I need a good replacement for @evernote. Preferably one that lets me import existing notes & works on desktop, iOS and Android. What is it? — mat honan (@mat) December 14, 2016

According to the company's policy update notice, "Only employees who are fulfilling one of the customer or business needs... will be able to access your data." The number of employees that can access user data is strictly limited, all of whom undergo background checks.

If you don't want to participate, you're free to opt out of the machine learning service by unchecking the "Allow Evernote to use business data to improve my experience" on the admin console. That said, even if you opt out of the company reading your notes for this purpose, you can't opt out of them reading your notes for any of a myriad of others -- like if you give the company explicit consent, for data and credit card processing service providers contracted by Evernote, for government search warrants or if the company thinks you've violated its terms of service. If opting out isn't enough, you can encrypt your notes (though, ugh, individually) to prevent anyone without the encryption key from viewing their contents.

While this all seems very well and standard for the industry, Evernote's explanation was a bit sparse on specifics. The Privacy Policy does explain that the machine learning system access your data to customize your searches, show relevant information given your location and time of day and make suggestions based on the type of note and content you are creating. But neither the Privacy Policy itself or Evernote's explainer blog post appear to specify what the computer's human overlords can look at. It's a big difference between an Evernote engineer looking at your credit card information and them reading your erotic My Little Pony fan fic. I've reached out to Evernote for further clarification and will update the post upon their response.

Update: An Evernote spokesperson declined to comment for this post or specify what sorts of data the company's employees will have access to but did point me back to the policy update notice.