The Bending Spoons Acquisition of AOL: What Email Users Need to Know About Privacy, Data Security, and Your Options

Italian tech company Bending Spoons is acquiring AOL for $1.5 billion, leaving 30 million users concerned about email privacy and data security. This comprehensive guide examines the acquisition's implications, analyzes Bending Spoons' track record with user data, and provides practical guidance for protecting your information and evaluating alternative email providers.

Published on
Last updated on
+15 min read
Christin Baumgarten

Operations Manager

Oliver Jackson
Reviewer

Email Marketing Specialist

Abraham Ranardo Sumarsono
Tester

Full Stack Engineer

Authored By Christin Baumgarten Operations Manager

Christin Baumgarten is the Operations Manager at Mailbird, where she drives product development and leads communications for this leading email client. With over a decade at Mailbird — from a marketing intern to Operations Manager — she offers deep expertise in email technology and productivity. Christin’s experience shaping product strategy and user engagement underscores her authority in the communication technology space.

Reviewed By Oliver Jackson Email Marketing Specialist

Oliver is an accomplished email marketing specialist with more than a decade's worth of experience. His strategic and creative approach to email campaigns has driven significant growth and engagement for businesses across diverse industries. A thought leader in his field, Oliver is known for his insightful webinars and guest posts, where he shares his expert knowledge. His unique blend of skill, creativity, and understanding of audience dynamics make him a standout in the realm of email marketing.

Tested By Abraham Ranardo Sumarsono Full Stack Engineer

Abraham Ranardo Sumarsono is a Full Stack Engineer at Mailbird, where he focuses on building reliable, user-friendly, and scalable solutions that enhance the email experience for thousands of users worldwide. With expertise in C# and .NET, he contributes across both front-end and back-end development, ensuring performance, security, and usability.

The Bending Spoons Acquisition of AOL: What Email Users Need to Know About Privacy, Data Security, and Your Options
The Bending Spoons Acquisition of AOL: What Email Users Need to Know About Privacy, Data Security, and Your Options

If you're an AOL email user, you've likely heard the news: Italian technology company Bending Spoons is acquiring AOL for approximately $1.5 billion. This announcement has left millions of users wondering what this means for their email privacy, their personal data, and whether they should consider switching to a different email provider. These concerns are completely valid—when a company with decades of your emails, contacts, and personal information changes hands, you deserve clear answers about what happens next.

The anxiety many users feel is understandable. AOL has been part of the internet landscape since 1985, and for 30 million monthly active users, it represents years or even decades of accumulated emails, contacts, and digital history. The prospect of a new owner—particularly one with an aggressive acquisition track record—naturally raises questions about data handling, privacy practices, and whether your information will be used in ways you haven't agreed to.

This comprehensive guide examines what the Bending Spoons acquisition means for AOL users, explores the privacy implications based on the company's documented track record, and provides practical guidance for users concerned about their email security and data protection. Most importantly, we'll help you understand your options and make informed decisions about your email provider going forward.

Understanding the Bending Spoons Acquisition: What's Actually Happening

Understanding the Bending Spoons Acquisition: What's Actually Happening
Understanding the Bending Spoons Acquisition: What's Actually Happening

The transaction itself is straightforward: Bending Spoons secured $2.8 billion in debt financing from major financial institutions including J.P. Morgan, BNP Paribas, HSBC, and Goldman Sachs to fund the AOL acquisition and support future growth. The deal is expected to close by the end of 2026, subject to regulatory approvals and customary closing conditions.

For users, the immediate concern isn't the financial mechanics—it's what happens to your data and email service. AOL currently generates over $500 million in annual revenue and maintains approximately 8 million daily active users. The company has evolved significantly from its dial-up internet roots, now focusing primarily on email services, its web portal, and internet privacy protection software.

What makes this acquisition particularly significant is who's doing the acquiring. Bending Spoons isn't a household name for most consumers, but the Milan-based company has built a reputation for acquiring established digital properties and implementing aggressive operational optimization. The company's portfolio includes over 100 digital products reaching more than one billion users, with notable acquisitions including Evernote, Meetup, and most recently, Vimeo.

Bending Spoons' Acquisition Strategy and What It Means for Users

Understanding Bending Spoons' business model is crucial for predicting what might happen to AOL. The company specializes in acquiring mature digital properties with established user bases, then applying intensive data-driven optimization to maximize profitability. Unlike traditional tech startups that prioritize rapid growth and market share expansion, Bending Spoons focuses on extracting maximum value from existing assets through operational efficiency and monetization optimization.

The Evernote acquisition provides the most relevant precedent for what AOL users might expect. When Bending Spoons acquired Evernote in late 2022, the note-taking service had approximately 250 employees and generated roughly $100 million in annual revenue while operating at a loss. Within months of the acquisition closing in January 2023, Bending Spoons laid off nearly all of Evernote's existing workforce, consolidated operations in Europe, and implemented significant price increases—approximately doubling the annual subscription fees for premium tiers.

This operational playbook—acquire established properties, drastically reduce costs, and aggressively optimize monetization—has proven financially successful for Bending Spoons. The company reportedly maintains approximately 35% EBITDA margins across its portfolio, demonstrating exceptional profitability despite managing hundreds of digital products.

For AOL users, this track record suggests several likely scenarios: potential price increases for premium services, aggressive optimization of advertising and data monetization, and possible integration of AOL's user data with Bending Spoons' broader portfolio of properties. While CEO Luca Ferrari has emphasized that Bending Spoons intends to be a "long-term steward" of AOL, the company's historical approach to acquisitions suggests that profitability optimization will be a primary focus.

Email Privacy Concerns: What AOL Users Should Understand About Data Handling

Email Privacy Concerns: What AOL Users Should Understand About Data Handling
Email Privacy Concerns: What AOL Users Should Understand About Data Handling

The privacy implications of this acquisition extend beyond theoretical concerns—they're grounded in both AOL's documented history and Bending Spoons' data-driven business model. For users with years or decades of emails stored in AOL accounts, understanding how your data might be handled under new ownership is essential for making informed decisions about whether to stay or migrate to alternative providers.

AOL's Historical Privacy Track Record

AOL's privacy history includes significant incidents that users should consider when evaluating the company's stewardship of personal data. In 2006, AOL Research released a dataset containing 20 million search queries from over 650,000 users, ostensibly for research purposes. Although AOL attempted to anonymize the data, personally identifiable information was present in many search queries, allowing individuals to be identified and matched to their search histories. The New York Times successfully located an individual from the released data by cross-referencing search queries with phonebook listings, demonstrating the serious privacy implications of releasing nominally anonymized data containing sensitive personal information.

This incident resulted in executive resignations, employee terminations, and a class action lawsuit filed in U.S. District Court accusing AOL of violating the Electronic Communications Privacy Act. While the lawsuit was eventually settled in 2013, the dataset had already been widely distributed across the internet before AOL could remove it, where copies remain available on mirror sites.

More recently, AOL and Yahoo have implemented email scanning practices that analyze email content for advertising purposes. Under Verizon's ownership through the Oath subsidiary, algorithms scan commercial emails in user inboxes, strip out personally identifiable information, and place cookies on users' devices to enable targeted advertising. While Oath maintained that email scanning was an opt-in service applying only to commercial emails rather than personal correspondence, the practice represents a significant privacy concern for many users.

This approach contrasts with competitors like Google, which announced in 2017 that it would cease scanning Gmail users' emails for ad targeting purposes, and Microsoft's Outlook, which states that it refrains from using email content for ad targeting.

Bending Spoons' Data Collection and Privacy Practices

Understanding how Bending Spoons handles user data across its existing portfolio provides insight into what AOL users might expect following the acquisition. Bending Spoons' privacy policies indicate that the company collects personal information including identifiers such as real names, email addresses, and IP addresses, commercial information regarding products or services purchased or considered, usage data and network activity information, geolocation data inferred from IP addresses, and sensory data including audio recordings and images.

The company uses collected personal information for purposes including providing and maintaining services, personalizing user experiences, sending marketing communications, monitoring and analyzing usage trends, and complying with legal obligations. Particularly significant for email users, Bending Spoons' disclosures indicate that the company may derive information and draw inferences about users based on collected data, such as inferring location from IP address information.

Regarding advertising and tracking practices, Bending Spoons indicates that tracking technologies can be used to create user profiles and offer content aligned with user interests, send targeted ads or messages, and conduct statistical analysis to measure effectiveness of campaigns. The company distinguishes between first-party tracking technologies installed and managed directly by Bending Spoons and third-party tracking technologies installed and managed by other developers.

An important limitation exists regarding user access to and control over personal information. Some personal information that Bending Spoons maintains about consumers is not sufficiently associated with enough personal information to allow verification—for example, clickstream data tied only to a pseudonymous browser identifier. The company does not include such information in responses to privacy rights requests, potentially allowing Bending Spoons to retain and utilize significant amounts of aggregate or pseudonymous user data that individual users cannot access or delete through formal privacy rights requests.

What This Means for Your Email Privacy

The combination of AOL's historical email scanning practices and Bending Spoons' data-driven optimization approach creates legitimate concerns about how aggressively email data might be monetized following the acquisition. While regulatory frameworks including GDPR in the European Union and CCPA in California provide important protections requiring notice of material changes to privacy practices, the practical reality is that companies have significant latitude in how they implement data collection and monetization within those frameworks.

For users with sensitive communications, business correspondence, or simply a preference for privacy-protective email services, the acquisition represents a reasonable trigger point to evaluate whether AOL continues to meet your privacy requirements or whether migration to alternative providers would better serve your needs.

Your Rights Under Privacy Regulations: GDPR, CCPA, and What They Mean for AOL Users

Your Rights Under Privacy Regulations: GDPR, CCPA, and What They Mean for AOL Users
Your Rights Under Privacy Regulations: GDPR, CCPA, and What They Mean for AOL Users

While the Bending Spoons acquisition raises legitimate privacy concerns, users aren't powerless—comprehensive regulatory frameworks provide important protections governing how companies can collect, process, and use personal data. Understanding these rights helps you evaluate what protections you have and what actions you can take if Bending Spoons implements privacy practices you find unacceptable.

GDPR Protections for European Users

The General Data Protection Regulation (GDPR) establishes comprehensive requirements for how organizations handle personal data of EU residents. Under GDPR, organizations must adopt "data protection by design and by default," meaning privacy protections must be incorporated into products and services from the outset rather than added as afterthoughts.

Key GDPR provisions relevant to the AOL acquisition include:

Storage Limitation: GDPR Article 5 establishes that personal data can be stored "no longer than is necessary for the purposes for which the personal data are processed." If Bending Spoons changes how AOL data is used, retention periods may need to be reassessed.

Right to Erasure: GDPR Article 17 establishes the "right to be forgotten," allowing individuals to request erasure of personal data without undue delay, subject to certain exceptions such as public interest. AOL users concerned about how their data will be handled under new ownership can request deletion of their accounts and associated data.

Consent Requirements: GDPR requires explicit opt-in consent before sending marketing emails, with clear language explaining what subscribers will receive. If Bending Spoons materially changes AOL's data processing practices—for example, by integrating AOL's email and user data with other Bending Spoons properties or implementing new targeting mechanisms—users may need to affirmatively consent to these new uses of their data.

Transparency Obligations: Organizations must maintain detailed records including IP addresses, timestamps, and specific consent language, which are necessary to demonstrate compliance during regulatory audits. Any material changes to privacy practices must be clearly communicated to users.

CCPA Protections for California Residents

The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA) effective January 1, 2023, establishes privacy rights for California residents. The CCPA gives consumers the right to know about personal information a business collects and how it is used and shared, the right to delete personal information collected from them, the right to opt-out of the sale or sharing of personal information, and the right to non-discrimination for exercising these rights.

As amended by CPRA, consumers also gained the right to correct inaccurate personal information and the right to limit use and disclosure of sensitive personal information including social security numbers, financial account information, precise geolocation data, and genetic data.

Businesses must obtain explicit consumer consent before collecting personal information for targeted advertising purposes and before selling or sharing personal information with third parties. Marketers are prohibited from using deceptive "dark patterns" such as pre-checked consent boxes or convoluted opt-out mechanisms designed to manipulate users into unwanted data sharing.

Practical Steps to Exercise Your Privacy Rights

To make requests for access, correction, or deletion according to rights under CCPA, users can send requests to privacy@bendingspoons.com, with requests subject to an identification and residency verification process. Consumers may exercise CCPA rights through authorized agents, though the company cannot respond to requests if it cannot verify the user's identity or authority to make the request.

For AOL users concerned about privacy following the acquisition, these regulatory frameworks provide important mechanisms to maintain control over personal data. However, the practical reality is that exercising these rights requires proactive action—companies are not required to proactively delete data or change practices unless users specifically request such actions or unless material changes to privacy policies trigger new consent requirements.

The Broader Email Security Landscape: Understanding Your Risks and Options

The Broader Email Security Landscape: Understanding Your Risks and Options
The Broader Email Security Landscape: Understanding Your Risks and Options

The AOL acquisition occurs within a broader context of email privacy and security challenges that affect all users regardless of their email provider. Understanding these fundamental email security risks helps contextualize the specific concerns about the Bending Spoons acquisition and provides perspective on what level of privacy protection different email services can realistically provide.

Inherent Email Security Vulnerabilities

Email as a communication protocol faces several inherent security vulnerabilities that users should understand when selecting email providers and evaluating their privacy needs. Email is not backed by strong encryption in most implementations, with many email services using standard protocols that are not capable of defending against sophisticated cyberattacks by experienced threat actors.

Email files and messages often remain on service providers' servers without adequate protection, increasing the risk of unauthorized access, particularly if the provider experiences a server-side breach or makes operational mistakes that expose stored data. Modern phishing attacks have become increasingly sophisticated, with threat actors using artificial intelligence to create convincing emails that manipulate recipients into sharing sensitive information.

Users also face risks of data interception when sending emails over unsecured networks, malware embedded in email attachments, and broader cybersecurity vulnerabilities affecting the devices used to send and receive emails. Data interception attacks can occur when emails are sent over public WiFi networks or without HTTPS encryption, allowing hackers to steal transmitted data.

Email Provider Scanning Practices

Email providers engage in varying levels of email content scanning, creating privacy risks regarding what information email providers can observe about user communications. While providers typically claim that scanning is primarily for spam filtering and security purposes, these scanning activities create infrastructure and capabilities that could potentially be used for other purposes including advertising targeting and data analysis.

Google Gmail historically included email scanning for advertising purposes, though the company announced in 2017 that it would cease this practice for Gmail users. Microsoft Outlook states that it does not use email content for ad targeting, instead deriving advertising information from third-party data partnerships and user browsing activity on Microsoft services.

Even providers that claim to engage in minimal email content scanning acknowledge that security measures cannot completely prevent unauthorized human access to email content. Representatives from leading email providers have acknowledged that security protocols cannot completely prevent insider threats where employees improperly access user emails.

End-to-End Encrypted Email Services

For users prioritizing maximum email privacy, end-to-end encrypted email services represent a fundamentally more privacy-protective approach to email. Services including Proton Mail and Tuta Mail implement encryption protocols that prevent even the email service provider from accessing message content.

Proton Mail, developed by MIT and CERN academics and based in Switzerland, operates with 70 million users and utilizes end-to-end PGP encryption protecting email content, contacts, and calendar information. The service offers zero-knowledge encryption where even Proton cannot access message content even if presented with court orders, a feature that has been substantiated by historical legal proceedings where Proton has provided law enforcement with evidence that it lacks access to user data.

Tuta Mail, formerly known as Tutanota, combines AES and RSA encryption to encrypt both email content and subject lines, achieving fuller end-to-end encryption of sensitive message headers that PGP does not protect. Tuta is notable for implementing post-quantum cryptography to protect stored data against future attacks by quantum computers.

These encrypted email services involve tradeoffs regarding compatibility with standard email protocols and ease of use compared to major commercial email providers. However, for users with sensitive communications or strong privacy preferences, these services provide substantially stronger privacy protections than mainstream email providers can offer.

The Role of Email Clients in Protecting Your Privacy

The Role of Email Clients in Protecting Your Privacy
The Role of Email Clients in Protecting Your Privacy

An important distinction that many users don't fully understand is the difference between email service providers and email clients, and how email client selection can enhance privacy and security even when using mainstream email services like AOL. Understanding this distinction helps users implement layered security approaches that provide better protection than relying solely on email provider privacy policies.

Email Clients vs. Email Service Providers

Email service providers such as AOL, Gmail, or Outlook store email on their servers and provide web-based interfaces for accessing email. Email clients are applications installed on users' computers that download emails from service providers' servers using standard protocols like IMAP and SMTP. This architectural distinction creates important security implications.

When you access AOL email through AOL's web interface, all of your email data remains stored on AOL's servers, and every interaction with your email occurs through AOL's infrastructure. This means that AOL has complete access to your email content, metadata, and usage patterns. Any changes to AOL's privacy practices or data handling following the Bending Spoons acquisition would directly affect how your email data is processed and potentially monetized.

By contrast, when you use an email client like Mailbird to access your AOL email, the client downloads emails from AOL's servers to your local computer. While AOL still stores the original emails on its servers (unless you configure the client to delete server copies), you now have a local copy of your email data stored on your own device, reducing your dependence on AOL's infrastructure for day-to-day email access.

How Mailbird Enhances Email Privacy and Security

Mailbird offers a locally-installed email client for Windows and macOS that provides several security advantages over purely web-based email access. The application stores email data directly on users' computers rather than in cloud-based servers, providing a security advantage by reducing the attack surface for cloud-based breaches. If Mailbird email data is stored only on a user's local computer, then unauthorized remote access to Mailbird company servers cannot compromise that email data.

Mailbird encrypts data transmission when communicating with remote email servers through HTTPS protocols, protecting data during transit. The email client allows users to opt out of data collection related to feature usage and diagnostics, providing user control over what information Mailbird collects about usage patterns.

For AOL users concerned about how Bending Spoons might handle their email data following the acquisition, using Mailbird provides several practical benefits:

Local Data Control: By downloading emails to your local computer, you maintain access to your email archive even if AOL's service experiences disruptions, policy changes, or if you eventually decide to migrate to a different email provider.

Reduced Dependence on Web Interface: Using a local email client reduces how frequently you access AOL's web interface, potentially limiting the tracking and behavioral data that AOL can collect about your email usage patterns.

Multi-Account Management: Mailbird supports multiple email accounts from different providers in a single interface. This makes it practical to gradually transition away from AOL by setting up accounts with alternative providers while maintaining access to your AOL email during the transition period.

Enhanced Productivity Features: Beyond privacy benefits, Mailbird offers unified inbox management, integrated calendar functionality, customizable layouts, and keyboard shortcuts that many users find significantly more efficient than web-based email interfaces.

Important Limitations to Understand

While email clients like Mailbird provide meaningful security and privacy benefits, users should understand important limitations. Mailbird does not provide built-in end-to-end encryption for emails, meaning that email messages stored on local computers or transmitted across the internet lack the cryptographic protection that would prevent even the email service provider from reading message content.

Email client selection fundamentally cannot address privacy concerns arising from email service provider practices. Regardless of which email client you use to access your email, the email data remains subject to the privacy and security practices of the underlying email service provider. Therefore, for AOL users, the privacy implications of the Bending Spoons acquisition flow primarily from changes to AOL's own data handling practices rather than from the email client used to access AOL emails.

However, email clients can provide security benefits through local storage and encryption in transit, and users seeking enhanced privacy protection benefit from using email clients like Mailbird in combination with careful evaluation of their email service provider's privacy practices.

Practical Recommendations: What AOL Users Should Do Now

For AOL users evaluating their options in light of the Bending Spoons acquisition, several practical steps can help you protect your privacy, maintain access to your email archive, and position yourself to make informed decisions as the acquisition progresses and Bending Spoons' operational approach becomes clearer.

Immediate Actions to Consider

1. Download Your Email Archive: Regardless of whether you ultimately decide to stay with AOL or migrate to an alternative provider, having a local backup of your email archive is essential. Using an email client like Mailbird to download your complete email history ensures you maintain access to important communications even if AOL's service experiences disruptions or if you decide to close your account.

2. Review AOL's Current Privacy Policy: Familiarize yourself with AOL's existing privacy policy and terms of service. Understanding what data handling practices you've already consented to provides a baseline for evaluating whether future changes represent material alterations that would trigger new consent requirements under GDPR or CCPA.

3. Document Your Privacy Preferences: If you're a California resident or EU citizen, consider documenting your current privacy preferences and potentially submitting formal requests to AOL regarding what personal data they maintain about you, how it's being used, and whether it's being shared with third parties. This creates a record of your privacy expectations that can be referenced if practices change following the acquisition.

4. Evaluate Alternative Email Providers: Even if you're not ready to migrate immediately, researching alternative email providers helps you understand your options. Consider whether privacy-focused encrypted services like Proton Mail or Tuta Mail meet your needs, or whether mainstream alternatives like Microsoft Outlook or Gmail offer acceptable privacy protections with better feature sets than AOL currently provides.

Medium-Term Strategy: Transitional Approach

For users with years or decades of email history in AOL accounts, immediate migration may not be practical. A transitional approach allows you to maintain continuity while gradually reducing dependence on AOL:

Set Up a Secondary Email Account: Create an account with an alternative email provider that meets your privacy requirements. Begin using this new address for new correspondence while maintaining your AOL account for existing contacts and historical reference.

Use Mailbird to Manage Multiple Accounts: Configure Mailbird to access both your AOL account and your new alternative email account in a unified interface. This allows you to gradually transition your primary email activity to the new provider while maintaining easy access to your AOL archive for reference and legacy correspondence.

Update Important Contacts and Services: Systematically update your email address with financial institutions, online services, professional contacts, and personal connections. Prioritize updating accounts that handle sensitive information or that you access frequently.

Monitor AOL Policy Changes: Pay attention to notifications from AOL regarding privacy policy updates or changes to terms of service. Regulatory requirements under GDPR and CCPA mean that material changes to data handling practices must be disclosed to users, giving you the information needed to make informed decisions about whether to continue using the service.

Long-Term Considerations

The Bending Spoons acquisition represents a significant change in AOL's ownership and likely operational approach, but the full implications will only become clear over time as the company implements its strategy for the property. Users should approach this transition with a balanced perspective—neither panicking and immediately abandoning email addresses that may be deeply integrated into your digital life, nor ignoring legitimate privacy concerns about how your data might be handled under new ownership.

For users who prioritize email privacy and have concerns about data-driven monetization approaches, the acquisition provides a reasonable trigger point to evaluate whether AOL continues to meet your needs or whether migration to alternative providers better aligns with your privacy preferences and email requirements.

For users who are satisfied with AOL's current service and privacy practices, monitoring how Bending Spoons operates the property following acquisition closure will provide the information needed to make informed decisions about whether any changes warrant reconsidering your email provider selection.

Frequently Asked Questions

Will my AOL email account be shut down after the Bending Spoons acquisition?

Based on Bending Spoons CEO Luca Ferrari's statements, the company intends to operate AOL as a long-term investment rather than shutting down services. Bending Spoons has emphasized that it has never sold an acquired business and positions itself as a "long-term steward" of the properties it acquires. However, this doesn't mean the service will remain unchanged—users should expect potential modifications to pricing, features, and data handling practices as Bending Spoons implements its operational optimization approach. The company's track record with acquisitions like Evernote shows that while services continue operating, they often undergo significant changes to business models and pricing structures.

How will Bending Spoons use my email data and personal information?

While Bending Spoons hasn't publicly detailed specific plans for AOL user data, the company's existing privacy policies across its portfolio indicate that it collects personal information including identifiers, commercial information, usage data, and geolocation data for purposes including personalizing user experiences, sending marketing communications, and conducting statistical analysis. The company's data-driven optimization approach suggests that email data and user behavioral information will likely be analyzed to improve monetization and user engagement. Under GDPR and CCPA regulations, if Bending Spoons materially changes how AOL data is processed compared to existing practices, the company must provide notice of these changes and may need to obtain renewed user consent for new data uses.

Should I switch to a different email provider because of this acquisition?

The decision to switch email providers depends on your individual privacy priorities and how concerned you are about potential changes to AOL's data handling practices. If you prioritize maximum email privacy and have concerns about data-driven monetization, this acquisition provides a reasonable opportunity to evaluate alternatives including privacy-focused encrypted services like Proton Mail or Tuta Mail. However, switching email providers involves significant effort, particularly if you have years of email history and many services tied to your AOL address. A practical middle-ground approach is to set up an email client like Mailbird to download and maintain a local backup of your AOL email archive while establishing a secondary email account with an alternative provider, allowing you to gradually transition while monitoring how Bending Spoons operates AOL following the acquisition.

What privacy rights do I have under GDPR and CCPA regarding my AOL email data?

If you're an EU resident, GDPR provides comprehensive rights including the right to access your personal data, the right to request correction of inaccurate information, the right to erasure (the "right to be forgotten"), and the right to data portability. California residents have similar rights under CCPA including the right to know what personal information is collected and how it's used, the right to delete personal information, the right to opt-out of the sale or sharing of personal information, and the right to non-discrimination for exercising these rights. To exercise these rights with AOL, you can submit requests through the company's privacy request mechanisms, though requests are subject to identity verification processes. If Bending Spoons implements material changes to AOL's privacy practices following the acquisition, users in jurisdictions covered by these regulations must be notified and may need to provide renewed consent for new data uses.

Can using an email client like Mailbird protect my privacy from changes AOL might make?

Using an email client like Mailbird provides meaningful but limited privacy benefits. Mailbird stores email data locally on your computer rather than relying exclusively on cloud-based access, reducing your dependence on AOL's web interface and potentially limiting the behavioral tracking data AOL can collect about your email usage patterns. Local storage also ensures you maintain access to your email archive even if AOL's service experiences disruptions or policy changes. However, email clients cannot address fundamental privacy concerns arising from email service provider practices—regardless of which client you use, your email data remains subject to AOL's privacy policies and data handling practices. For comprehensive privacy protection, using Mailbird should be combined with careful evaluation of whether AOL's privacy practices following the Bending Spoons acquisition continue to meet your requirements, and potentially migrating to alternative email providers if they don't.