I was struck by a post on reddit the other day where a player suggested that his alliance check the ESI for his evemail to see that he was telling the truth about some event.
Seems like corps/alliances have been asking for full ESI access to all characters on all accounts. That means they’re getting things like:
All Eve Mails (is this even legal???)
A complete list of all blueprints, with their locations (not great if you, say, own a T2 BPO).
A complete list of all manufacturing jobs, with finish times.
All structures (POS or otherwise) owned by an altcorp.
Current wallet and SP totals.
What ship the character is flying where (and I think what cargo).
All of my assets, with their locations.
I really don’t want my corp/alliance reading my mail. Also the idea that a former corp or alliance might know that my hauler alt is moving some high value produced items (as well as when my jobs finish), is a bit disturbing.
CCP should change their use policy (and enforce it) to restrict what data third parties can request for their own use. Setting up an automated forum login and the checks to see if I’m in the corp/alliance and pulls my character portrait is ok. Reading my EvE mail is not.