EverNote #1 : Does Evernote spy on you?

Does Evernote spy on you?

Based on Evernote's privacy policy and security overview, Evernote does not "spy" on you in the sense of selling your data to advertisers or actively browsing your personal notes for human entertainment. [1, 2]

However, because Evernote is a cloud-based service that scans notes to provide search features (including text within images), it operates under a model that requires trust, and there are specific, limited scenarios where data access can occur. [3, 4, 5, 6, 7]

Here is a breakdown of how Evernote handles your data:

1. Data Privacy and Access

• No Selling Data: Evernote explicitly states they do not sell or rent your personal data to third parties.
• Machine Analysis: Evernote’s systems automatically analyze your data to power features like search, tag suggestions, and related notes. This is typically done by algorithms, not humans.
• Employee Access: Evernote employees are generally prohibited from looking at your notes. Access is limited to specific, authorized situations, such as:
  • Troubleshooting at your request (e.g., if you ask for help finding a lost note).
  • Investigating potential violations of their Terms of Service.
  • Complying with legal obligations, such as warrants or subpoenas.
• Machine Learning Opt-Out: You can opt-out of allowing Evernote to use your data for improving their machine-learning technologies in your account settings. [1, 2, 3, 8, 9]

2. Security and Encryption

• Encryption in Transit: Data sent between your device and Evernote servers is encrypted using industry-standard SSL/TLS.
• Encryption at Rest: Data stored on Evernote's servers (which are hosted on Google Cloud Platform) is encrypted using AES-256.
• No End-to-End Encryption by Default: Evernote holds the decryption keys. This means that while your data is secure from external hackers, Evernote technically has the ability to access your data.
• Local Encryption Option: You can encrypt specific text within a note using a passphrase that only you know. Evernote cannot decrypt this text. [10, 11, 12, 13, 14, 15]

3. Data Usage and Third Parties

• Third-Party Vendors: Evernote shares data with service providers (e.g., payment processors) that help them run the service. These partners are required to adhere to strict confidentiality rules.
• AI Features: When using optional AI features, Evernote states they do not use your data to train their AI models unless you specifically direct them to do so. [2, 8, 16, 17]

4. Risk Factors and Tips

• Password Security: Most security breaches on Evernote are due to users reusing weak passwords that were compromised elsewhere, rather than a failure of Evernote's infrastructure.
• Mitigation: To maximize privacy, enable two-factor authentication (2FA), use a unique password, and avoid storing highly sensitive information (like banking passwords) in unencrypted notes. [18, 19, 20, 21]

Summary: 

For general note-taking, project management, and document storage, Evernote is considered safe. If you require absolute privacy for sensitive documents, you should use their local encryption feature for specific text or use a zero-knowledge, end-to-end encrypted alternative. [22, 23, 24, 25, 26]

[1] https://evernote.com

[2] https://evernote.com

[3] https://www.bitdefender.com

[4] https://www.harmonenterprises.com

[5] https://evernote.com

[6] https://jackiebledsoe.com

[7] https://lan-portal.uob.edu.ly

[8] https://evernote.com

[9] https://evernote.com

[10] https://www.reddit.com

[11] https://evernote.com

[12] https://www.reddit.com

[13] https://www.quora.com

[14] https://www.wired.com

[15] https://www.reddit.com

[16] https://www.harmonenterprises.com

[17] https://evernote.com

[18] https://discussion.evernote.com

[19] https://www.reddit.com

[20] https://discussion.evernote.com

[21] https://www.youtube.com

[22] https://softwarefinder.com

[23] https://www.reddit.com

[24] https://www.revouninstaller.com

[25] https://www.laptopmag.com

[26] https://nevernote.ie