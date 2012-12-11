>"So it was heartbreaking to see that some of our users were upset to learn about how we monetize our free service."
This reminds me of the United CEO "apology" that wasn't. Really, your gentle little heart was just shattered to learn people were upset that you send their bloody Lyft receipts from their email inbox to Uber!! You pour soul!
You know, America, you could do with less bullshit. I would respect this guy more if he said simply, "We offer a service at no charge, and in order to make money, which is what we need to live and so do our employees, we mine data from inboxes and sell it. This is all in our privacy policy which I advise everyone read before they hand anyone access to their email."
You can deal with that. I can deal with that. Most people here can deal with that. A lot of people can deal with that. The news can put some spin on that, use it to enrage a bunch people who don't know any better causing a problem that makes shareholders unwilling to deal with that.
Welcome to the modern world. Being frank about things isn't a risk worth taking.
It frustrates the shit out of me, but I think it's true in many cases. This company would have died instantly if they had been up-front about what they were doing. By lying, they've managed to have some success. I don't condone lying and I wish they wouldn't do it, but given the incentives, I'm not surprised that they did.
What would be scandalous (and still might be) would be for this to be revealed, and no one to care about it. I'm cautiously optimistic this might be the case--even Uber's bad behaviour is catching up to it.
The ship is going down fast, but how much money did they make in the meantime? Will the CEO's salary and bonuses be clawed back? I doubt it.
And, of course, nobody is saying that it's a good thing that companies are evaluated on profit and not morality, just that it's true.
Yeah, if they were going to sell your Lyft receipts to Uber, they should have been very clear that this was what they were doing. But that's secondary to the fact that they never should have been doing that in the first place.
I think this bit sums it up perfectly:
"I can't stress enough the importance of your privacy. We never, ever release personal data about you. All data is completely anonymous and related to purchases only."
They care so much about your privacy that they only sell info about the stuff you buy, which is definitely not personal in any way, somehow.
We'll tell Uber about that time you went to visit your girlfriend, and we'll sell info about that weird t-shirt you bought, but your privacy is totally important. Yup.
Edit: I should probably clarify, I'm sure they do get it, but they don't care and want to keep selling your data, so they'll pretend like the failure to disclose was the big problem.
Or did they simply sell something like "of our 100000 users, 30% bought Lyft rides."?
I mean, I still think it's wrong, but selling who bought what is a bit different than selling how much of a group bought how much of an item.
Their privacy policy lets them sell individual messages as long as they're scrubbed of "personal information." Where their bar is for that is anyone's guess.
If all they wanted to do was collect and sell aggregate data, you'd think they would say so, and would have reiterated it in their "apology." If they actually gave a shit about their users' personal data, they'd make sure their privacy policy was as restrictive (for the company) as possible while still permitting them to operate.
"We collect such commercial transactional messages so that we can better understand the behavior of the senders of such messages, and better understand our customer behavior and improve our products, services, and advertising. We may disclose, distribute, transfer, and sell such messages...." [emphasis mine]
Of course they might not sell your messages, but it's pretty weird that they'd put up a "we totally can sell your vaguely anonymized messages" and then not take advantage of it. What they sell to Uber may not be what they make available to you.
Even if they don't currently, they could start doing so at any time. And even if you somehow trusted them not to, they could get bought out by someone not so trustworthy.
Now I'm curious: what is the commercial value in the aggregated email content that would make someone want to pay for it, besides the purchase and receipt data that Slice is already providing (plus subscription and open rates)?
Until all companies that trade in user data are required to disclose how they do so by a regulatory body, and users have an access to an example "slice" of the data being traded, this will continue the way it does, because the incentives are there.
I disagree. I think it's fine if a company wants to sell personal emails as long as they are completely up-front about it. But in that case almost nobody will sign up, so the amount of personal data being sold is minimized in either case.
After, that head into Google > Account > "Connected Apps & Sites" > Manage Apps -- and then explicitly remove Unroll.me there too.
Don't do the reverse as the Google Access is needed to log in and delete the Unroll-side data*
* Assuming they delete anything, but still worth doing.
PS: Event doing what you propose "less lobbying, less money in politics" would require lots and lots of lobbying (as this is the current system).
It doesn't seem like laws specific to some European country should apply anywhere outside of that country. I can maybe see the EU(since they like to apply laws everywhere).
You did call them 'customers', which means there's an exchange of money. Is there a restriction on European banks to prohibit them from dealing with sites that don't comply with the country's law?
As for laws specific to a country applying outside it: you can do whatever you want but the moment you hold assets abroad or intend to travel you are exposing yourself to potential legal action, something always good to keep in mind. The United States has a long history of enforcing its laws outside its borders.
Also, you are wrong about how you'd go about implementing such deletion. You don't need an 'is_deleted' flag at all to keep your foreign keys valid, all you would have to do is to overwrite the record with random data or blank the personally identifiable fields and delete anything that that user has given you. That's not that hard and purposefully mis-implementing that would not look very good if it ever came to a lawsuit. Pro-tip: consult with a lawyer versed in the matter if you want to do this stuff at all it is better to do it by the book.
"Keeping foreign keys valid" is not an excuse to break the law.
If they use it, they're the ones breaking the agreement.
Not sure what would happen though. If they sue you, you can probably sue them back. But not sure what you would end up needing to do.
A lot of Japanese sites IP-ban foreigners so they don't have to deal with them. I always figured, why not leave the site open for everyone but not officially support them? I guess putting technical measures in place prevents having your assets seized, or being sued or arrested when you step foot there.
If an EU customer with data retention laws uses a VPN to bypass an IP-block(and pays with bitcoin or something), would you still be subject to their laws? Or would the attempt to block them be sufficient legally?
This sort of behavior is exactly why the industry is no longer self-regulating but is now forcibly regulated in the EU. And soon to be much more forcibly regulated, come 2018 the new version of the DPD will come into effect which has much more teeth because there are still plenty of companies that are trying to evade their responsibilities. For instance, from then on, if you have been breached you will be required by law to report the breach.
So, be nice to your users, respect their data and try to be better than your competitors rather than to find ways in which you can creatively evade legislation that is especially meant to apply to you and your customers.
To me, the troubling factor is that the EU hasn't clarified the law so seeks to apply it to individuals who are not in the EU and never intended to do business with EU residents.
any other identifying information
Honestly though, if you tell users you can delete their data on request, you should just do that - delete all of their data, full stop. If you can't or choose not to, you should just be up front about that, also - that means in plain language they will see, not buried in a TOS or whatever. It's the only ethical way to handle this. National boundaries and jurisdiction are side issues, really.
Not really, at least I've found keeping data much harder than deleting it. The only hard part is backups.
Deleting all data is as you note, easy, with the exception of backups.
Basically, bad apology
So, I'm totally unfamiliar with this and the CEO doesn't elaborate on what happened at all so can someone give some context? Reading this thread I can see it is something to do with GMail...
What is/was unroll.me? What service did they claim to provide? What did they get caught doing? How did they get caught? What did their private policy not say?
BTW, if you are interested in the art of the apology and apology analysis check out http://www.sorrywatch.com particularly http://www.sorrywatch.com/2012/12/11/the-parts-of-a-good-apo... and http://www.sorrywatch.com/2012/12/12/parts-of-a-bad-apology/
>Instantly see a list of all your subscription emails. Unsubscribe easily from whatever you don’t want.
So, probably makes sense for them not to unsubscribe so they can still get any info on you but to the layman, it would seem they unsubscribe you from emails.
It would also be nice if there were a way for folks with the gmail ID of a thread to download the parsed thread/attachments from Google, with a special scope designed for this. (So that services can get the entire DKIM-validated thread by just letting users copy an address, forward the last message, or via a plugin.)
I spent over a week writing our TOS, privacy policy, and security page, but privacy laws and the underlying technology should be sane enough by default that people shouldn't need to feel like they need to closely parse every word before signing up.
For example, there are several travel apps that watch for flight and hotel emails, and then track them / notify you about them. If I could give the app permission to access emails from delta.com, united.com, southwest.com, and aa.com, I would be a lot more comfortable granting access. As it is now, I have to give the app read AND write access to ALL email.
Original thread: https://twitter.com/elahd/status/575692415132135425
DMs: http://imgur.com/H0UABYa
"We were mining your emails for profit and tried to hide that in our marketing and brand. We will continue to mine your emails if you want to use our free service, but we'll be more upfront about it in the future."
Why bother trying to act sincerely apologetic? I'd be more sympathetic to them if they would just bluntly state what they want to do.
It seems it would be better received if they were up-front in this instance.
They might as well tell their users, "This is how it is. Take it or leave it." Instead of trying to wrap that same message in a layer of false sincerity and lies.
Speaking for myself, I'd never even heard of this company, so I doubt it's an HN darling particularly.
From https://news.ycombinator.com/item?id=14180463
However, their Privacy Notice claims to not store emails that are not personal emails but certain types of "commercial" emails as defined by the CAN-SPAM act.
Are they really hoovering up everything?
From https://unroll.me/legal/privacy/
> We also collect non-personal information − data in a form that does not permit direct association with any specific individual. We may collect, use, transfer, sell, and disclose non-personal information for any purpose. For example, when you use our services, we may collect data from and about the “commercial electronic mail messages” and “transactional or relationship messages” (as such terms are defined in the CAN-SPAM Act (15 U.S.C. 7702 et. seq.) that are sent to your email accounts. We collect such commercial transactional messages so that we can better understand the behavior of the senders of such messages, and better understand our customer behavior and improve our products, services, and advertising. We may disclose, distribute, transfer, and sell such messages and the data that we collect from or in connection with such messages; provided, however, if we do disclose such messages or data, all personal information contained in such messages will be removed prior to any such disclosure.
We may collect and use your commercial transactional messages and associated data to build anonymous market research products and services with trusted business partners. If we combine non-personal information with personal information, the combined information will be treated as personal information for as long as it remains combined.
Aggregated data is considered non-personal information for the purposes of this Privacy Notice.
> Are they really hoovering up everything?
I worked on a competing product a long long time ago. (Well, a competitor in the "all your emails are belong to us" space.)
The way ours worked was that we hovered everything, but before we provided any analytics staff access to it, we grabbed only emails of interest, tokenized the data in them, and then copied them to the analytics data store.
But we were constantly refining what "of interest" meant, which means that we had to go back and re scan the archives periodically, which would always turn up new stuff for the analytics team. The need to re scan historical data as the models improved meant that we had to keep all of the source material, even if it wasn't accessible to the people who were most interested in looking at it.
Add the specific names involved (e.g. Jojo Hedaya) to a list in your head, they'll inevitably be involved in more shadiness throughout the years and it's fun to reminisce.
https://myaccount.google.com/permissions
Even after deleting your unroll account, they'll have access until you revoke it.
http://shoparoo.com
http://betakit.com/shoparoo-partners-with-unilever-to-turn-r...
And nothing's gonna happen to protect user's privacy. All I (or any one) can do is to use fake accounts to sign-up for free services.
Can someone explain how this works. I've heard they sold customer's Lyft receipts to a competitor. How do they sell receipts by making it completely anonymous. Do they have someone there by hand monitoring what it is user's private data and what isn't?
Of course, if they do change their email format, your script is probably letting data leak until you notice and fix it, but obviously privacy wasn't the top priority on Unroll.me's minds in the first place.
At the end of the day, nobody outside the company truly knows if either of them sell identifiable information.
[1] https://news.ycombinator.com/item?id=2942967
That is also in contravention of the EU DPD:
https://en.wikipedia.org/wiki/Data_Protection_Directive
Specifically, point 2: Purpose.
I'm not sure how I feel about all this. But after reading the threads - I think these things are true:
1) Unroll me does disclose that it sells your data in a way it considers anonymized.
2) The CEO is here apologizing for not making this more clear, not for the practice.
3) There is no evidence they violated their own terms.
What are people upset about most here? Is it the practice or weak disclosure?
If disclosure, what would constitute appropriate disclosure? I pretty much assumed they were doing something like this. How else would they support the service?
As a user, if they are selling my data in a way that is not linked to my name, but used in aggregate statistics, why should I care? I don't think I do. In fact, I can image such data would make the overall economy more efficient.
On the other hand, if such data is being used to ID me specifically, I am more anxious. But there is no evidence of this, correct?
I am genuinely asking. I might cancel my account, but more over general security anxiety, vs. what appears to have happened.
As of now, it is impossible to run a pure B2C SaaS which depends on users paying for it.
Is this going to finally change the market so that B2C SaaS companies can charge for their service? I doubt.
The question here is: is our privacy dead? Maybe only we need a law to enforce it?
If make a law enforcing the privacy, then many of these free service will stop being free - causing even bigger digital divide.
What is the solution here?
The thing to look at it the economics of your privacy. Why has it died? I think it is because your privacy has some intrinsic value to it. Averaged over enough people and a long enough time, it has some average dollar value, like a lotto ticket. However, it then becomes a commodity like all others, and subject to markets and their rules. If everyone is collecting your privacy and data and then trying to sell it, who is the buyer and what is the price? Who is buying the data from Bose and their scummy headphones and how much are they paying per 1k people?
To me, it seems that the market for 'data' is not at all transparent and that is why there is a grab for the data. If these kinds of companies can convince a potential buyer that their scummy headphones data is worth the price, then maybe the buyer can take it and make more cash off of it. But I think that since the markets are so inundated with people's 'data' that the price is not worth much at all. I mean, when I look at 'targeted' ads or whatever, then all I see is nonsense. I think that currently, the data is worth far too much due to the lack of transparency in the market. Once everyone realizes that humans are too random to target marketing towards, then the prices will drop and the bottom will fall out of the market. The real money, as Apple and the Goog have seen, is in walled gardens that force you to buy their products above all others. Currently, we are in the 3rd round of this match, there is a lot more fighting left.
Don't say you're going to do something going forward, DO IT.
Yet when you try to subscribe, are freaked out by the permissions required and don't give access to your entire email you're greeted with the following message: "Unroll.Me takes your privacy & security seriously"
I really don't get why people would be OK with that. Somehow the possibility of a cleaner inbox doesn't seem worth the risk of identity theft.
Edit: to see how you can buy this type of information, see: https://returnpath.com/solutions/consumer-data-insight/
Selling anonymized user data is legal. In certain markets (like this one), any company that does NOT sell your data (and therefore charges their users), will be out-competed by companies that do.
Assuming there is a price to your online privacy (which most ppl clearly believe since they use Google) and the value this product brings to market exceeds that price threshhold, we're better off for it.
It seems to me the way to enact change is through legislation/regulation. And, anger towards any specific actor in this under-regulated field is misdirected.
Its like saying, my travel agent knows my travel plans.
unrollme on the other hand was asked to do a specific task. And while they were probably really good at it, they took it upon themselves to be curious and find more information, black out some and sell that info to others.
Its like saying, you travel agent sells the data on what car you came in, what you were wearing and what you were feeling when you came to discuss your travel plans.
If course laws that make this illegal would be great, still "uncalled for" is your opinion. I in fact call to public-ally shame every company who sells user data for profit. I am disgusted by "free" stuff. I would rather pay for something then to get something "for free". That why I have a payed protonmail instead of letting google read my mails to name one example.
To some people (like you), online privacy is of immense value -- seemingly almost an inalienable right alongside, life, liberty, and pursuit of happiness.
To others, online privacy has little to no value.
I'm somewhere in the middle.
Don't you think services like this should be freely available for people who don't value online privacy like you do? It doesn't seem right to project your value system onto others when both can peacefully co-exist...
A logical solution that would protect both parties would regulate the transparency by which businesses must communicate these data sharing practices. I just don't see the logic around why any company who shares user data is automatically evil and worthy of assassination.
https://unroll.me/features/
https://unroll.me/faq/
Before you decide to use one of these 'free' services, stop and think what that will really cost you and whether you're OK with the price you will pay. That way you will be less surprised (and outraged) when things like this are revealed.
One of the big changes a couple years ago was when they unified all their terms and privacy policies under one that applied to your entire account. So I don't think there'd any longer be any distinction between where the data came from and which Google product they were using it for.
1) There isn't anything inherently wrong with selling user data as long as it's properly disclosed.
I understand that to some people, online privacy is of immense value -- almost an inalienable right alongside life, liberty, and pursuit of happiness. But, we also need to recognize that to others, online privacy has little to no value.
Since there is such a range of value judgements, I think services like this should be freely available for people who don't value online privacy.
It doesn't seem right to project one's value system/judgments onto others when both value systems can peacefully co-exist.
2) The company's practice of selling data was properly disclosed in their ToS
I understand this is arguable, but imo, the ToS is a reasonable place for proper disclosure. Your average consumer knows this sort of practice is possible and also knows that the place to look for disclosure of said practice is in the company's ToS.
It's offensive for a company to a) be involved in shady data practices like this and b) for them to believe their customers are naive enough to fall for it.
"If you are not paying for it, you're not the customer; you're the product being sold". The free services should worry you
Companies have to make money, and it's free, so it should be assumed they are mining it.
Also, stop being idiots and saying that they are sending your receipts. As far as we know they aren't. They are sending aggregate numbers. Just like the dozen other free services you're probably using right now.
>> We may collect, use, transfer, sell, and disclose non-personal information for any purpose.
They told me they gonna sell my data and now they sold my data. Bloody bustards!
Much of the time, you are both the client and the product. See, for example: Cable television.
While it's true you can be paying someone to sell you to some third-party, it's virtually never the case where a private firm offers you a service completely gratis without sell you to some third-party. Furthermore, without the exchange of funds, you lose a lot of legal protections and the ability to hold the company accountable for a lot of their actions.
I know it might be annoying to hear it over and over, but I think it bares repeating because I can guarantee you that only some people have heard that phrase, and far fewer have truly understood it's impact.
Further, it is cited as a rule but it is far from one. Paying for a product doesn't guarantee your privacy and using a free product doesn't mean your privacy is being violated.
For ex. you can pay for Google Apps over Gmail but the privacy policy and terms of use is still the same (I actually can't think of a single service with a pro paid level where you gain privacy - Flickr, Dropbox, Freshbooks, Mailchimp, LinkedIn, Salesforce, Office online - you name it). Likewise there are countless examples of free and open source software that do respect your privacy.
I don't think there is a shortcut to teaching the general public about privacy - especially not one that can be wrapped in a one line cliche.
While what you say is logical, it gets scary pretty quickly. What about uber? What about airbnb? Or worse, what about paypal, intuit, wells fargo?
I propose a simple thought experiment as a band-aid. If we can't beat them, we must join them. Every company that collects information about me, must disclose the said information to me. Failure to disclose in a reasonable time frame should result in an automatic fine worth 100x minimum wage per hour every hour after the end of the reasonable time frame. Of course, we'd need very strong whistle blower protection. This would be a terrible idea because if it works (and I doubt it), it will have a huge chilling effect on small businesses. Responding to all the requests would put them out of business.
I don't know what the solution could be... but I know educating people is difficult especially when the people don't want to be educated.
At some point so many people started annoying Facebook with these requests that they added a self-service option to download all the data they have on you somewhere in setting. (Google has something similar, "Google takeout")
Saying that a true statement is "trite" and "meaningless" doesn't make it untrue.
Just because you are a customer does not mean you won't be monetized.
There's no reason to get up in arms here... there's no such thing as privacy -- whenever you use a free service, you are the product being sold.
