The Maturity Paradigm

In healthcare we have an insatiable appetite to adopt new technology

Should we be worried

About state-sponsored attacks against hospitals?

Security and the Board Need to Speak the Same Language

How security leaders speak to thier C-Suite and Board can make all the difference

Who'd want to be a CISO?

Challenging job, but increasingly well paid

Medical Tourism - Growing in Popularity

Safe, fun, and much, MUCH more cost-effecitive

The Changing Face of the Security Leader

The role is changing, but what does the future hold?

Cyber Risk Insurance Won't Save Your Reputation

Be careful what you purchase and for what reason

Showing posts with label US lags Europe on privacy practices. Show all posts
Showing posts with label US lags Europe on privacy practices. Show all posts

Not Opting-Out doesn’t mean that I am Opting-In!



Does the fact that I didn't explicitly ‘opt-out’ of your email list mean that I agree implicitly to you sending me unsolicited spam email, or any partners you may decide sell my contact information to?

Does the fact that I missed or failed to uncheck the tiny radio button in your 17 page agreement mean that I agree to providing you access to datamine my contacts, my bookmarks, or my internet history?

Most users would say, “No!” However, Facebook announced recently that it intends to start targeted advertising to its users, by pulling their interests, passions and surfing habits from their Web browser histories.
The free content ad network said in a blog post that Facebookers who hate the idea of yet more intrusive advertising, can switch the feature off via the "industry-standard Digital Advertising Alliance opt out". In other words, all Facebook users in the US will have their browsing behavior tracked by default. The company would not be able to do the same stealth-ad-bomb exercise in the European Union, however, because consent for such a mechanism has to be granted first.
While one can appreciate the need for companies that offer free services, to pay for those services via advertising - a principle that many a Web-based business uses, the fact that a U.S. based user is deemed to have consented to the use of their personal and private information, as Web browsing history surely is, only because they haven’t yet opted out is ridiculous.

Are you sharing a computer between several people? You'd better hope that one of them doesn’t like to surf porn or your Facebook targeted advertising could be interesting!

Less than 1% of users ever read the small print of the absurdly long, unintelligible and usually highly legalese user agreements, let alone the constant changes of agreements as a company updates its policy. For a company to claim then that users have been informed and are fully cognizant, aware and agree with the company’s latest policies is delusional. Most users have no idea what they are agreeing with; they just want to get on to Facebook to see who has posted to them on their way home from work, school or the airport.

To further claim that because a box agreeing to give up some aspects of a user’s privacy is checked by default by the owner of that page, and that a user must uncheck such a box or radio button to NOT grant such access, before clicking the large bright button at the end of the agreement, which states “I agree,” is insane to rational and intelligent users.

“I didn’t agree to that!” is what I often hear from common users – and quite rightly so.

Yet in the United States this assumed legitimacy of the corporations to pillage whatever private information they please goes largely unchecked. In Europe or Australia (other modern and arguably more advanced civil societies) such actions would land those corporations in court, having to cough up hefty fines and punitive damages while forcing them to leave court with a preverbal corporate tail between their legs!

As recently as June 1st, a UK Court ruled against a large retail store for spamming a prospective customer who inquired about home delivery of groceries and had to enter his home and email addresses in order to find out if they serviced his area. He failed to notice the hidden checkbox that the retailer had checked by default asking for permission to add him to the store’s email list. The court ruled against the retailer and awarded damages to the plaintiff.

The store argued that because the plaintiff had not opted-out of receiving their emails, he had automatically opted-in. The court however agreed with the plaintiff that ….
"..an opportunity to opt-out that is not taken is simply that. It does not convert to automatic consent under the law and companies risk enforcement action if they use pre-ticked boxes.”
If the owner of a web page checks a box granting consent to itself and the onus is on the individual to reverse that action then the owner has not received permission to whatever agreement the checkbox referred.

Facebook said it planned to start offering ad preferences controls to US users over the next few weeks. The policies governing its new targeted advertising initiative however will not be released until later this year.

That’s akin to Congress passing a law and deciding what to put in that law at some point after the Bill has been passed and gone into law......and Americans sometimes wonder why the rest of the world doesn't take them seriously!