SoylentNews is people
SoylentNews
from the you-mean-sombody-hadn't-realised? dept.
The New York Times published an article on Sunday confirming what we've all assumed — that internet privacy policies are so full of loopholes as to be meaningless. They found that of the 100 top alexa-ranked english-language websites, 85 had privacy policies that permitted them to disclose users' personal information in cases of mergers, bankruptcy, asset sales and other business transactions.
When sites and apps get acquired or go bankrupt, the consumer data they have amassed may be among the companies' most valuable assets. And that has created an incentive for some online services to collect vast databases on people without giving them the power to decide which companies, or industries, may end up with their information.
"In effect, there's a race to the bottom as companies make representations that are weak and provide little actual privacy protection to consumers," said Marc Rotenberg, the executive director of the Electronic Privacy Information Center, a nonprofit research center in Washington.
Original Submission
(Score: 2) by frojack on Tuesday June 30 2015, @06:20PM
Agreed.
The law only mandates that they tell you they will do with your data, it seems to place no limits on what they can actually DO with your data, as long as they tell you, in some way what use they will make of it (obfuscated or not).
Further, the rules about what use of the data a future acquirer of the company might make (such as in an eventual sale or merger) seems totally to just about anything.
The whole thing is based around the idea that as long as they tell you, anything goes.
You have to wonder if there is any rational way to do much of what we do on the web.
When I sign up with the gas company for service, and then they are bought out by a bigger gas company, do I have to negotiate service all over again, provide banking references etc, yet again?
When you sign up with company A, because you hate company B and their evil ways, you instantly have a business relation ship with company B, whether you want it or not. No time to get out, no way to deny them information. You're sold like taco on a street corner.
No, you are mistaken. I've always had this sig.
(Score: 2) by edIII on Wednesday July 01 2015, @12:32AM
Then perhaps we just put a blanket ban on all unilateral modifications of contracts by changing the principles involved? Either that, or just say the contract becomes null and void, or is considered breached, if one party attempts to contractually "offload" themselves from it. I seem to recall there being certain rules about how mortgages can be transferred to a new bank, and I'm suspecting we could pull of a modification of the same.
I think you nailed it on the head. A customer should get an opt-out period in which they can safely cancel service and their private information will be destroyed, or at least persona non grata on any server in the business for auditing purposes. As somebody who deals with those databases, I can tell you that I don't want to keep the information. The suits always want to keep it, but I can't ever see any value in it. You know, other than the value of annoying the shit out my customer by selling their information for more money in my pocket. Archive it for compliance, or legal, or just dump it. I can at most see a 90-120 day scheduled period in which I keep it, just in case the customer calls back to talk about something. Otherwise, I get to tell them that our systems literally don't remember them after that time. So yeah, you would need to provide banking references all over again when you come back. I'm betting that's not a terrible inconvenience in the light of the privacy I would offer.
Going further I would give the option to the customer to have all records destroyed *completely*, if an only if, they sign a full release. In which, I will agree to never acknowledge they were even a customer at all to any 3rd party. Ever. The relationship ends as it should, and the release being digital and *binding*, makes no difference who possesses it through transfer. The document itself enumerates the rights to distribute the data, which is, never off that page. Especially not for marketing purposes.
I'm not sure anything goes, but yes, change this in a way that supersedes contract law (making all privacy policies subject to it) and enables stiff penalties for specific kinds of disclosures. There should be laws that say how and when I can move customer information in and out from my business.
Technically, lunchtime is at any moment. It's just a wave function.