Forgot your password?
typodupeerror
Privacy Books Security The Courts The Internet Your Rights Online

Borders Bust Means B&N May Get Your Shopping History 230

Posted by timothy
from the you-probably-should-have-anticipated-this dept.
coondoggie writes "To perhaps no one's surprise, Borders bookstore collected a ton of consumer information — such as personal data, including records of particular book and video sales — during its normal course of business. Such personal information Borders promised never to share without consumer consent. But now that the company is being sold off as part of its bankruptcy filing, all privacy promises are off. Reuters wrote this week that Barnes & Noble, which paid almost $14 million for Borders' intellectual assets (including customer information) at auction last week, said it should not have to comply with certain customer-privacy standards recommended by a third-party ombudsman."
This discussion has been archived. No new comments can be posted.

Borders Bust Means B&N May Get Your Shopping History

Comments Filter:
  • Hope this never happens to Amazon...

    • by mjwx (966435)

      Hope this never happens to Amazon...

      What difference would it make?

      Amazon UK has been spamming me with the same book I bought a month and a half ago. Would it matter if B&N does it too?

      • by C_Kode (102755)

        Hope this never happens to Amazon...

        What difference would it make?

        Amazon UK has been spamming me with the same book I bought a month and a half ago. Would it matter if B&N does it too?

        You are extremely naive if you think that is the only implication here.

        • Just the list of valid e-mail addresses and credit card info is next to priceless in the wrong hands...
      • Amazon sells many, many things including (but certainly not limited to) herbs, electronics, sex toys, bondage gear, gourmet food, and of course books about almost any subject. Any marketer would love to have detailed shopping histories from Amazon...
    • by mjwx (966435)

      Hope this never happens to Amazon...

      In all seriousness,

      How long until Gmail "prioritises" all advertising into a "secondary" inbox that is not presented with ones personal mail by default.

      I'm certain I'm not the only /.er who's set up rules for Amazon and the like to be automatically shunted into a different folder.

      • Re: (Score:3, Interesting)

        by maxume (22995)

        Does Amazon actually send you stuff you don't want? All I get from them are order and shipping confirmations, perhaps I clicked something about not sending me advertisements.

        • by jgagnon (1663075)

          This. I've never received junk email from Amazon and I've been a customer since 1997.

      • by dadioflex (854298)
        Right at the bottom of every marketing message from Amazon is a link to take you to your account page. Don't click on it. Instead open your browser and manually enter the link and enter your account. You can adjust exactly what email they send you from there.
      • I set up a filter for that. I sometimes need to add a new "newsletter" to it, but it sends those mails that are not-quite-spam to a seperate folder. I can skim over that every few days (cause these com from companys that I perhaps want to do business again with) but they don't disturb me with ringing my phones new mail alert.

  • how is this legal? (Score:4, Insightful)

    by ILongForDarkness (1134931) on Thursday September 22, 2011 @01:23PM (#37482008)
    Information is an asset I'll admit. But the access to the information was clearly bounded by Border's privacy policy. I really don't understand why the courts are even considering the possibility of allowing it to be sold. If the privacy policy said only Borders would access the data then when Borders ceases to exist than so should the data. B&N can just ask you to give them the info if you choose to under their privacy agreement. The fact that the company would even try to purchase information covered under a privacy agreement with another company puts them on my no-buy list.
    • by 0123456 (636235) on Thursday September 22, 2011 @01:29PM (#37482086)

      If the privacy policy said only Borders would access the data then when Borders ceases to exist than so should the data.

      Data doesn't disappear just because the company does. This is why anyone who's interested in privacy should be ensuring that no-one else has their data in the first place.

      A 'privacy policy' is not a legally-binding agreement, and even if it was there's no guarantee that it would apply in bankruptcy.

      • No, no it's much worse than that.

        Corporations can't be killed. They can be consumed by another corporation but the bits and pieces (especially bits these days) never dies. New corporations feed off the rotting entrails of older ones but they grow up to be functionally all the same.

        Much worse than a Zombie infection. Sort of like a rootkit. Reboot all you like, it's still there.

      • I think the article mentions a "deceptive business practice" clause that could cover this kind of thing. The fact that the information was supplied to you for a specific purpose should bind you to only use it for that purpose. I know I'm being naive but it does seem a rather unethical thing to do. What if for example the courts decide to license out the info from Borders rather than just sell it to one company (or the buying company does it)? Say they see you bought books about animals and the next thing yo
        • A "deceptive business practice" clause that could cover this kind of thing.

          Well, yeah, if there was anyone left to enforce it against. Which there isn't. Because the whole point of Chapter 7 is that tere's nothing left.

          • But they are claiming there is something left when they try to sell it. Also if the court is controlling the bankruptcy sale they should be able to say this can be sold, that can't etc. My understanding is you file Chapter 7 but it is an ongoing process it isn't a one time "oh we are done" it is a long involved process potentially with the attempt to salvage the company, sell of parts, etc.
            • When attempting to salvage parts of the company the Judge doesn't want to rule that something can't be sold. His primary concern is making sure debtors get money back. The data is something that clearly has value to B&N. There is not much damage to consumers if the data is transfered from Borders to B&N. No customer is going to lose money, be embarrased, or go to jail because of this deal. Damages to the consumer is very hypothetical. So why not let it go through.
      • by martin-boundary (547041) on Thursday September 22, 2011 @06:53PM (#37485754)

        A 'privacy policy' is not a legally-binding agreement, and even if it was there's no guarantee that it would apply in bankruptcy.

        If so, then let me point out the elephant in the room:

        When are Google and Facebook going into bankruptcy and who's going to buy them?

    • It is screwy. But I am sorta glad B&N purchased the info and not someone else. At least with B&N we know what that the info will be used in the exact same way it was used under Borders. I would love a ruling that the data needs customer approval for transfer though.
    • by tlhIngan (30335)

      Information is an asset I'll admit. But the access to the information was clearly bounded by Border's privacy policy. I really don't understand why the courts are even considering the possibility of allowing it to be sold. If the privacy policy said only Borders would access the data then when Borders ceases to exist than so should the data. B&N can just ask you to give them the info if you choose to under their privacy agreement. The fact that the company would even try to purchase information covered

  • Now I'm glad I always turned down the Borders Rewards Card.

  • by SirGarlon (845873) on Thursday September 22, 2011 @01:24PM (#37482016)

    The final clause in all privacy policies are words to the effect, "this policy is subject to change at any time, with or without notice to you." Now we have an example of what that means.

    I have always regarded that a license to defraud the consumer, as they can initially offer privacy terms that are acceptable, then collect your data, then revoke the privacy protections without giving you a chance to change or delete your data.

    • The final clause in all privacy policies are words to the effect, "this policy is subject to change at any time, with or without notice to you." Now we have an example of what that means.

      I have always regarded that a license to defraud the consumer, as they can initially offer privacy terms that are acceptable, then collect your data, then revoke the privacy protections without giving you a chance to change or delete your data.

      IANAL, but that is only there so they can update it via the website without specifically telling you what the changes are or that changes occurred. One reason for that is because it can be hard to track someone down when the only information may have changed - e.g. they moved or they got a different phone number, or a different e-mail address and (for any or all) they forgot to tell you about any of the changes. How then would you go about notifying them?

      The issue here is that Bankruptcy courts have pre

      • by SirGarlon (845873)

        IANAL, but that is only there so they can update it via the website without specifically telling you what the changes are or that changes occurred.

        That's what they want you to think, and they may have even meant it at the time. IANAL either, but since the clause does not specify the nature or extent of changes they make, it seems to me they can change it completely, even reversing the entire spirit of the thing, and all they have to do is "post" (read, bury) a notice on their Web site somewhere.

        • IANAL, but that is only there so they can update it via the website without specifically telling you what the changes are or that changes occurred.

          That's what they want you to think, and they may have even meant it at the time. IANAL either, but since the clause does not specify the nature or extent of changes they make, it seems to me they can change it completely, even reversing the entire spirit of the thing, and all they have to do is "post" (read, bury) a notice on their Web site somewhere.

          True. All they have to do is update the publicly posted agreement. However, that wouldn't protect them from a Class Action lawsuit - while Bankruptcy court would. (IANAL)

  • bankruptcy creditors (Score:5, Interesting)

    by Skapare (16644) on Thursday September 22, 2011 @01:24PM (#37482020) Homepage

    This kind of decision would turn every (former) Border's customer into a potential creditor in the bankruptcy proceeding, since it becomes a cost and damage to that customer if the privacy terms already agreed to are changed. Imagine if even 1 person of Border's (former) customer were to file a petition with the bankruptcy court to enter as a creditor.

    • by Skapare (16644)

      Oops, that should be 1 PERCENT of ...

    • This kind of decision would turn every (former) Border's customer into a potential creditor in the bankruptcy proceeding, since it becomes a cost and damage to that customer if the privacy terms already agreed to are changed. Imagine if even 1 [percent] person of Border's (former) customer were to file a petition with the bankruptcy court to enter as a creditor.

      Even if this, shall we say novel, concept of counting you as a creditor based on some implied contract in the privacy terms actually flew with the court (I doubt it, but I'm humoring you) the whole point of bankruptcy is that the debtor cannot honor all its creditors going forward. That's what it means to be asset-insolvent -- you owe creditors more than you are worth and so many of them, by necessity, don't get the obligations honored.

      Since, even in your theory, you took an un-secured (no-collateral was of

    • by dkleinsc (563838)

      Imagine if even 1 person of Border's (former) customer were to file a petition with the bankruptcy court to enter as a creditor.

      The court would come back with "Go away - your information might be worth about $10 to you, while these other creditors are owed millions."

    • by MarkvW (1037596)

      This kind of decision would turn every (former) Border's customer into a potential creditor in the bankruptcy proceeding, since it becomes a cost and damage to that customer if the privacy terms already agreed to are changed. Imagine if even 1 person of Border's (former) customer were to file a petition with the bankruptcy court to enter as a creditor.

      First, you would be an unsecured creditor. Second, you'd have to address the valuation of your claim. Third Litigation of that claim would be expensive. F

  • That's awesome! (Score:5, Informative)

    by Ardeaem (625311) on Thursday September 22, 2011 @01:25PM (#37482026)
    So, if I buy a harddrive from someone, and it has some software installed on it, that means that I can do whatever I want with it because I didn't agree to the ToS! Right...?
    • by DinDaddy (1168147)

      Along the lines of corporations are people. If someone has private pictures of you on their computer, and has promised never to show them to anyone else, but they die and someone buys their computer at an estate sale, you're sort of SOL.

    • by gstoddart (321705)

      So, if I buy a harddrive from someone, and it has some software installed on it, that means that I can do whatever I want with it because I didn't agree to the ToS! Right...?

      Someone should distribute the information for the entire management-level people at B&N. Phone, address, list of children, VISA numbers ... And, then of course, anybody with that information would say that they couldn't possibly be bound by any terms of use because they never made any agreement.

      That might demonstrate to these peop

      • by rwv (1636355)

        Phone, address, list of children, VISA numbers

        Yes, yes, NO, Yes.

        Paint of an example for these people. Leave them voicemails about how important privacy is. Send them mail about how important privacy is. Use their credit card to buy yourself books from Barnes and Nobles (or buy books about privacy and ship the books to their addresses). But for the love of all that is good, leave their kids and families out of it.

        • by gstoddart (321705)

          Actually, I definitely have to agree ... leave the kids out of it ... didn't think that through as I typed it.

  • by C_Kode (102755) on Thursday September 22, 2011 @01:37PM (#37482188) Journal

    Not have to comply? They should be legally bind to it.

    • It's bankruptcy, judges can get rid of contract classes as they see fit. Want it fixed you need a federal law (or patchwork of state laws) precluding the sale, lease or otherwise transfer of all personally identifying information without the consent of that person at the time of transfer (aka no fine print you allow this forever BS). Might want to tack on a company must expunge that same info opon request, or after n years of inactivity.

  • If B&N made this an optional thing for consumers, I'd be okay with it. "Were you a Borders Rewards user? Like to have your personal preferences and history transferred over to our B&N card? Just let us know, and as a transferring bonus, we'll give you an extra 10% off any one item." Yeah, I might sign up if it was presented to me as a choice.
    • by idontgno (624372)

      But that's bad business. Giving away a 10% discount when you can just take with no further consideration than the actual bankruptcy purchase price of the IP and the small cost of lawyers to persuasively make your case to the bankruptcy court? Completely unnecessary.

      You're paying the lawyers anyway, and you'd have to buy the IP to even have the chance to ask every Joe Bagodonuts "Mother may I", so you might as well just do it and save yourself some money. Even if you have to retain a few lawyers to fend off

  • by Anonymous Coward on Thursday September 22, 2011 @02:04PM (#37482534)

    You have to scroll way down to find this, but this is part of the Borders privacy policy:

    Disclosures in connection with acquisitions or divestitures.
    Circumstances may arise where for strategic or other business reasons Borders decides to sell, buy, merge or otherwise reorganize its own or other businesses. Such a transaction may involve the disclosure of personal and other information to prospective or actual purchasers, or receiving it from sellers. It is Borders' practice to seek appropriate protection for information in these types of transactions. In the event that Borders or all of its assets are acquired in such a transaction, customer information would be one of the transferred assets.

  • by Nadaka (224565) on Thursday September 22, 2011 @02:07PM (#37482570)

    If the company buying the data at auction is not held to the same privacy standards as the original, this means that shell companies can be formed to gather information under strict nondisclosure, then intentionally fold and provide the information without restriction and in violation of the original disclosure agreement.

    • by 0123456 (636235)

      If the company buying the data at auction is not held to the same privacy standards as the original, this means that shell companies can be formed to gather information under strict nondisclosure, then intentionally fold and provide the information without restriction and in violation of the original disclosure agreement.

      And, uh, why were you handing personal information to fly-by-night shell companies?

      • And when big-box retailers form subsidiaries to manage all that precious data, and those subsidiaries mysteriously get mismanaged to the point they get reorganized regularly, voiding all privacy promises each time, where will you shop? If B&N gets away with it, I expect Wal-Mart and Best Buy to quickly farm out all customer data collection to a "separate" company, i.e. "Wal-Mart Consumer Interaction Contractor" and "Best Buy Communications, Inc."
  • Honestly, I don't care if Borders gives my purchase history to B&N. That should be the only thing they get, though. I shopped at both stores. It would be great if B&N would use this data to send me coupons for science fiction books!
  • Just tried to poison my account info. The response was "We're sorry. This feature is temporarily unavailable. Please try again later." It may be too late :/

  • anyone remember Flooz? they did the same thing. and since people used it as a purchase buffer, i imagine t had juicier purchase history info.

  • by sirwired (27582) on Thursday September 22, 2011 @02:37PM (#37482906)

    This became a well-settled area of law when lawsuits by Scientology drove the Cult Awareness Network into bankruptcy. The Scientologists were able to get a hold of CAN's confidential files in the BK, despite strenuous objections by many parties.

    If those files can't be protected, I don't see your book purchasing habits at Borders being particularly sarconsact.

  • sold at the counter? They know how much I love them now?
    I promised I'd never let Barnes and Noble know how much I love those chocolate balls. That was between me and Borders!

      I feel so violated.

  • Aren't there laws or court rulings in the USA regarding people's library and video rental history privacy? Hopefully those extend to book and magazine-buying as well...
  • Barnes & Noble, which paid almost $14 million for Borders' intellectual assets (including customer information) at auction last week, said it should not have to comply with certain customer-privacy standards recommended by a third-party ombudsman.

    In unrelated news, I say customers should not buy anything from Barnes and Noble ever again.

    • by Anrego (830717) *

      Boycotting every company that does something immoral or unethical doesn't leave you with much.

      Unless one chooses to live as a hermit off the land out in the woods somewhere. For the rest of us, we just have to bend over and take it.

    • Meh B&N did you a favor by buying it. The other bidders was probably Zynga, eHarmony, Facebook, and Rupert Murdoch. Lessers of two evils and all that.
  • Sellective buying (Score:4, Insightful)

    by mwvdlee (775178) on Thursday September 22, 2011 @04:15PM (#37483988) Homepage

    B&N: Hi, we'd like to buy some parts of Borders.
    Executor: Sure, which parts would you like?
    B&N: Everything except the legal obligations, please.

  • Barnes and Noble's argument that the Borders customers whose data they bought will be protected by their own policy is specious. The very act of B&N purchasing the information is in and of itself a violation of the previous privacy agreement. That's like a bank robber saying, "Sure, I took the money, but don't worry, I won't share it with any other criminals."

From Sharp minds come... pointed heads. -- Bryan Sparrowhawk

Working...