don't understand, then sure, you're dead on.
Considering just accepting a message via SMTP requires 'scanning' (by the definition being used for this discussion), its a safe bet you're rambling on about shit which you totally don't understand. Yahoo (and every other SMTP server) scans every message it accepts over the network.
Re: (Score:2)
I fail to see why people think this is (1) new (2) a problem (3) something anybody can do anything about.
Oh, there are lots of things you can do about it. It is getting cheaper every day to host your own mail server. PGP works, and is simple. There are also companies that respect privacy, for a cost...
Easy Tradeoff (Score:1)
Re: (Score:3)
I think you may have missed what happened. Spamming didn't go away, it's just that people changed the attack vector.
Where it once was "they click things from an email", which gets caught, it has now become "make the email look legitimate enough to (easily fool the filter and the person reading the email)". We simply went from "spamming" which is innocuous aside from the people who actually buy the shit, to pfishing and in browser vulnerabilities, which is where the money is.
Oh, and guess what pfishing is? T
Re: (Score:1)
Re: (Score:2)
are you unfamiliar with the internet?
what do you think spearpfishing is? It's targeted pfishing. [fraudwatchers.org]
What do you think the "ALERT! YOUR BANK HAS BEEN COMPROMISED - CLICK HEAR TO VIEW DETAILS" crap comes from, where it pops up a warning site and says "click here to login" (to a fake but seemingly legitimate front end).
Spam isn't countered by filters - the filters have rarely been successful. It just moved on to more lucrative and simpler options - social engineering via pfishing.
Re: (Score:2)
I don't have an account with Yahoo but if I did I would take targeted advertising over mass amounts of random spam any day.
I thought spam was unwanted advertising in your e-mail... Sounds like gmail and the new yahoo to me... (And Juno, and... Oh, listing them all will take too long)
Re: (Score:1)
scan (Score:1)
Re: (Score:2)
Money... (Score:1)
Re: (Score:2)
Re: (Score:2)
I get almost zero spam in my Yahoo inboxes I've used since 1999.
(I use Zimbra so I don't see their shitty web interface.)
Must be an "outgoing" thing.
And better target ads? (Score:2)
What? So they are ONLY scanning to for this?
Which could mean any amount of detail is kept and used.
Indepenent cloud email? (Score:2)
With the rise of cloud storage everywhere and cloud computing platforms, are there any ready-made email hosting solutions that will use your private cloud for your email system? This would be your own mini-system that is not subject to scanning TOS, etc by google, yahoo, hotmail. Your data would not exist shared with other people's or company's emails it would be completely private.
Is the TOS a contract? (Score:2)
My only obligation to a service is what the TOS says when I sign up. If they want to change the terms, fine... it can be different for new users. But that doesn't change my agreement with them.
If they want me to follow the TOS, then they had damned well better follow the TOS, and that
Re: (Score:2)
Some written contracts may spell out how and when modifications can be made. For example, if you have a credit card, you signed a contract when applying for that card. The contract may have said that the credit card issuer could change the interest rate at its discretion. By signing the initial contract, you've already given the credit card issuer the right to make future changes.
Re: (Score:2)
That doesn't give a company leeway to make arbitrary changes at will. That implies that there can be no mutual understanding, which means that there is no contract.
If they give me the opportunity to refuse service if they change the terms... fine. I can accept that, as long
Re: (Score:2)
Yahoo is not "changing the terms whenever they like". They are anouncing that change for 3 months already, and it will only take effect in another 3 months. They sent messages to every user saying they'll change the TOS, and that they'll scan the emails in a quite visible and easy to comprehend way. The message ends with a calling to accept the new TOS or stop using the services, followed by instructions on how you could stop using the services.
As distressing as it may be, they have no obligation of serving
Re: (Score:2)
"The message ends with a calling to accept the new TOS or stop using the services, followed by instructions on how you could stop using the services."
That's fine, AS LONG AS it doesn't violate my previous terms of service. That was my point. If they want TOS to be a contract, then it has to be the TOS I agreed to up front. If that TOS includes the provision that they can terminate the service at will, then I guess I agreed to that.
Re: (Score:2)
They are telling you that they don't want to do business with you anymore, unless you agree with other terms. If you want the old terms, well, they aren't interested on them anymore.
Do they have any obligation to keep serving email to their users?
Re: (Score:2)
Re: (Score:2)
"As distressing as it may be, they have no obligation of serving free email to people. They can stop their services at any time they want."
That is a false assumption, unless it explicitly says so in the existing TOS. Your statement assumes there is no consideration on the part of the user, which is simply false. Without users, Yahoo makes no money. The consideration you contribute to Yahoo is to enable them to make money, by being part of their user base. And since there is in fact consideration, then Yahoo does in fact have a contractual obligation... again, unless it explicitly says so in the TOS.
And there is other consideration, too, whi
Re: (Score:2)
So, if Yahoo decides to close its email service, it can't? How is it different from closing their service and oppening another one?
Re: (Score:2)
Corporations have gotten people used to the idea that contracts or "agreements" can be almost completely one-sided. But in reality that is almost never the case. If they expect you to obey the terms, then they have to, as well.
A lot of my spam is sent from Yahoo! (Score:2)
A lot of my spam which passes SPF tests comes through Yahoo. I'm glad they're doing this because spammers love them.
Re: (Score:2)
A lot of my spam which passes SPF tests comes through GMAIL . I'm glad they're doing this because spammers love them.
FTFY.
But please recognize that the whole DomainKeys [wikipedia.org]thing made Gmail/Yahoo accounts more valuable, because they get passed to more inboxes as opposed dropped into the tasty spam folder.
I'm going off-grid (Score:2)
About 5 years or so ago, abandoned the idea of a home network with all my data on my own servers. At the time it was more about geek cred. After one privacy rape after another, I think I'm done with The Man's servers. Only thing holding me back now is waiting out my Android phone contract (with its Google dependencies).
Easy solution to getting your mail without a scan (Score:2)
STOP USING FREE EMAIL PROVIDERS.
You are the product, not the consumer. It is not even a little bit free, you are working for them in exchange for some crappy webmail.
Lets just ignore the fact that from a technical perspective, every mail server 'scans' the message looking for various identifiers it uses to process the message.
Anyone who is 'freaked out' by what Yahoo is doing is an idiot who is completely unaware of the fact that the entire Internet would fall apart if everyone stopped 'scanning' other peo