Ask Slashdot: How Is It Even Legal For Websites To Gather And Sell Users' Data? 216
Long-time Slashdot reader dryriver sees it like this:
Lets say that I follow a person named John D. around for days without permission, make note of what John D. does and where he buys with timestamps accurate to the second without John D. knowing it is happening, analyze what kind of personality traits John D. has, enter that data into an electronic database where it is stored forever, and also make the data purchaseable to any third party who is interested.
Would I be breaking the law if John D. has not given me explicit permission to do this? Very likely. If this is the case for "meatspace data gathering", how can websites justify gathering information about visitors, and selling that information to third parties?
How would you answer this question? Attempt your own best explantions in the comments. How is your country balancing the need for online privacy with actual laws governing what can and can't be collected?
How is it even legal for web sites to gather and sell users' data?
Would I be breaking the law if John D. has not given me explicit permission to do this? Very likely. If this is the case for "meatspace data gathering", how can websites justify gathering information about visitors, and selling that information to third parties?
How would you answer this question? Attempt your own best explantions in the comments. How is your country balancing the need for online privacy with actual laws governing what can and can't be collected?
How is it even legal for web sites to gather and sell users' data?
That would probably mean you're a private eye (Score:3, Insightful)
Yes, the submitter's feelings aren't laws. Laws wr (Score:5, Informative)
The submitter seems to have some misunderstanding about how law works. "Very likely illegal"? What law would be violated? The submitter doesn't seem to quite understand that laws are written down, and given numbers for easy reference. For example, web sites must comply with US Code 2257. Unless the submitter can point to USC [number], they have a *feeling*, not a law.
I used to work as a private investigator and I did follow people. I had to be very diligent about documenting what I saw, because a PI is not supposed to tell the client or court what they *think*, only exactly what they *saw*. As a PI, I couldn't say "he's boning his secretary". I had to say "at 6:35 PM the subject entered hotel room #123 with a blonde woman of medium height. Both parties left the hotel room at 7:40". I can't speculate about what they did in the hotel room (could be discussing his campaign for governor of Arkansas), so I have to be specific about what I saw to allow others to decide how to interpret the facts.
Re: (Score:3)
Pretty sure if a company hired private detectives to follow millions of consumers around, documenting their daily habits, there would be a legal challenge.
They could challenge it all they want and they'd lose in court. As someone else pointed out, exactly what law is being broken by observing and recording public interactions?
Re: (Score:2)
Then the question isn't "how are they not losing legal cases over this" and more "isn't it time to change the laws to make what is currently legal, illegal?"
Re: That would probably mean you're a private eye (Score:5, Interesting)
No, it isn't inadmissible if you overhear something. There is no expectation of privacy in the jail cell where others can hear you.
Just like that cell, you have no expectation of privacy in public. It is very legal to follow someone in public spaces and record what they do, and use that information for financial gain. Want proof?
Hedge funds pay people ( and dispatch) interns to count the number of people outside of an Apple store, and record their gender and approx. age to gauge the excitement the public feels about a new iPhone, in hopes of gathering data on real market demand on launch days. The same rules for mass-targeting like that are also allowed with individuals. When CEOs or activist investors are seen walking into a company headquarters, it can have a positive effect on the stock when it gets reported.
All of this is legal because "there is no expectation of privacy" in public.
Now, a website isn't a public space, but the operator dictates what he does with the information in his private space. If you go to someones house for dinner, and he invites a third party (Mark Zuck), and Mark records the fact that you showed up, that isn't against the law. You agree'd to enter the house and be subject to its operators' terms of use when you navigated there. If you are unhappy with those terms, don't visit the site. Do not however, try and infringe on the operators freedoms because you do not like how he chooses to exercise them.
Re: That would probably mean you're a private eye (Score:2)
Facebook doesn't install anything surreptitiously on your phone or car, or anything. You elect to install those things.
Re: That would probably mean you're a private eye (Score:2)
When you buy a piece or property, you have dominion over it, and can be private in it if you wish. You effectively make a contract with the state that this property is yours, and you are (somewhat) free to do in it what you please. So, it's private. Which is why the police can't barge in and search, absent a warrant. A homeless man has made no such covenant, since he didn't buy a home. He could try the homestead act if he goes to an unclaimed part of the public space .
Legal is relative to jurisdiction (Score:4, Insightful)
One can't answer your question unless you specify "legal in jurisdiction X". For example Europe has GDPR, USA or Canada or Mexico or China does not, but they have other laws.
So I guess I would answer your question with "Legal where?" and a disclaimer "IANAL". ;-)
Re: (Score:2)
"Legal where?"
Post says "How is your country balancing the need." So the "where" is "wherever you are."
If you need something more specific than that, I'll have to wait till Slashdot gives me that location data I paid them for.
Re: (Score:2)
It's definitely not legal in Europe. GDPR requires explicit opt-in permission for tracking and profiling.
Re: (Score:2)
In America it would be illegal for an individual to do so if the subject legally objected (restraining order). That's because your interest is assumed to be personal.
A business entity has an assumed interest of revenue. So it is legal as long as there's no law against it, such as the European privacy laws.
You can't equate individual actions and business actions, because individual actions do not have a business plan, charter, nor governance to claim a particular interest. Not that they have to be truthful,
Re: Legal is relative to jurisdiction (Score:2)
Private detective (Score:5, Insightful)
Lets say that I follow a person named John D. around for days without permission, make note of what John D. does and where he buys with timestamps accurate to the second without John D. knowing it is happening, analyze what kind of personality traits John D. has, enter that data into an electronic database where it is stored forever, and also make the data purchaseable to any third party who is interested.
That sounds a bit like a private detective, with the exception that they typically work for a specific client.
Also, if you stop to think about it, going to a website it like going to some person's private establishment. I'm visiting their server, so it's their rules. Stores no doubt track my purchases, and some even have cameras on presence that record my every action. If I have a problem with it, I can take my business elsewhere.
Sure, terms of service could be more explicit, but most people wouldn't bother to read them or would just click through like they did when they signed up for a Facebook account or half of the other shit they use online.
Re: (Score:2)
Sure, terms of service could be more explicit, but most people wouldn't bother to read them or would just click through like they did when they signed up for a Facebook account or half of the other shit they use online.
They tell you that they will record all your data, and you agree to it. That's why it's legal.
Re:Private detective (Score:5, Insightful)
Example 1: Facebook and Twitter track you on every web page you ever visit with Facebook or Twitter "share" icons (or "like" in the case of Facebook). They don't tell you that. (In fact they track people who have never been to Facebook or agreed to a damned thing.)
Example 2: It is illegal in the United States to track people who are less than 13 years old, without explicit parental consent. Yet not only to Google, Facebook, and Twitter do this on a massive scale, they don't care about the law and don't even try to abide by it.
The latter is BIG. The fine per violation is significant. If it were actually enforced, those companies would be out of business very quickly.
Re: (Score:3)
Example 2: It is illegal in the United States to track people who are less than 13 years old, without explicit parental consent. Yet not only to Google, Facebook, and Twitter do this on a massive scale, they don't care about the law and don't even try to abide by it.
Well I don't care if they go out of business.
Re: Private detective (Score:1)
Not to worry. Facebook and others let you opt out. You just send in proof that it is really you, SSN, DMV, Passport, etc, and then they will let you go to a special page to log in and get a cookie. As long as you keep that cookie, they know it is you and that wherever you go, you asked to not be tracked.
They may need to send you a new cookie from time to time to make sure you are still you and don't want to be tracked, so you may need to login again. But they won't ever change the rules, without updating th
Re: (Score:2)
As long as you keep that cookie, they know it is you and that wherever you go, you asked to not be tracked.
So they track you in order to....not track you?
Re: (Score:1, Interesting)
Also, if you stop to think about it, going to a website it like going to some person's private establishment. I'm visiting their server, so it's their rules. Stores no doubt track my purchases, and some even have cameras on presence that record my every action. If I have a problem with it, I can take my business elsewhere.
Ideally, yes. In practice, no. What is going on with all the "tracking" servers is comparable to one company installing cameras in every store in your city, then collating your movements from store to store as you go about your business. While store A may not know that, after perusing their goods, I then went and bought from their competitor store B; the ones who are running the cameras in both stores have access to this information. Worse, neither store A nor store B posts anywhere that my actions are
Re: (Score:2)
You are assuming that the physical world doesn't do certain things that happen all the time.
You're under the dangerous impression... (Score:1, Troll)
.. the rule of law exists in this world. There are two sets of laws, one for the rich and corporations and another for the rest of us. The reality is the internet and technology has made it cheap and easy to collect data on everyone. Even if you wanted privacy it can't exist due to technological advancement. Our technology is making rule of law irrelevant.
The last 20 years the internet enabled software companies to steal peoples game and OS software (drm) and remove their privacy by force because we c
How would this be illegal? (Score:5, Insightful)
What makes you think any of what you described in 'meatspace' is illegal? It's not, in the US, anyway. PERHAPS could be considered under harassment or stalking laws if it was very blatent, but if you are in public, you are subject to anyone recording/photographing you and what you are doing, pretty much.
Re: (Score:3)
There are exceptions, but you are correct. It becomes confusing when you start to take apart what being "in public" means. When I am on a website, I might be sitting in my home. Am I in public? Not all online behaviors and environments are analogous to meat space.
So I guess the answer is, "it's complicated, but we better have this conversation in a meaningful way and get it sorted."
Re:How would this be illegal? (Score:4, Insightful)
Re: (Score:2)
As an AC up the page pointed out, a better analogy is some company, or rather a couple, running video cameras in all the stores you visit and tracking what you do in every store and putting it together in a way that a cashier following you around one store could never do.
Still legal, but much more creepy, especially when it is all done without your knowledge.
Re: (Score:1)
You're making my point about why online activity is not analogous to meat space.
If I'm in my home, and I google "treatment for liver cancer", am I giving implicit consent to google to share the fact that I might have liver cancer with others? With my insurance company? With my employer? Have I given consent to share that particul
Re: (Score:2)
If you're in your home and ask your friend Joe what he knows about "treatment for liver cancer", you then have no recourse (except to be upset and not tell him anything in the future) if he uses the fact that you asked him about it to share it with an employer, insurance company, etc...
Asking Google, unless they promise you something different in a contract with you (typically contained in a terms and conditions, if you accept one), is no different.
Typically once you tell someone else something, they are un
Re:How would this be illegal? (Score:5, Interesting)
You made a logical leap. If I ask google about "treatment for liver cancer", am I "telling" them anything? Or is their algorithm making an assumption about me?
Can you cite the part in the Google user agreement where I waive my right to privacy regarding health issues?
Let's extend the thought experiment: If I google, "how to quit smoking", and then I get a notice that my insurance premiums are going up because I'm a smoker, has my privacy been violated? Did I agree to allow Google to share the assumption that I am a smoker with my insurance company? What if I'm googling that information because I'm trying to convince my neighbor to quit?
We conflate being online with being in public because we've been conditioned to do so by corporate behavior, but it doesn't necessarily have to be that way. We're already seeing laws being passed in parts of the world that are more protective of people's personal information when online.
Re: (Score:2)
Can you cite the part in the Google user agreement where I waive my right to privacy regarding health issues?
Except making an assumption about a person just not a privacy health issue.
Let's extend the thought experiment: If I google, "how to quit smoking", and then I get a notice that my insurance premiums are going up because I'm a smoker, has my privacy been violated?
No. If you walk into your insurance office and they notice you smell of cigarettes that isn't violating privacy either. The thing about the privacy of your health is that your health records need to be kept private, those analysis, doctors diagnosis, and treatments are subject to strict privacy regulations. What people think about you based on what they overhear you say is not subject to any privacy.
What if I'm googling that information because I'm trying to convince my neighbor to quit?
What if you were having that conve
Re: (Score:2)
I'm not sure you're seeing this literally enough. Yes, you're telling Google that you're interested in finding web sites about "treatment for liver cancer". You're literally sending Google's a communication to that effect. You personally told them, using your computer, that you value that information for something.
In terms of assumptions, if anyone is making assumptions about you, then that's a different (or at least additional) question, which isn't different legally if you tell someone at a generic servic
Re: (Score:2)
I get you. But it has to be taken as a whole. If google collects enough information about me from other sources to determine my real identity, even though I never gave them such information, the
Re: (Score:1)
You didn't give them your name and address, did you?
Re: (Score:2)
No, but they have it nonetheless.
The question becomes not "what information does Google have", but "what can google do with that information". I can see laws cracking down on it, the way they do in certain countries, and some very big companies not being quite so big any more. It's happened before.
I think we keep begging a question, here... (Score:2)
We keep assuming that it's our data. I'm not so sure it is.
Consider a different situation:
A woman has a baby. He grows up to be a famous actor. He doesn't want his birthday published because he believes there is age discrimination in Hollywood. His mom wants to write an autobiography. They each have a valid claim that the date in question is their own personal data.
If I google erectile dysfunction treatment, I think "My request for Google to bring me information on ED is my data," but Google thinks "Th
Re: (Score:2)
Legal custom would seem to indicate that your medical history is yours, but I get your point.
I guess what it comes down to is what we will allow Google to legally do with our data. As someone else pointed out, it depends on jurisdiction. We will eventually move to similar privacy laws here. There is a chance that we will look back at the past few decades as an anomaly in regard to the public/
Looking back (Score:2)
Well, here's hoping you're right.
Re: (Score:2)
HIPAA is widely misunderstood.
HIPAA applies only to the keepers, transmitters, or receivers of medical records. Observers (third parties) cannot violate HIPAA.
For example, if you're taking pictures in public of a child being treated by paramedics and they tell you that you cannot record them or the child "because of HIPAA", they are wrong.
Recording the entrance of a hospital (and the people coming and going) is not a violation of HIPAA.
If medical records are improperly handled or stored and you see them, yo
Re: (Score:3, Interesting)
They are not gathering data, (Score:5, Funny)
They are enhancing the customers experience.
Re: (Score:2)
They are enhancing the customers experience.
Sounds like a good tag line for a WiFi connected, smartphone controlled vibrator [amazon.com] -- even has a built-in camera.
Improper Analogy (Score:1)
Lets say that I follow a person named John D. around for days without permission, make note of what John D. does and where he buys with timestamps accurate to the second without John D. knowing it is happening
No, a more apt description would be that John D spends all of his free time at the same Target. He buys all of his stuff there using a Target credit card. He talks to the employees constantly. He hangs out with his friends at the attached Starbucks and has loud conversations with them. He eats at the attached Subway every day. He uses the Target pharmacy for all of his prescriptions.
Then, he finds out that the employees of that Target know all of this stuff about him and is appalled.
Re: (Score:2)
And that they can be expecting even before he expects it [forbes.com].
USA Laws (Score:3)
USA Laws are limited by these 2 main laws that limit it by age (under 13) and healthcare respectively: COPPA https://www.ftc.gov/enforcemen... [ftc.gov] and HIPAA https://www.hhs.gov/hipaa/for-... [hhs.gov]
And then it's not really limited anymore except by state. Which a summary exists here: https://en.wikipedia.org/wiki/... [wikipedia.org]
They're not following you to observe what you do. (Score:5, Insightful)
You are going to their house and doing what you do, and they're just making note of what you did in their living room.
Re: (Score:3)
Re: (Score:2)
You are going to their house and doing what you do, and they're just making note of what you did in their living room.
No, all of those social media buttons and ad banners and "free" analytics tools and fonts, etc., those are mechanisms to spy on you. That's how they follow you around, well outside of their living rooms.
It's more like each major tech company controls a fleet of cameras. These cameras are absolutely everywhere, on the roads, in the shops, in the fitting booths, in your living room, in your bedroom in your car, at the restaurant where you eat, at the cash register where you pay for your groceries, in the sex shop where you buy your dirty magazines ... everywhere. If you sit down on any toilet to take a dump you'll find cameras belonging to Google, Twitter, Facebook, Pinterest, and a whole legion of tech, adv
Re: (Score:2)
You are going to their house and doing what you do, and they're just making note of what you did in their living room.
So... when they send their response to me and they include a 3rd party ad that is malicious and it is executed on my computer are they held liable for serving up a 3rd party ad? If they can do whatever they want while I am connected to their server then they need to be held liable for what they push to my computer.
Re: (Score:2)
How would a company do if they set up face recognition in their store, had AI analyze everything you looked at and bought as you walked around, and shared all that info back into facebook or google or amazon's database on you?
Well, there was a little disclaimer in the lower right of their sliding door, I suppose.
Not "following them around without permission" (Score:5, Insightful)
The real-world analogy would be more like keeping track of someone's location and activities who entered your retail store, then using/selling that data as they see fit. People may not like that, but I don't think there's any serious theory that it would be illegal. (Let's ignore for a moment the places in that retail store where you'd have a reasonable expectation of privacy like changing rooms, since that's outside the scope of the submitter's doe-eyed question.)
In the same way, you visit someone's website, you play by their rules. This doesn't seem particularly complicated or surprising.
Re: (Score:1)
Except your conception of the interaction is backwards. Websites are sending representatives of the company to your house (or more specifically your computing device). Despite the common terminology, it is entirely unlike going to a retail business. The web is a lot more akin to traveling salesmen, and I doubt most people would be comfortable with a salesman that, once invited in, can never be removed from the premises (and in fact will often invite third parties in through other entrances once inside).
T
On your computing device? (Score:3)
Serious question.
If all online services did not leave tracking cookies/spyware/etc on your computer, would you be ok with all of the other data accumulation and trading that happened?
Re:Not "following them around without permission" (Score:5, Insightful)
Well... while I can't fault your logic, I think your summary understates just how much previously private information we're now exposing. For example take newspapers, my dad still gets one in the dead tree format. Nobody knows what articles he reads or how long he's read it in total and outside the paperboy nobody knows if he's picked it up at all. With online newspapers they know exactly when and what you've read and with JavaScript probably how long it took, how often you scrolled the page and overall created way more data on whoever read the semi-critical article on the Party. Same goes for video games, TV series and whatnot... it used to happen on your computer, now there's a log in the cloud.
Re: (Score:3)
Hmm...one of my neighbors gets the dead tree newspapers. I don't have a clue what they read of the paper, but I DO know whether it's been picked up daily, since I walk by their house every morning with the dog. And I've occasionally known when they were on vacation when they forgot to stop paper
Re: (Score:2)
Http request is requesting data. It is not requesting to be tracked, much less shared around.
Re: (Score:2)
Under current law, or you think there's no way we could make it illegal??
Public space? (Score:3)
Re: (Score:2)
If it's a public space you have no right to exclude visitors that do not agree to your terms. You only have the right to enforce terms in your own private space. You can't go into a market square and start kicking people out. And if it's private space, then it's private for the user as well, meaning you cannot record it without consent.
So which one is it?
Why wouldn't it be ? (Score:1)
Especially since you agree to their terms of service when you sign up.
The free product is not free. (Score:2)
Use an ad company that offers "free" services and the ads will flow.
Block it as best you can & live with what's le (Score:3)
This makes the leaks obvious: one random item I browsed will follow me around in ads on several sites.
Of course, Amazon knows exactly what I want, and Google knows I go to (legal) cannabis dispensaries on my vacations, but I can live with that.
You are confusing the impractical with illegal (Score:2, Insightful)
It's not necessarily illegal to follow someone around without there permission to the extent you are not entering private property illegally and trespassing. Basically assuming nobody tells you to say leave a store following someone onto private property of a nature open to the public it is going to be legal. There may be statues against harassment, but those are going to be more specific. There may also be laws against practicing investigations without proper licenses. However following someone around and
...and then there's the copyright issue (Score:3, Interesting)
Re: (Score:1)
This is definitely a misapplication of copyright law, in literally every jurisdiction.
What you do in public is subject to recording. Angry reactions to glassholes aside, people have the right to photograph you in public.
Re: (Score:2)
This was settled ages ago (Score:2)
If we made every bit of data that involves you copyrightable it wouldn't really help. You don't have the money to litigate dozens of copyright lawsuits. It would just turn into a useful tool for the wealthy to quash criticism against them.
Re: (Score:2)
The Traveling Salesperson analogy (Score:5, Interesting)
Imagine you phonecall a company and say:
Send me a travelling Salesperson, please. Or a delivery service and say, please deliver a newspaper to my office.
They answer: "sure, but there are some conditions for that convenience, please, for the next 8 minutes listen carefully to them."
You do not listen, instead, put the phone on the table, set your watch to 7 minutes, and go brew a tea.
You return, and when the operator asks: "Do you agree to our terms?" You say "yes"
It turns out that the terms include the salesperson or deliveryperson staying in your office long after the transaction is concluded (you place your order or get your newspaper), taking notes of many of the things you do, correlating those notes with those of other delivery companies/salespeople/third parties and a long and creepy et cetera.
But hey, you neglected to hear the terms of their service, because those terms were boring, and instead you went for tea.
Having corrected the analogy used by dryriver, the correct question to ask slashdot is:
Are the terms of service used by most websites even legal?
Terms-Of-Service is irrelevant (Score:2)
The only thing that covers is your expectation of continued service.
Privacy is covered by law and is not something that can just be signed away because a company would like it that way.
The real problem is simply these companies aren't being challenged in a way that financially hurts. I'd be happy if Facebook couldn't exist due to burden of fines.
Signed away (Score:3)
Jurisdiction and liability can't be signed away, but privacy absolutely can. In fact you can give it away for free, just make your your private information public, and bang! You're there.
Re: (Score:3)
Well, we've been electing anti-regulation (Score:4, Insightful)
Seriously, it's not complicated.
Not that complicated (Score:2)
Yes, it seems we're not that good at overcoming simple, sound-bite messaging. For too much of the American electorate, 'simple sells.'
Not there yet. (Score:1)
My country is still debating if Global Warming is real or not, if Evolution is real or not, if Vaccination creates Autism or not, if the Earth is flat or not etc. Online Privacy is too advanced a topic for us right now. Perhaps in a couple of decades we will get there.
It's not users' data (Score:1)
Simple answer: It's not users' data. It's data *about* the users.
When you take out a pen and paper and write down the colour of your dog, that data isn't *owned by* your dog. If you kept a record of your customers height and weight on your own hard drive, your customers don't own that data.
If you make a website, and record data about your site's visitors, your visitors don't own that data. It's data *about* them.
Re: (Score:2)
Stalking laws? (Score:2)
Per the following someone around parallel, I wonder if this comes under stalking laws?
its legal because..... (Score:2)
you give them permission to do so.
even this very site is like that.
see also: https://slashdotmedia.com/priv... [slashdotmedia.com]
I see a business opportunity here (Score:2)
well (Score:2)
well, you do give the website permission by agreeing to their terms of use.
Seems to be a blind spot in people (Score:5, Insightful)
For some reason people seem to judge the harm of bad behaviors in terms of the average harm done to an individual, rather than to the overall harm done to society. A spammer sends out a hundred million spam emails, and people say "what's the big deal? It only takes you 3 seconds to realize it's spam and delete it." But 3 seconds times 100 million is 9.5 years of cumulative wasted time and productivity. Likewise, people handling private customer data don't take it seriously, since each individual's data is probably only worth a few dollars. Nobody cares if they lose a few dollars, right? But multiply it by several hundred million people and you're doing serious economic damage if you take it without permission or let it get stolen by hackers.
Why is this a worry (Score:2)
The wrong metaphor (Score:3)
You've got the wrong metaphor.
Open up the session monitor in your browser of choice and you'll see it as a series of requests. Now the metaphor is much clearer: you're ringing them up, and asking them things. Your browser, on your behalf, is sending the data that lets the session persist and allows inferences to be drawn.
*ring ring*
ACME: This is ACME products, how can I help you?
John: Hi, I'm John, can you show me products related to 'shoes'?
ACME: Okay, here are leather shoes, casual shoes, trainers.
John: This is John again. I want casual shoes.
ACME: Mens or womens?
John: This is John again. Mens please. Brown, size 10.
ACME: Here are some styles of mens shoes in that colour. - writes down that John may be male, adult -
John: This is John again. Thank you I'd like to buy these ones.
ACME: Okay John, done. Would you like to see some women's shoes?
John: This is John again. Yes, women's, adult, formal.
ACME: Okay John, here are some formal women's shoes - writes down that John may be married to a woman, employed -
John: This is John again, bye.
*click*
I think the idea that this is 'users' data' to be misleading. It's the company's data regarding a request from a user. If I keep track of how many red or green apples I sell and in which months of the year and whether the seller is male or female or tall or short, that's sales data.
is consumer tracking legal (Score:2)
Before the web, user information was gathered based on TV channels you watched by vans equipped with radio equipment that could detect which channels were active on a TV as they drove through neighborhoods for ratings or licensing purposes: https://www.theguardian.com/no... [theguardian.com]
Credit card companies, magazine subscriptions, and mail order catalogs requested were also valuable sources of consumer interests
The searc
Borked (Score:2)
It's called Surveillance Capitalism. More than just our labor, information about us is an object of economic value. In effect, people have been turned into commodities.
Market research's psychographics classifies us according to our social niche. That information is then used to micro-target specific segments of the market, the segments we occupy. As part of a massive feedback loop, words a
Ask Equifax (Score:1)
I would pose this question to Equifax and transunion. They have been doing it for decades before the internet was born.
Not the same (Score:2)
In the case of a web-site, it's not like following a person through public. It's like following a customer of yours around your own store.
I don't think you'll find any jurisdiction in which it's illegal, or even frowned upon, to record how customers walk through your store, which shelves they look at, which clothes they try on, which products they pick up. And if you want to sell your customer-usage data to someone, it's yours because it's actually your customer data.
This all comes down to the purple pages
What user data? (Score:2)
I expected this question to be about data collected from my computer, not the data I send to the web site.
Ad blockers are a security tool, and the main reason I use them is to keep ad companies from trying to break into my computer. I've come across way too many malicious scripts in ads over the years. Given how many legitimate companies have been caught doing that, is anyone taking that seriously?
I don't own a smartphone at all. I don't even want to know how much questionable yet suspiciously legal data
Think About The Harm (Score:2)
It might be worth taking a brief detour here and considering the way that society determines whether or not a particular activity is legal or illegal. This is a significant simplification, but in general terms we could summarize the core principle of illegality as being a range of activities which cause harm or damage to those disadvantaged by it.
If I steal from you, you
It's not. (Score:2)
... Oh, wait, you're probably in the US. Errrm ... Nevermind.
Seriously you guys across the pond should probably just copy the new EU GDPR verbatim and be done with it. That would save you a lot of hassle. It's a great law and although it forces me to do muy job more diligently that actually by and large is a good thing.
Just sayin'.
Article 27 will balkanize trade (Score:2)
Article 27 of the GDPR includes a requirement to hire a representative within the customer's country or confederation thereof. Currently, article 27 representative service from VeraSafe [verasafe.com] starts at $2,700 per year even for the smallest businesses, including those with less than $1 million of annual revenue. If counterparts to GDPR adopted by other countries include a counterpart to article 27, then any small business that sells goods or services internationally may end up spending so much on representative se
Most things are legal... (Score:2)
...until they are made illegal.
Nope (Score:2)
"Would I be breaking the law if John D. has not given me explicit permission to do this?"
No, you would not be breaking the law.
Repeat after me: "There is no expectation of privacy in public, PERIOD."
Anything that can been observed from a public vantage point can be recorded, noted, drawn, sketched, photographed, etc etc etc.
False premise (Score:2)
A couple of points: (Score:2)
2) Any store you patronize must know that you were there. That is inherent in making any transaction. Since the store is their private property, just about everywhere allows them to set up sec
It's in the EULA... (Score:2)
You gave them permission! (Score:2)
You know that link on the home page of every site that says "Terms of Service"? Or that long document you clicked "I agree" to when you started using a Web site? You may not have read those documents (and that is what they want), but in those documents, YOU give the Web site explicit permission to track you, and for them to sell your tracking data to whomever they want.
Sure, you just skipped over that. They didn't. They knew you would agree to whatever terms they put in front of you, because you want to use
Re: (Score:2)
Re: (Score:1)
He was, in fact, convicted of ten counts of securities fraud. And then he died.
Re: (Score:2)
Re: (Score:3)
In a free country, everything is legal which is not explicitly illegal. So nothing has to be "made legal" unless it was previously made illegal.
In this specific case, the information you choose to send to a website from your computer is completely under your control. You don't even have to hook your computer up to someone else's network if you really don't want anyone to know anything about what you do with it. They aren't pointing TEMPEST gear at your windows, you're voluntarily sending them information fr