How evil is Edison email?

Yes they do, and I personally feel it’s pretty scummy. Edison has a scary commerce page linked to below in which they crow about being able scrape emails to offer travel booking behavior, info on items sold by companies and their final prices, what groceries, stores, brands are involved, and “research with deep geographic resolution and compete at a granular level”

Apple doesn’t do any of that (although if you’re using another email provider, like Gmail, Google has that info already).

So if you don’t mind Edison scraping your info and offering it to others as a business platform, use them.

I disagree. Yes, the horse has left the barn with regard to Facebook and Google, but that doesn’t mean that we have to accept turning data over to new entities just because those two have it. We can still take steps to limit future exposure.


If the data are de-identified and aggregated it doesn’t really matter to me. “People that use Xfinity also order Hugh Jackman’s coffee from Amazon.”

It sounds like Edison also uses the data in two different ways, personalized to offer the services to the user, and aggregated to their customers. If that’s true, it doesn’t sound nefarious.

So use them! I still find it unacceptable, which is why I use my or my Gsuite for my purchase receipts, and why I don’t sync my contacts with facebook, gmail or yahoomail, and why I’d never use Edison mail or Spark mail. :man_shrugging: Different people have differing comfort levels for how much of their lives they’re willing to open up in exchange for services.

Just pointing out that Google has your receipts.

I’m giving Edison a try. I don’t remember why it looked interesting now.

No John. Regular Gmail tracks and uses data from emails, Business GSuite doesn’t.

Ah. Good to know. Thanks for the correction.

When you’re logged into GSuite, any idea whether Google then follows you around the Internet (via their widgets which are everywhere)? I’ve never been able to find the answer to that.

I have a feeling whoever knows the answer to that question would have to kill you if they told you…

1 Like

I have to use Gsuite for work and while I’m logged in I find that there is tracking. For example, I recently searched for flights to Manila on (not Google search) while logged in and I now have adverts for this flight following me everywhere while I’m logged in. If I log out and clear my cookies and data the adverts stop. As soon as I log in though, the flight ads resume.


do you mean readdle’s mail client?

Yes, and it’s been discussed here before. According to Spark’s privacy policy they stated several things that gave me me pause when I looked at them a couple of years back. They:

• send statistical data to several services known for bad privacy policies (Google, Facebook) to which there’s no way to opt out. (“We use third party services, such as Google Analytics, Facebook Analytics and Amplitude, to collect and analyze how you use Spark.”)
• automatically create an account with the first address entered, and subscribes you to their newsletter. (“The first email you add to Spark is used as your username. We might use that email address to reach out to you periodically”)
• store credentials for your email accounts on their servers.
• store your emails on their servers to push them to your devices. (“We then use the authorization provided to download your emails to our virtual servers and push to your device.”)

In a 2015 blog post entitled “How we handle your account information in Spark” they wrote, “Some people raised a question about why do we store access tokens even if you have decided not to use Push Notifications. It’s a valid question and, in the next update of Spark, we will change this behaviour.” Does it currently still storing the tokens even if you don’t use Push notifications - I don’t know.

But as far as I know they do continue to scrape data to pay for the app development and server-side infrastructure of the “free” app.

Oh. Thank you, I missed the previous discussion thread.
I’ve tried Spark but eventually gone back to, but today I removed the authorization to the app/service from all the accounts.
I might change some password too…

Thanks, Rob. I figured that was probably the case, since the answer was nowhere to be found. If Google wasn’t tracking GSuite users, they’d proclaim it loud and clear.

(I’ve been a GSuite user on two accounts from back when they grandfathered in the early users for free. I constantly struggle over whether getting it for free is worth the trade off of being tracked)

1 Like

I think Spark got a bit better. Last time I scanned their privacy policy, they stated that they use only aggregated statistical data of app usage. They also store files on third party servers … It is far from ideal, but since Spark is free I consider it still “fair”. If only Airmail was improving properly …

Allowing mail providers to scan and harvest info from my email is just not acceptable to me. For hundreds of millions of Gmail users it’s acceptable (assuming they even realize it), but I don’t like it, and I don’t particularly have confidence in the Edison’s or Readdle’s ability to have sufficient security to protect my mail coursing through their servers.

There’s money to be made in seeing what people buy, and when, and at what prices, and what newsletters they subscribe to, and where they’re located, and what their political affiliations are. I’d rather use mail that doesn’t let anyone get that insight if I can help it. Disgraced Andy Rubin, formerly of Google and then Essential Phone, recently bought CloudMagic and is resurrecting Newton Mail, with an eye to doing the same data harvesting as Google, Edison and Readdle. He’s certainly not doing it out of the goodness of his heart. But again, if you’re okay with your data presumably being anonymized (although we’ve found time and again that reidentification can be parsed out in other anonymized instances) and if you’re willing to trust the provider’s ability to have hardened security day after day going forward, then go for it.

I’m a huge fan of all of Readdle’s apps and I use them multiple times a day. But those are apps I paid for and which don’t glean information about me. I’m less sanguine about the Ukranian company’s service related security, or their new ‘free’ business model for my email. :man_shrugging:

1 Like

According to Spark they do not provide data for marketing purposes and do not share it with third parties. They also provide paid version for teams so the infrastructure should be safe. However, they store your emails to provide some functionalities and push notifications and those servers are rented, so it is not that secure. But still a lot better than for example Edison (in my opinion).

I’ll note again that they send statistical data to several services known for bad privacy policies (Google, Facebook) to which there’s no way to opt out. They also use Amplitude to track how you use the app. Personal data is used (without explanation) “to improve the Product”.

Their security? An “appropriate level” of protective measures. Gives me the warm fuzzies, that.

"We only obtain information necessary to provide you
with our services…Some of the data of our users is
aggregated for statistical purposes and processed in the
legitimate interests as stated in section 2 above"

Indeed: they’re admitting that they scrape your data and sell it as their business model. They say “we” don’t market to you, but your data is indeed scraped and promised to be anonymized when sold, and promised to have ‘appropriate’ security.

Finally, opting out is only possible on a browser-by-browser basis via cookie, and if you have a policy of deleting cookies regularly (I have an app which does this every 45 minutes) then this doesn’t help you either.

They state that: “We do not rent, sell or share your personal data with any third parties, except where We have to comply with Our legal obligation. Some of the data of our users is aggregated for statistical purposes and processed in the legitimate interests as stated in section 2 above.”

So they should not send any personal data. Just statistical data that does not allow the identification of any particulat person or his/her behaviour. I am not saying it is okay, but it is better than Edison and Co.

This raises another question. Email passes through multiple servers before it reaches its destination. Last I heard, this information is not encrypted, which would mean any server lucky enough to transfer your email could scrape it for data.