Janet Lo recently received a pop-up message, asking her to review and agree to new terms of service for her Rogers Yahoo email service.

Soon after reviewing the materials on April 17, she sent me an email with the subject line, “Rogers customers – do they know their emails are being read?”

Many people simply click Agree when confronted with revised terms and conditions of a contract. Even if they read the fine print, they don’t understand what it means.

That wasn’t the case with Lo. She went through the 27-page document from her email provider – now called Oath after a merger of Yahoo and AOL (owned by Verizon) in 2017 – and learned that all her communications would be analyzed and used to deliver personalized advertising and services.

“I expect some basic levels of privacy, including that my emails are my emails and will not be read by a company for the company’s uses,” she said.

“I am extremely concerned at this significant change in terms and conditions, and the significant overstepping of the line that demarcates personal privacy and personal mail.”

Buried in the middle of the terms and conditions is a special condition for Canadian users.

“By using the services, you agree that you have obtained the consent of your friends and contacts to provide their personal information (for example, their email address or telephone number) to Oath or a third party, as applicable, and that Oath or a third party may use your name to send messages on your behalf to make the services available to your friends and contacts. The services are not to be used for any form of spam.”

Lo is concerned about her elderly parents and in-laws, who have been deceived in the past and may be exposed to future deceptive marketing.

“If Oath can use my personal address book and analyze my personal emails to my elderly parents, I’m concerned that sales pitches will be sent to them. I’m overwhelmed by their vulnerability in a technological age where people try to scam seniors on a daily basis,” she said.

David Matoc, another Rogers Yahoo email user, put a message on my public Facebook page urging customers to be sensitive to privacy issues after the massive hacking of Yahoo email accounts in 2016 and 2107 and the scandal involving transfer of user data from Facebook to Cambridge Analytica.

“A U.S. company wants control of all of our data for marketing purposes. Sound familiar?” he said.

“My email accounts are being held hostage unless I agree to the ominous terms. I filed a complaint with the office of the president at Rogers. You should do the same. Time to push back.”

When asked for a comment, Rogers referred me to Oath in the United States.

“The launch of a unified Oath privacy policy and terms of service is a key stepping stone toward creating what’s next for our consumers, while empowering them with transparency and controls over how and when their data is used,” said Charles Stewart, an Oath spokesperson.

A Rogers Yahoo email customer called Stephen (who is not revealing his last name for professional reasons) was the first to alert me to the issue after finding he couldn’t get satisfactory answers from Rogers. He is now looking for another email provider.

“Rogers sold us to Verizon and has covered it up since June of last year. Where is their statement? As we have seen with Facebook and Cambridge Analytica, this is not a data breach, but a revelation of long-ago implemented policy,” he said.

“At least Facebook had the lame excuse of being free. What’s Rogers’ reasoning?”

Loading... Loading... Loading... Loading... Loading... Loading...

After I forwarded his email to Rogers, Stephen was offered a $150 credit to smooth the transition to a paid service such as ProtonMail.

A community-funded software firm based in Switzerland, ProtonMail says “we do not show ads or make money by abusing your privacy.”

Yahoo email is free, according to Rogers. A customer can choose to use this service or any other email service and it’s not paid for through their Internet subscription with Rogers.

The pop-up message updates the terms, but Yahoo’s previous privacy policy already disclosed that it analyzed and stored all communications content, including email content. (Rogers does not have access to any customer data that may be collected by Yahoo.)

“Many of our Rogers Internet customers have chosen to use the optional Yahoo email service available to them,” said Rogers spokesperson Samantha Grant.

“Yahoo recently updated its terms globally to be more specific and transparent on data use. We encourage customers who have any concerns to adjust their preferences and settings in their Yahoo account.”

Yes, it’s true that Oath allows Yahoo email users to opt out of interest-based ads at any time by visiting the customer preferences page for privacy controls.

However, Rogers Yahoo email customers must first agree to all the updated terms and conditions in order to get access to their accounts. Only then can they opt out of interest-based ads.

My advice: Rogers Yahoo email customers need to press for more information. What is the deadline for agreeing to Oath’s updated terms? Will they be cut off without access if they don’t agree? Can they get help moving all their emails to another provider?

By using social media, including the Rogers community forums, and circulating links to mainstream media coverage, concerned customers should be able to get more answers.

Ellen Roseman appears in Smart Money. You can reach her at eroseman@thestar.ca.

Read more about: