Updated Dec. 16, 2016: We’re happy to hear that Evernote listened to the public outcry and changed its privacy policies so users aren’t obligated to let Evernote employees access their notes.

Even though Evernote backpedaled, there’s still a major problem. Evernote (and many other major companies like Google, Dropbox, Box, etc) store your data in plaintext on their servers. This means that in the event of a data breach (such as the Yahoo breach this week), all of your notes and ideas are exposed. Their Terms of Service does nothing to prevent this.

While Evernote might exclude their employees from viewing user notes for the time being, they can also change their mind in the future. At SpiderOak, we believe that it’s important for consumers to demand more privacy and more security from tech companies. It’s important to continue to demand encryption from the services you use daily to store your data!

Dec. 15, 2016: The popular note-taking app, Evernote, reminded the world this week how easy it is for the majority of services/companies you use to access and read your private data, notes, and ideas.

Evernote announced updates to their privacy policy that will roll out in January to its 200 million users globally. You can opt out of letting Evernote’s machine-learning technologies read your content, but not Evernote’s employees. They claim it’s “unavoidable in order to make sure everything is working exactly as it should.”

Users reacted swiftly to the news and have been extremely vocal, many threatening to leave. We agree with their outrage and don’t think that a vendor/service provider “needs” to be able to see your notes, files, or data. Ever.

This is exactly why all of our products have been built with end-to-end encryption, so we can NEVER read your data – even if we wanted to. We call this approach Zero Knowledge because we have Zero Knowledge of what you’re storing. For more on this, see our CEO/Co-Founder’s post earlier this year, “Why don’t other major corporations build Zero Knowledge systems?”


We’ve been prototyping a collaborative and encrypted Zero Knowledge note-taking app for some time, with anticipated launch in 2018. Our encrypted note app would be built with the same secure messaging technology used by Semaphor, our encrypted group chat and file-sharing tool, with reviewed and published source code.

For more details on the Evernote story and privacy policy, check out these articles on Forbes, TechCrunch, ZD Net, or see what people are saying on Twitter.

Lastly, if you used Evernote for passwords, try our free Zero Knowledge password manager called Encryptr.