Algorithms may scan emails to deliver targeted advertising to users, Oath may read attachments, pull and use EXIF data from uploaded images or videos, or analyze "user content around certain interactions with financial institutions".
Here are the keypoints:
- Oath states that it "analyzes and stores all communications content, including email content from incoming and outgoing mail" and attachments.
- It may collect information from devices including "device specific identifiers and information such as IP address, cookie information, mobile device and advertising identifiers, browser version, operating system type and version, mobile network information, device settings, and software data".
- The automated analysis of content may include EXIF data and Oath may use algorithms to identify and tag "scenes, color, best crop coordinates, text, actions, objects, or public figures".
- Oath may share the data with parent company Verizon
- Oath may share "aggregated or pseudonymous information" with partners but it notes that it does not share personally identifiable information with partners.
Yahoo did scan the emails of Yahoo Mail users previously for advertising purpose already just like Google did on Gmail until last year.
The scanning and reading is primarily done to deliver targeted ads to Oath's userbase based on interests identified during the scans. Oath may use the data for other purposes, security or research are mentioned specifically, as well.
The main issue from a privacy perspective is that more data is gathered now thanks to Oath being the parent of Yahoo and AOL, and that Oath may share that data (or part of it) with Verizon or partners.
AOL or Yahoo Mail users can check out the privacy controls on the Oath website to opt-out of interest-based advertising and control other privacy related features such as search and content preferences.