A client of mine asked me to install Yoast SEO plugin on her WP blog yesterday. Yoast asked me permission to link the plugin to Google Webmaster Tools in order to optimize the site, so I said fine. Had never done this link before though. To my surprise, Yoast pulled a list of every site I manage for clients on my GWT. It did not restrict itself to the current site, but pulled a list of every site and printed it right inside my client's WP panel. If this customer were sitting beside me, they'd have seen all the sites I work for right inside her WP panel. Also, whoever runs Yoast now knows every site, mine or third party, that I have on GWT. Why did the plugin have to do that? This is becoming commonplace these days. You buy a phone and it asks you for permission to add a simple icon to your contacts. You grant permission for it to add the icon, and all of a sudden the fucking thing will upload every single contact in your phone up to Google's servers. Who asked the fucking phone to do that? I just wanted a simple icon. This is getting worse every day. You take a photo with your phone and it's immediately uploaded to wherever. Whatever happened to privacy? Same thing is happening in SEO and on the WWW. Every single plugin in every single app is trying to mine all your info to upload it to servers across the globe. When did this suddenly become OK? So you want a simple WP plugin to optimize titles and place some meta tags, and now my entire Google history and every single site I've worked for that uses GWT is linked inside my client's WP admin panel! Why? Also, during regular use of the plugin, it seemed VERY intrusive on the WP admin panel. The thing is everywhere and monitoring every word you type to offer you "advice". Every keystroke is processed so it tells you "that title is too long" or "you haven't used the keyword yet". That's all bullshit, it's basically just monitoring everything I type for whatever reason but it's NOT just for SEO. Be warned that Yoast is a very intrusive plugin that is monitoring every keystroke you type inside WP admin - every single one. They are gathering massive amounts of info from WP blogs and linked Google accounts. Maybe I'm old and this is ok nowadays, it's not ok for me. Any site I have in GWT is white hat and legit, but I didn't want the list to be there on my clients site. I have nothing to hide, but the issue is I did not grant it permission to dig into my data like that. Whatever you do, do NOT link ANY plugin to ANY other account. Even the most harmless OAUTH permission might end up being a privacy hazard in the long run.