Adobe joins Microsoft in admitting it's now basically spyware

Updated terms give Adobe the right to “access your content through both automated and manual methods”.  

Story updated 15:00 June 6, with the addition of an Adobe statement.

Adobe is facing a privacy firestorm after users spotted changes to its terms of use, last updated February 2024, that highlight the company's right to “access your content through both automated and manual methods.”

It defines "content" as "any text, information, communication, or material, such as audio files, video files, electronic documents, or images, that you upload, import into, embed for use by, or create using the Services and Software."

Adobe appears to be pushing those terms users via their applications this month with multiple customer responding with distinct displeasure to being effectively strong-armed into accepting them

The company joins Dropbox, Slack, and Microsoft in being among major SaaS providers to face recent heightened scrutiny over privacy T&Cs or new product releases, with generative AI often the culprit.

Closer scrutiny by The Stack of the updated terms of use shows that February updates are notable but minimal compared with how they read in 2023. See a comparison below, with Februarys updates in colour.

Adobe's terms of use, late 2023 and February 2024 as compared by The Stack. n.b. Section 4.1 shows no changes despite the highlighting here.

A separate “content analysis” FAQ from Adobe says that it “performs content analysis only on content processed or stored on Adobe's servers; we don't analyze content processed or stored locally on your device.”

Its terms of use (in wording that was the same in 2023 also) suggest that they extend to “your installation and use of any software that we include as part of the Services, including, without limitation, mobile and desktop applications, Sample Files and Content Files (defined below), scripts, instruction sets, and related documentation (collectively, the “Software”).

See also: Google Cloud's Matt Renner: “Half of all AI PoCs are just a bad idea"

The privacy scrutiny, like so much in recent months, comes as Adobe starts to bake generative AI into applications – in March, for example, taking to GA an AI Assistant in Reader and Acrobat, “a new AI-powered conversational engine deeply integrated into PDF workflows” that is underpinned at the back-end by Microsoft Azure OpenAI Service.

(nb: The company says “we specifically prohibit third parties from manually reviewing or training their LLMs on Adobe customer data.”)

Its privacy policy meanwhile sees Adobe admitting that it has a distinctly liberal approach to whom it discloses personal information, if not user content.

It may do so to “providers of customer support services, chatbots, session replay partners who provide services which recreate a web or app session showing meaningful insight into a visitor’s experience, providers of analytics technologies that record and analyze your interaction with our websites to help us improve your experience, providers of artificial intelligence technologies that record and analyze your content or communications, payment processing services, fraud monitoring and prevention, detecting and preventing deceptive or illegal activity or misuse of our Services and Software, email, social media, and other marketing platforms and service providers, and hosting services.”

Phew.  

The row comes as Microsoft faces a growing outrcry over a feature called Recall that’s turned on by default, Microsoft’s new AI-powered Copilot+ PCs will screenshot users’ activities every few seconds and store the images for months. Despite Satya Nadella’s claim that Recall has a “magical” ability to ensure the data won’t leave your laptop, an enterprising hacker named Alex Hagenah has already released a demo tool called TotalRecall that can extract and display all Recall records. 

In a statement, Adobe told The Stack: "This policy has been in place for many years. As part of our commitment to being transparent with our customers, we added clarifying examples earlier this year to our Terms of Use regarding when Adobe may access user content.

"Adobe accesses user content for a number of reasons, including the ability to deliver some of our most innovative cloud-based features, such as Photoshop Neural Filters and Remove Background in Adobe Express, as well as to take action against prohibited content. Adobe does not access, view or listen to content that is stored locally on any user’s device."

nb: Cynics might note that whilst its AI Ethics paper mentions “Adobe” 28 times, neither “security” nor “privacy” get a single mention. As The Stack has previously noted, communicating well in this space is hard.