Science & Hi-Tech

Yahoo and AOL admit to scanning users’ emails to serve up targeted ads

Oath, the Verizon subsidiary that owns both email providers, has been scanning Yahoo and AOL users
Written by admin

Your Yahoo and AOL emails have been a goldmine for advertisers. 

Oath, the Verizon subsidiary that owns both email providers, has been scanning users’ emails to mine for data that can be shared with advertisers, the Wall Street Journal reported, citing sources close to the situation. 

Any data gleaned from Yahoo and AOL emails, such as receipts or flight conformations, is used to figure out which products or services should be targeted to specific users.

Scroll down for video

Oath, the Verizon subsidiary that owns both email providers, has been scanning Yahoo and AOL users’ emails to mine for data that can be shared with advertisers

HOW TO OPT OUT 

Yahoo and AOL parent company Oath has acknowledged it monitors commercial emails sent to users’ inboxes to serve up targeted ads. 

Here’s how users can opt out of the practice: 

  • Visit Yahoo’s ‘ad interest manager’ page
  • Navigate to  the ‘Your Advertising Choices’ header
  • Users can opt out of seeing Yahoo’s ads across the web or just on Yahoo sites
  • They can opt out of seeing ads based on specific categories, or all ads 

Yahoo, which has fallen behind among other email providers in the smartphone age, began monitoring users’ emails more than a decade ago, the Journal said.

The firm uses algorithms to look for commercial emails in a user’s inbox, typically from retailers, video streaming services and the like, while avoiding any personal emails. 

Yahoo classifies the email based on certain consumer preferences and then assign a tracking cookie to that user’s computer so that brands can continue to show them ads in the future.

Users are lumped into specific audiences, or interest profiles, based on the emails they receive. 

For example, someone who receives emails related to online brokerage accounts might be classified as an ‘investor.’ They’d then receive advertisements focused around finance.  

Other emails that are scanned include auto-loan notifications, ride-sharing driver emails and department store receipts, the Journal explained.   

Oath noted that it uses cookies to identify certain audiences, so that users don’t have to hand over any personal information to advertisers. 

The algorithms also remove names and email addresses from the data it collects.

The firm uses algorithms to look for commercial emails in a user's inbox, typically from retailers, video streaming services and the like, while avoiding any personal emails

The firm uses algorithms to look for commercial emails in a user’s inbox, typically from retailers, video streaming services and the like, while avoiding any personal emails

However, the system isn’t entirely foolproof, as it scanned a personal invitation to an Indian wedding, accidentally recognizing it as a commercial email. Yahoo later altered the algorithms for phrases that are commonly used in wedding invitations.  

The company’s targeting practices go pretty deep, too. Oath uses receipts in Yahoo Mail inboxes to confirm whether an ad campaign led to a user purchasing a product.  

It has raised the ire of many privacy advocates who argue that most users expect a higher degree of privacy when using email. 

Yahoo’s privacy policy includes language that says it can scan all email messages.  

Users can opt out of the practice, or sign up for an ad-free email service that costs $3.49 a month. 

But the paid version also scans any emails sent to a user, the Journal said. 

Yahoo's privacy policy includes language that says it can scan all email messages. Users can opt out of the feature or pay for an ad-free version, but that service all scans their emails 

Yahoo’s privacy policy includes language that says it can scan all email messages. Users can opt out of the feature or pay for an ad-free version, but that service all scans their emails 

The firm recently changed its terms of service to comply with Europe’s new General Data Protection Regulations, which require companies to obtain users’ consent for collecting data before they start using a product. 

A line in Oath’s new privacy policy prevents users from filing a class-action lawsuit and instead requires them to go through arbitration or small-claims court, according to the Journal.  

Oath has stood by its email scanning practices, saying it’s another way for it to wring revenue out of Yahoo and AOL Mail.

‘Email is an expensive system,’ Doug Sharp, Oath’s vice president of data, measurement and insights, told the Journal. 

‘I think it’s reasonable and ethical to expect the value exchange, if you’ve got this mail service and there is advertising going on.’   

WHAT IS GDPR AND HOW DOES IT AFFECT CONSUMERS?

The General Data Protection Regulation is an EU-wide law that cam into force on May 25 2018.

It gives greater power to regulators to penalise companies who mishandle personal data or are not transparent about how their business uses it.

For consumers, it brings new powers that require firms to obtain clear consent from users before processing their data.

It also grants users a right to easily access the data collected from them and transparency on how it is being used.

The General Data Protection Regulation is an EU-wide law that cam into force on May 25 2018. It gives greater power to regulators to penalise companies who mishandle personal data or are not transparent about how their business uses it (stock image)

The General Data Protection Regulation is an EU-wide law that cam into force on May 25 2018. It gives greater power to regulators to penalise companies who mishandle personal data or are not transparent about how their business uses it (stock image)

Everyday users have to do very little to comply with GDPR – it’s more targeted at big online businesses. 

Under the new rules, any company that controls or processes the data of EU citizens must adhere to the GDPR guidelines.

This ends territorial-based accountability used by some firms not based in the EU to previously avoid sanction.

The law also states that notification of a data breach must occur within 72 hours of being first discovered, increasing transparency around leaks.

The weight of fines able to be issued has also increased under GDPR. 

Regulators will be able to issue penalties equivalent of up to four per cent of annual global turnover or 20 million euro (£17.5 million) – whichever is greater.

For tech giants such as Google and Facebook, this could mean the risk of fines running into the hundreds of millions.

Sharp added that email scanning has become one of the company’s most reliable avenues for ad targeting purposes.  

Still, it paints a not-so-rosy picture for Yahoo and AOL mail, which are currently the only email provider that scans users’ inboxes for marketing purposes, the Journal said. 

Google claims it stopped scanning users’ emails for advertising purposes last year, but some have noted that there’s still language in its privacy policy permitting it to do so. 

Microsoft says it has never culled user email data for advertising purposes.    

It comes as Silicon Valley continues to face heightened scrutiny over the ways in which it manages user data and protects their privacy, particularly in the wake of privacy scandals at Facebook and Google. 


Source link

About the author

admin

Leave a Comment