AT&T Rewrites Privacy Policy

VikingThunder writes "The San Francisco Chronicle reports that AT&T has revamped its privacy policy, in an effort to head off future consumer lawsuits, with changes taking effect this Friday. AT&T is introducing a new policy that gives it more 'latitude' when it comes to sharing your browsing history with government agencies. Notable changes include notification that AT&T will track viewing habits of customers of its new video services Homezone and U-Verse, which is forbidden for cable and satellite companies, as well as explicitly stating that the customer's data belongs to the company: 'While your account information may be personal to you, these records constitute business records that are owned by AT&T. As such, AT&T may disclose such records to protect its legitimate business interests, safeguard others, or respond to legal process.'"

It's time to take action.

[evileyetmc (977519)]

Well, I knew it wasn't going to be long before companies decided to openly admit that playing politics was more important than treating their customers right. Agreed that they had been playing politics in the past *cough* Bush's domestic wiretapping *cough*, but only now are they confirming that and trying to save their behinds from lawsuits like the kind the EFF has filed for unwarranted wiretaps.
This is exactly the treachery that leads to companies going under...You f*ck the consumer, you get f*cked right back.

I say call up your local congressman/woman and tell them that you want the Cable Communications Policy Act of 1984 to include provisions for all methods of distributing content, including IPTV. Also explain to them that your privacy is important to you and that you want them to support as many privacy bills as they can.

Of course, if that doesn't work, just ditch AT&T. I know there is enough competition out there to cripple them. Alas, you might end up paying a bit more, but think of it as the price you pay for privacy, and consumer-friendliness.

Re:It's time to take action.

[bleh-of-the-huns (17740)]

Ditching ATT is not so easy, they have a very large infrastructure and massive backbone. There is really no way to avoid using their services, either directly or indirectly. I hate to say this, but the only way to stop this is through gov intervention (I wont say regulation because I have regulation), but there is little way for the avg consumer to impact ATT's pocket book, now if companies (end user ISPs and such) toss ATT, that would definately hurt them.

Re:It's time to take action.

[harrkev (623093)]

Of course, if that doesn't work, just ditch AT&T.

I currently do not use AT&T. However...

Anytime anybody calls me using AT&T, my phone number appears in those records. And since I am not an AT&T customer, I have not agreed to their privacy policy. Is there any legal remedy for this?

Re:It's time to take action.

[hackstraw (262471)]

Anytime anybody calls me using AT&T, my phone number appears in those records. And since I am not an AT&T customer, I have not agreed to their privacy policy. Is there any legal remedy for this?

All "privacy policies" are bullshit. They all say at the end of them something in legalese like: "We reserve the right to change our mind at any time".

Personally, I believe that _WE_ as individuals should create our own privacy policy and make businesses/corps sign it.

The problem is that no business or corporation or whatever would sign our privacy policy. The rights of individuals have been officially lost as far as I can tell.

Re:It's time to take action.

[Lumpy (12016)]

First remembet that it is not AT&T but SBC wearing a AT&T suit they bought.

This is typical SBC tactics they have been pulling over the years.... They just thought that by changing their name nobody would notice.

remember when you hear AT&T you are not hearing the AT&T from the past but SBC trying to hide from their reputation.

Re:It's time to take action.

[gstoddart (321705)]

This is exactly the treachery that leads to companies going under...You f*ck the consumer, you get f*cked right back.

Well, it's a nice theory. In practice, it doesn't mean a damned thing. Cranky consumers can't do anything to a company like AT&T, not really.

If you explicitly refuse this new privacy policy, do you really believe that will cause them to purge your records? No, they're gonna retain what they have already even if it violates their previous policy.

What if you can't change? Live in a place where there is exactly one provider of broadband? Think you'll give up your high-speed just to try and punish AT&T? (And if you do, they're gonna keep what they have.)

Now that they've said this, and now that they're gonna track everything, your assent to their privacy policy will become irrelevant.

Since they operate much of the backbone, what is to stop them from passing on information about people with whom they don't actually have a current/past business relationship? Nothing, they'll still be passing on their routing data which covers people who could not possibly have consented to the privacy policy. International data gets routed through AT&Ts trunks.

Hell, I live in a whole different country (Canada), and my cell-phone company (Rogers) is associated with AT&T. Which probably means that some if not all of my own damned information is probably going to flow south of the border. Which fscking Congressman am I going to fskcing contact to complain about this? Oh, wait, that would be absolutely fsking noone, that's who.

Do you think the government is going to legislate/intervene/say anything? They want this kind of things more than ever. If a company makes you sign a contract that says "we can do anything we want", the current administration has only to gain from this. They're more than happy to extend the territoriatility of their laws with little regard -- despite that if any other country tried to extend their laws in the same way, the US would be screaming bloody murder.

AT&T's decision to do this affects way more people than the number of people who are going to be asked to agree to this privacy policy. It's probably going affect me personally, and I don't have a business relationship with them. And probably a whole lot of other people.

Re:It's time to take action.

[voice_of_all_reason (926702)]

well, I just finished writing my letter, so a college temp making $7/hour will definitely be hearing it from me

Fixed.

Re:Effective tool

[PDHoss (141657)]

you could just show some evidence that the person may be linked to a terrorist organization, and wahlah, you have a warrant

TERRORIST KEYWORD PROBABILITY: 92.89% IP LOGGED. FEDERAL FISTING IMMINENT.

Well, I would not be surprised...

[Bananatree3 (872975)]

if the other telcos started doing the same thing. In the beginning they simply said all their interactions were "classified" with the governement, building a huge smokescreen with which to hide behind. Now they have to deal with lawsuits, and they slip this into their privacy statement to stymie the 'suits. Knowing how telcos really like to avoid such suits I wouldn't be surprised if AT&T has started a fad.

Reminding you once again...

[Jerf (17166)]

Reminding you once again that any privacy policy [sbc.com] that includes the clause that it can be changed at any time with minimal notification and no consent is no privacy policy at all.

(To be fair, the linked policy does have a nod towards "materially different" changes to the privacy policy. But guess who decides what "materially different" is...?)

Time for the Privacy Act

[Mad Dog Manley (93208)]

As such, AT&T may disclose such records to protect its legitimate business interests, safeguard others, or respond to legal process.'"

Don't you see, AT&T is doing this for you, the valued customer. It is in your best interests. Don't you want to be kept safe from the evil0rz criminals?

In Canada, the Privacy Act restricts the ability of corporations to share private information. Admittedly it's not perfect, but it appears to be better than what exists in the United States.

Re:Time for the Privacy Act

[Mad Dog Manley (93208)]

They're not protecting their customers, they're protecting themselves.

That's not all. The wording in the old privacy policy said:

the company "may disclose your information in response to subpoenas, court orders, or other legal process to the extent required and/or permitted by law"

New policy:

the company "may disclose your information in response to subpoenas, court orders, or other legal process"

Looks like the law isn't important to them anymore.

Perfect opportunity for me to get off my duff.

[(H)elix1 (231155)]

With my bride and I both using cell phones as our primary line, I've put off canceling them on my POTS line for long distance service. Well no more - the $8USD/month (was $3, but it looks like it jumped up with extra fees) just to have the service is not a lot of cash, but at least I'll get a chance to give AT&T a big old FU and the horse you road in on. The rep had the brass to say this was something to strengthen my 'privacy', then started on a song and dance about September 11th.

For those in the US, 1-800-222-0300 option 6 gets you where you need to go. Expect a 30 minute (or more) wait time.

Fuckers...

Relationship to NSA Tracking

[tabdelgawad (590061)]

I was going to submit the following Salon article to the front page, but this will have to do

http://www.salon.com/news/feature/2006/06/21/att_n sa/index_np.html [salon.com]

You have to wonder if the two stories are related.

sheep

[non (130182)]

i hate regulation...
privacy policy...
etc.

are you people stupid? you must be, the government just announced it spent 30 million of your money to buy exactly this type of information. in my mind thats the ultimate indignation, they broke the law, and operated against my interests using my cash. if you're going to sit around and just carp about privacy policies rather than demanding serious reforms AND regulations in the laws governing personal information then thats exactly what you are...

Colluding with the government

[Anonymous Bullard (62082)]

Although most Americans seem to accept this kind of erosion of personal privacy in the name of comrade Bush's long war of terror or simply as the undeniable birthright of large corporations, only a handful understands that these kind of US policies are helping spread the big chill across other continents as well.

Forgetting about hypocrisy for a moment, there was a time when the US would advocate and to an extent even represent personal freedoms in most other parts of the world. Now it's all empty talk in inaugural speeches about the great USA is helping oppressed people regain their freedoms but as it happens most of those people desperately needing american support just happen to be oppressed by so-called allies in this "war of terror, countries like China etc.

For those of us who actually live under undemocratic governments, the fact that american telecoms are helping the government track people and their interests is making it painfully easy for other freedom-hating regimes to impose similar or worse policies which only help chill the personal freedoms even further.

Corporate Espionage

[W.Mandamus (536033)]

"While your account information may be personal to you, these records constitute business records that are owned by AT&T. As such, AT&T may disclose such records to protect its legitimate business interests, safeguard others, or respond to legal process."

So lets see:
If I work at AT&T and a headhunter calls me at work or at home the corporation to check my phone records to "protect its legitimate business interests".

If I am a competitor of AT&T's, AT&T can find out what VC's I've been calling to "protect its legitimate business interests".

If I am sueing AT&T, AT&T can check my phone records to find out when I called my lawyer to "protect its legitimate business interests".

If I sign a contract with AT&T to provide me with my competitors phone records AT&T can do it to "protect its legitimate business interests".

You know if I were in charge of secruity for a major corporation I would be extremely worried about this.

Small Business and Corporations?

[fallen1 (230220)]

If AT&T can unilaterally change the privacy policy as it applies to users of those services (primarily individuals) what is stopping them from doing to same thing to small business as well as big business/coporations? Hmm? Lawyers? - perhaps. If I had a small business that used AT&T in any way, shape, form, or fashion I would be IMMEDIATELY and deeply concerned about the privacy of my business documents that are being transmitted over AT&T's network - by any means (T1/T3, OC3, Frame Relay, VPN, etc. - even encrypted communications). Suddenly all of my VERY sensitive corporate secrets become the property of AT&T? My e-mails are all logged? My browsing and viewing habits as CEO of said corporation are now catalogued and kept in a database at AT&T's Galactic Data Core? As a private citizen of the United States of America and as a corporate employee I say, unequivocally, FUCK THAT.

Every concerned citizen and individual should rail against these changes in their policy - even if you don't use their service now. Write to them and explain, calmly and rationally, why you would never use their service and how you will do everything in your power to explain to family and friends why THEY should not use their service either. Dissatisfied people talk to loads of other people. Pissed off people talk to loads of other people. ANYTHING negative gets spread, on average, 10 times more than positive things do. When was the last time someone you know went to the doctor and said they had a great visit? Probably can't remember that, but I can guarantee that _someone_ you know has been to the doctor/dentist/etc. in the past 2 weeks and has vented a complaint about "I had to wait FOREVER to even see the doctor and he was only in there for 5 minutes" or something along those lines. Will a write-in campaign from both people who are on their service as well as those who aren't work? MAYBE. Yes, capital maybe since is always an If. Corporations tend to be a little more responsive to loads of negative press and negative write-ins than the goverment of the USA seems to be. If a good many small businesses and larger businesses/corporations jump on the write-in bandwagon too (especially those affected by HIPAA, Sa-Ox and other "privacy" concerns) then I'd give it a good chance.

Not to mention who did NOT see this coming? Any company that uses the frigging DEATH STAR as a corporate logo has to be aiming for world domination somehow ;-)

Re:Any teeth to these?

[gEvil (beta) (945888)]

No, a company will most likely not punish themselves for violating their privacy policy. However, my understanding is that they do constitute legally binding agreements with regards to what they do with your information. If the company is found to have violated the agreement that was presented to you, then you do have legal grounds to pursue them for damages. Of course, IANAL, so the preceding may be completely wrong.

Furthermore

[aepervius (535155)]

Do you know many legal agreement between two private party, and which can be changed at any time by one party, even absolving this party from any previous legal agreemeent with the other party, without involving this second party ? Me neither.

a big BEND OVER to any percieved competitors

[Thud457 (234763)]

"I have changed the agreement. Pray I don't change it further."

Re:Any teeth to these?

[qbzzt (11136)]

The privacy policy is part of the contract. A company that violated its privacy policy, in a way that could be proven at court, could be sued. It's not a very strong guarantee (guess who can afford the better lawyers), but it's something.

Re:How is this legal?

[richg74 (650636)]

Yes, they can do just that.

While your account information may be personal to you, these records constitute business records that are owned by AT&T.

This really summarizes the legal problems with privacy here in the US. Although the data that people collect on you is "personal to you", it almost always, legally, belongs to whoever collected it. The hodgepodge of Federal and state laws doesn't help. For example, here in Virginia, my medical records are the property of my doctor. It was only relatively recently that legislation was passed that gives me the statutory right to see my own medical records.

This also relates directly to the more-or-less careless approach many firms take to protecting personal data. If the data belongs to them, they are that much more insulated from any legal consquences of losing it.

Bruce Schneier [schneier.com] has discussed this in a number of his blog posts and essays.

Re:How is this legal?

[mrchaotica (681592)]

You know, 10 years ago the only people worried about privacy were those crazy militia guys in Montana. Nowadays, they not only seem sane, but increasingly look like geniuses!

Re:VOIP modem to Out of country ISP?

[Oswald (235719)]

Well, it's interesting, but it kind of misses the point. I don't have anything to hide from the NSA; that's not why I want them to stop spying on Americans. I want them to stop spying on Americans because stopping is the right, legal thing to do. Attempting to circumvent their procedures might give be fun in a "stickin' it to the man" sort of way, but it doesn't really take us where we want to go.