Netflix Sued For Privacy Invasion

We've discussed the Netflix Prize numerous times as the contest ran, including the news two years ago that the anonymity of the dataset had been broken. Now reader azoblue sends in this excerpt from Wired: "An in-the-closet lesbian mother is suing Netflix for privacy invasion, alleging the movie rental company made it possible for her to be outed when it disclosed insufficiently anonymous information about nearly half-a-million customers as part of its $1 million contest to improve its recommendation system. ... The lead attorney on the new suit, Joseph Malley, recently reached a multimillion-dollar settlement with Facebook over its failed Beacon program, which drew fire in part for sharing users’ Blockbuster rentals with their friends. ... If a data set reveals a person's ZIP code, birthdate and gender, there's an 87 percent chance that the person can be uniquely identified." The suit turns on the question of whether Netflix should have known that their dataset's anonymity could be broken, two years before researchers demonstrated that.

Re:Yes

[Shakrai]

How large an area is a zip code in the states?

Depends on how many households and businesses there are in the area. In a rural setting a zip code may cover an entire city or county. In a heavily urbanized area it may only cover a single building or city block.

The five digit zip code doesn't tell the whole story though. There's actually the nine digit zip code plus a two digit delivery point code. Every single address in the United States will have a unique nine digit zip code + delivery code. It doesn't mean much to the layman but the USPS can actually represent every single address in the United States with an 11 digit number.

Re:netflix tracks birthdates?

[fwice]

I just signed up for an account. It asked for your birthday on the page with your address. However, it _was not_ mandatory.

I conveniently skipped the 'birthdate', 'gender', and 'your opinion of these genre' sections.

Re:So lemme get this straight...

[Registered Coward v2]

In order to protect herself from being potentially exposed, she decided to join a high-profile national lawsuit, charging that they had created a potential for people to find out her sexual preferences. How many days do you think it'll be before her picture is all over the web, sitting right next to the headline "formerly closeted lesbian pulled out of closet by attaching her name and face to a privacy lawsuit"?

She filed as a Jane Doe to protect her privacy.

Re:Yes

[oldspewey]

300000 people in a single ZIP code? In Canada, a unique Postal Code covers maybe 50-80 houses along a street or two, or at most one large condo building with 2000 residents or so.

Within a pool of 2000 (or fewer) people, I can see how gender and DOB could provide unique identification with 87% accuracy. Within a pool of 300000? Not so much.

Re:Filing as Jane Doe?

[Registered Coward v2]

How can a legal-aged adult file as Jane Doe just because of her secret of being 'in the closet'?

Simple - the judge gets to decide if her privacy rights outweigh the public interest in keeping lawsuit information available to the public. for more information see: http://www.legalmatch.com/law-library/article/filing-a-lawsuit-anonymously.html [legalmatch.com]

To me allowing a Jane Doe suit in such cases is not unreasonable; whether or not her name wil eventually become public is another matter.

Re:Yes

[E IS mC(Square)]

There is a difference between US zip code system and Canadian one.

In the US, there is zip5 + zip4 (total 9 digits). If you use both, you are talking about 2-3 houses on a street. This is equivalent to Canadian 3+3 system. But a five digit US zip code may mean anything from one business building to very large number depending on the density.

Re:Yes

[akcpe]

There's really two different ways of listing the code actually, one of which would probably get you down to that level. Zip code is 5 digits + 4 additional digits. When mailing something only the first 5 are required. the additional 4 would likely identify you down to the street level. 12345-XXXX would get you there, but there may be a hundred thousand people in all of 12345. Its unclear to me which Netflix released. Generally the mail I receive with an automatically generated address label (such as from Netflix) includes the -XXXX

Re:netflix tracks birthdates?

[Neon Spiral Injector]

Netflix has no "adult" material. Sure, a few NC-17 films (many of them for violence as much as sex), and some unrated titles, which may get a little blue. But nothing like the backroom of local rental stores.

They don't require an age to be specified because they assume if you have a credit card (which is required) then you can rent anything they have.

Re:Don't you need to have actual damages?

[nomadic]

The way that I thought that it worked was that you sue in civil court when you actuall suffer damages even when the other party was doing something illegal.

In cases at law, for example tort or contract cases, you generally do. This is a case at equity, so the plaintiffs are trying to get injunctive relief (also attorneys fees, but that's considered ancillary to the injunction).

Re:Yes

[MBGMorden]

Generally the mail I receive with an automatically generated address label (such as from Netflix) includes the -XXXX

Just a note, but the reasoning for that is that bulk mailings have a series of steps they can perform to get postage discounts. CASS certification of the address is one of those. It requires lots of things be done to addresses - St. in a city name for example must be spelled out as "Saint" since St is used as the abbreviation for "street". you also have to consistently abbreviate the street names. You can't write out "Street" in the street name unless it's part of the actual name (ie, "Market Street Rd" would be fine, but not "Market Street"). Among the restrictions though is also a requirement that you use the full Zip+4 zip code.

I can't remember the exact discount but IIRC it's around $0.08 per letter. Not a lot, but where I'm at for example we do several large mailings per year that end up between 70,000 and 90,000 letters in volume. With postage bills for those things being tens of thousands for dollars, that $0.08 per letter adds up fast.

Re:netflix tracks birthdates?

[Neon Spiral Injector]

They do have a "Gay & Lesbian" genre, which includes such films as (from the first page):

Milk
The L Word
Angels in America
Midnight in the Garden of Good and Evil
Fried Green Tomatoes

Re:So lemme get this straight...

[nomadic]

She's asking for injunctive relief. None of the plaintiffs will get money if they win.

Re:The closet can be a scary, stupid place

[forand]

Seriously, this is like when my boss didn't want to have his pay directly deposited because he thought the payroll company could snoop in his bank account. It's just not grounded in reality.

While they may not be able to see your transactions any company authorized to direct deposit is authorized to deduct money from your account.

"state-of-the-art defense" and strict liability.

[gandhi_2]

The suit turns on the question of whether Netflix should have known that their dataset's anonymity could be broken, two years before researchers demonstrated that.

This is called a "state-of-the-art" defense, and generally doesn't work.

State of the art defense is the defense that permits a manufacturer to avoid liability in a design defect case if at the time of manufacture there was no safer design available, or in a failure to warn case if at the time of manufacture there was no way the manufacturer could have known of the danger he/she failed to warn against.

Lets say I was making Asbestos oven mitts, no one knew it was dangerous. The state of the oven mitt industry and materials science (the art) was that Asbestos was fine. Then, 50 years later we find out it's dangerous. The lawsuits will probably prevail because the "state of the art" defense doesn't stand up to strict liability [wikipedia.org].

On the upside, she'll probably make some new friends in PTA. And who doesn't love hot buttered soccer moms?

Re:So lemme get this straight...

[Hijacked Public]

Above is the most brilliant thing ever posted to Slashdot.

Re:netflix tracks birthdates?

[Belial6]

That depends on what you consider adult content. While Netflix claims that Alice In Wonderland: An Adult Musical [netflix.com] is rated R, the movie it self has an X rating notice at the beginning. And, while they did cut out the actual close ups of insertion, Pirates [netflix.com] was filmed as a full on porno.

So, while they many not have much, and it may not be hard core by today's standards, they do have adult content.

Zipcodes known to help uniquely identify

[realsilly]

I've done enough work for companies in my years to know that zipcodes can be used to uniquely identify individuals. Since there are still parts of this country in which a person may own a very large piece of land and Zipcodes use the +4 to determine specific blocks within a zip code range, then all one needs is a name or the other info mentioned above to uniquely identify a person. This has been known by banks and the post office for as long as the +4 has been around. Banks have strict guidelines around uniquely identified people and what they must do if they are identified when dealing with offers of credit.

Netflix works with the post office for mass mailing, they would be aware of the ways to uniquely identify people.

Re:Yes

[E IS mC(Square)]

Hey, I was not pulling that out of my ass. I work on similar system right now and know something about zip codes :-)

Now about your theory, here is a better explanation (from http://en.wikipedia.org/wiki/ZIP_code#ZIP_.2B_4 [wikipedia.org])

"A ZIP + 4 code uses the basic five-digit code plus four additional digits to identify a geographic segment within the five-digit delivery area, such as a city block, a group of apartments, an individual high-volume receiver of mail or any other unit that could use an extra identifier to aid in efficient mail sorting and delivery." (the keyword is "within")