Yahoo Mail redesign becomes permanent, privacy issues surface

The new Yahoo privacy agreement allows the company to scan your email for information to create targeted advertisements.

Yahoo officially put the old interface for Yahoo Mail to rest Monday.

But the company's new webmail look isn't the only change that users will have to get used to. Users will have to consider conditions in the service's privacy agreement that allows Yahoo to scan their email so the search company can insert targeted ads.

However, users may opt out of targeted ads in their Yahool Mail at the little known Ad Interest Manager page.

What's new?

Yahoo rolled out its webmail redesign in December and gave its users six months to make the switch from its "classic" interface to the new one.

The new interface has a cleaner look, with fewer buttons and larger area for reading and composing messages. Thumbnails make previewing attachments easier, too.

Attachments are also easier to handle thanks to integration with Dropbox. From inside Yahoo Mail's inbox, you can add attachments to your messages directly from Dropbox and save them to the storage service from emails you receive.

Targeted ads

When you choose to use Yahoo's revamped interface, you also agree (unless you opt out) to let the service scan email arriving in your inbox for, among other things, information that can be used to target advertising to you.

That practice isn't a Yahoo exclusive. Gmail also does that routinely--a practice that Microsoft has condemned in its Scroogled advertising campaign. However, Google users also may opt out on Google's Ads Settings page.

The targeted-ads process is totally automated so there's no human interaction involved, but that doesn't make the practice less creepy to some.

On its face, scanning email to target ads appears to be a violation of the Federal Wiretap Act, noted Marc Rotenberg, executive director of the Electronic Privacy Information Center.

"The only reason companies like Google get away with it is because users are asked to consent to the interception of their email as a condition of getting the service," he told PCWorld.

In addition, under the federal law, a provider can scan mail to ensure the quality of the service. For example, mail could be scanned to catch spam entering an inbox.

"But the commercial use of the content is still controversial," Rotenberg said.

What about privacy?

While the scans may be legal, they still abuse individual privacy, argued Sarah A. Downey, a privacy analyst and attorney with Abine, an online privacy solutions provider.

"It violates most people's expectation of privacy," she told PCWorld.

"Unfortunately, it's the norm that when these companies review their privacy policies that they strip away people's rights rather than protecting them," she said.

Not only are emails scanned, but instant messages, too, Downey said. And they're scanned for more than just advertising purposes. The companies are looking for keywords, location info, and "risk" words that would help determine if you're violating someone's copyright or planning to break the law.

"It's very Big Brother," she observed, "and it's definitely an erosion of privacy.

Join the CSO newsletter!

Error: Please check your email address.

Tags Yahoosecurityweb servicesWeb & communication softwareprivacy

More about Brother International (Aust)DropboxElectronic Privacy Information CenterGoogleMicrosoftYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello Jr.

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts