To opt out of Grammarly AI training requires business account with 500+ users
front-end.socialKinda chisels away at their official "We're not a keylogger!" argument:
> Is Grammarly a keylogger?
> No. A keylogger records every keystroke, sends data to a third party for the benefit of that party, and does so without the user’s knowledge. Grammarly’s product doesn’t fit any of these descriptions. [0].
Certainly the data being sent must be primarily for their own benefit. Clearly if it was for the benefit of the user then they would have not need to make turning it off a premium feature. Maybe Grammarly will create an AI that makes their product better, but they're still using user data to make that product in the first place.
[0]. https://support.grammarly.com/hc/en-us/articles/360003816032...
A keylogger
1. records every keystroke
This is a new distinction to me. So a macOS program that can record everything except specific password fields (due to the OS protections) can’t be called a keylogger?
2. sends data to a third party for the benefit of that party
Again a weird distinction. Grammarly is a 3rd party to it’s users when they watch the interaction between those users and the web form they are using, and are they saying that they have no partnerships with other companies?
3. does so without the user’s knowledge
This might be the only one I agree with, but even then it’s with caveats. If I as an employer tell my employees that there is software installed to record every keystroke, does that exclude it from being called a keylogger? Probably not. If I do it regardless of informing them and do the same thing with the data, does it particularly matter whether they have knowledge of it? Morally I’d also say probably not.
Does it really “not fit any of these descriptions”? I’d say it does.
It’s an argument tactic that works on people who need precompiled opinions.
Redefine something in a very qualified way that maneuvers around the issue and that a non-thinking person wouldn’t notice and then say “see! A =! B” and the non-thinking person accepts that new fact and is now accepting of your broader argument.
People who use grammarly are commoditizing themselves and they’re too dumb to notice.
Yeah, their argument is a bit ridiculous.
I use keyloggers on my own machines sometimes. I'm a first party, not third, and I've fully disclosed to myself that I'm using them. I've even obtained 100% informed consent for the activity.
But they're still keyloggers.
Is Grammarly a third party when you interact with them or their product? And they don't actually record the data without the user's knowledge, do they?
They might not be a keylogger by their own definition, but everyone can design a definition like that: a thief steals stuff, gives it to a third party for the benefit of that party, and does so without the users's knowledge.
Robin Hood wasn't a thief by his own accord, because he steals openly and gives it to the poor.
Grammarly aren't keylogging by their own accord, because they tell you they're doing it, and they keep the data to themselves.
Still, I feel robbed.
Grammarly is an extremely obvious intelligence cutout masquerading as a company. Their entire business model is getting employees insecure about their English skills to dump sensitive government and business documents into their service without their employer's knowledge. They were founded in and keep multinational offices in intelligence laundering hotspots so the Americans can claim to have received tips from the Germans and the Germans from the Ukrainians and so on.
That doesn’t make any sense. Everyone used it in high school and college, they’re very heavily targeted to education.
If anything, Microsoft Editor (which is on by default) would be an tool of intelligence because we already know Microsoft participated in PRISM, but that’s boring and too unstoppable
Because education is where you get people hooked as life long users?
I think they cater mostly to people whose first language is not English. Maybe they are still keeping intelligence on those people, but there is a legitimate need there
Stipulating that this is a valid concern, the obvious judo move is to craft a bunch of subtle GPT inputs to feed disinformtzya to this alleged collector.
That is, such an intel conduit works well until the the subjects turn the tables.
Probably a high tech thriller plot in there somewhere.
I kinda hate this, but it also seems like the only way to keep Grammarly in business. I've paid them for a personal account since 2016, since ChatGPT's launch - my usage has fallen precipitously. I can write utter stream of consciousness garbage, paste it into GPT-4, and get out a professional looking piece of text.
I'd definitely pay for a private AI assisted writing experience - the biggest blocker I have with using Grammarly is my inability to use it at work.
Shouldn't the policy stopping you from using Grammarly at work also be stopping you from using ChatGPT?
Because of the step change in functionality, ChatGPT is not banned. However I am prohibited from using ChatGPT outputs in certain contexts. Unfortunately, Grammarly and ChatGPT are under different application classifications.
I think the danger is more on what you input to Chatgpt... but true is same for Grammerly as all text typed in the web is sent to them right?
The difference is in the value returned. Punching queries into a third party search engine is also risky. If that search engine knew who you worked for, it could extract what you were working on and potentially how competent you were at it.
Now try telling engineers to not use google.
On the flip side, grammarly is often positioned by corporate security as a nice to have feature which can be replaced by offline spellcheck and internal web docs.
Probably can’t install chrome extensions, but the openai site isn’t blocked, yet.
> it also seems like the only way to keep Grammarly in business.
If that's true, then it raises the serious question of whether they should stay in business.
I pay for Notion which includes AI for docs and includes grammar corrections. Weird times
Thanks. Removed and reported them for abuse when Chrome asked. Also pasted the link in the Grammarly offboarding survey, letting them know why.
Grammarly will be out of business whenever their most recent fund raise runs out. This whole technical stack is completely commoditized
500+ users?
I guess my company's ~150 Grammarly users will have to give its money to someone else.
who?
I’m part of the team at Sapling AI (YC W19).
We offer a no data retention option for all teams. If a business wants to try us out for free I’m happy to set something up.
We also offer our application self-hosted/on-premise/cloud-premise. We have single-tenant (separate data) options as well. These options have a higher deployment cost so they may not make sense for teams under 10.
Microsoft, why not)?
If you're willing to pay to have your privacy invaded, might as well have top of the line.
I’m on the security team at Grammarly, and our CISO addressed this here on Mastodon: https://infosec.exchange/@suha/110860810624160582. Copying his response below for viz:
When it comes to our genAI features, we use Microsoft Azure as our LLM provider and don’t allow Azure, or any third party, to use our customers’ data to train their models—this is contractually mandated. For text analyzed by Grammarly to provide revision suggestions (like adjusting tone or making text more concise), we may retain randomly sampled, anonymized, and de-identified data to improve the product. This data is disassociated from user accounts and ONLY used in aggregate.
We’ve devoted a ton of time and resources to developing methods that ensure the training data is anonymized and de-identified. And any Grammarly user (Free, Premium, Business) can view the data associated with their account by requesting a personal data report from us.
Re: opt-out: When we go through a security review with a business, if requested, that business can completely opt out of Grammarly training on their de-identified and anonymized data—opt-out is not limited to a 500+ license size.
We don’t skimp on security or responsible data practices at Grammarly. We have strict enterprise-grade controls to protect customer data—restricted access, encryption, audit logging, and more. These are backed by industry-standard certifications like SOC 2 (Type 2), HIPAA, and ISO and verified and audited by industry-leading third parties.
More on what we do is at https://grammarly.com/trust.
I’m an individual user. Well, I was. Because you don’t give people like me a path to protect my personal information, not only did I successfully chargeback my yearly subscription, but I made sure to talk to people I evangelized Grammarly and ensure they stop using the app as well.
I really don’t understand why as an individual my privacy is unimportant.
Hey! I'm really sorry to hear this. Regardless of which type of user you are, we aren’t here to misuse your personal information. I work in security and am a Grammarly user. Your privacy, just like mine and any other person using Grammarly, is important. Period.
As I mentioned before, we go to great lengths to ensure that training data can’t be linked to your account or to you personally, and it’s de-identified and randomly sampled. If this doesn’t help, I know our Support team will also assist with the chargeback request.
Currently going through it around this and Zoom at my employer, who are a small team and seem to really not trust my experience in security and privacy. Definitely a losing battle and I’ll probably need to exit soon due to differences in direction.
Anyone hiring in the security field these days? Off to check the last who’s hiring post I guess.
make sure you update your resume with the company's version of Grammarly before you leave