Hacker News new | past | comments | ask | show | jobs | submit login
Yahoo is now part of Oath (yahoo.com)
115 points by Sami_Lehtinen on Oct 31, 2017 | hide | past | favorite | 66 comments

We will share ... your account registration information (such as your user ID, gender, name, email address, postcode & age), your content and advertising interests, content associated with your account, the types of services you use and how you engage with them, cookie and device IDs, IP addresses, geolocation information and activity information from across our websites, apps, software and other services. All of the information that we collect about you may be shared across the various Oath brands and within our Verizon family of companies.

To delete your Yahoo account, click here:


A fun test would be to post the data sharing policy of various services/apps and see how often someone posts a comment like this. Someone always posts a comment like this and it always feels, to me, like a knee-jerk reaction.

They've had your data for years (and were previously not only irresponsible but likely shared it with countless other partners), what has changed now?

Just because Yahoo is forthecoming about that they're sharing data, rather than selling it and not telling, thats grounds to close your account? I'm not saying you shouldn't, just odd to always see this comment.

> They've had your data for years (and were previously not only irresponsible but likely shared it with countless other partners), what has changed now?

This seems like it cuts both ways.

To be sure, Yahoo's data handling was reprehensible before the acquisition also. But if this reminds some people to pay attention to that, it's all to the good - I don't actually expect things to get better. Deleting or restricting your Yahoo presence was probably the right decision 1 or 3 or 5 years ago, but that doesn't mean it's wrong now.

More broadly, there's normally an argument for distrusting ISPs and mobile carriers even more than internet companies; they can correlate with physical presence, have a history of shockingly immoral behavior, and have repeatedly colluded with state surveillance far beyond what they were compelled to do.

I'm not sure how relevant any of that is in Yahoo's case, though, since they've basically alternated between handing user data to the government and handing it to literally everyone in the world. You're certainly right that anyone who only lost faith in their data security now has been in trouble for a long, long time.

> They've had your data for years (and were previously not only irresponsible but likely shared it with countless other partners), what has changed now?

To be honest, it's already in the wild when they where hacked and everything was stolen. 3 billion accounts. [1]

[1] https://www.cnbc.com/2017/10/04/how-the-yahoo-hack-stacks-up...

You could almost argue your data is safer with verizon than with the old yahoo! (Safer, with a hard R. Not safe, just less not-safe)

The parent comment you're replying to is not telling people they should close their account, or even making a fuss about the data sharing. She's just giving people information that people might find helpful. Services like this often have labyrinthine processes for closing accounts, so it's nice to have a quick link for how to do it.

Note that Yahoo's account integration is weak and weird so you may wish to manually delete things linked to your account first.

For example, if you have any Yahoo Groups you own, you should either delete them or transfer ownership first, as Yahoo has basically left that area on life support only and won't even promote a member to a moderator, let alone owner after a poll anymore -- so there are groups basically accumulating spam, with public posts that need to be deleted, or just unable to get new members.

Take care though, they allow email address reuse.

How do they avoid HIPAA violations in that case? Or is that not at issue somehow?

I have no idea. I know that my providers avoid sending covered information to my email, they send me a notification to log into their messaging system.

HIPAA only applies to medical information. I didn't see any mention of that, so I'm assuming it doesn't apply here. Wish it did.

Um... Yahoo has nothing to do with HIPAA since they don't deal with medical information at all.

You don't email medical records or information in the first place, you "secure message" them through an encrypted channel. An example of such a service is RelayHealth.

Why would HIPAA apply to Yahoo?

> We will also delete or anonymize your account data and settings across the Yahoo network. This includes the contents of your Yahoo Mail, Yahoo Messenger, Yahoo Contacts, Business Mail services provided with your Aabaco Small Business account, My Yahoo settings and more, including your Flickr photos and the statistics for your Flickr account, if applicable.

The degree to which the Yahoo acquisition was purely negative for Flickr users still astounds me.

It's terrible. Do you know any site similar to it that's as good as flickr used to be (i.e: being able to view/download original size pictures, and all the EXIF data galore)?

Flickr also has a search by CC license, which is good to have.

If you didn't know by now, assume it on all services. They promise the moon and then change the Privacy Policy when Wall Street demands 30% q2q growth.

Thank you for this link. Worked well and quickly. I haven't maintained my yahoo account for years, it's good to actually get rid of it.

Apparently doesn't work if you don't have a yahoo mail account.

Reboot and try again.

Q: Why am I receiving this notice? A: We would like to inform you in advance that, as of 18 September 2017, Yahoo and Oath plan to share some user information within the Verizon family of companies which will enable us to integrate our business, allowing us to coordinate more and improve your experiences.

Hate to break it to you, but everyone has already shared Yahoo's user information

Verizon just informed me of this fantastic new service they want to sell me where I can create my own caller id signature for my phone calls. They specifically state they aren't editing/approving them, so I can be "Princess Di" or "Donald Trump" if I want.

Now I know why all my spam calls the last few days have been from people with full caller ID signatures that make it look like they are in my contacts already. These are the people in charge of protecting your private information at Yahoo.

In that case I'd suggest "Mom" or "Dad" for maximum effectiveness. Oooh or maybe "YOU HAVE WON".

911 as the originator should have a pretty good pick-up rate. Nobody ever got called by them and yet I'd bet that it would work just fine.

Here in the US we do have "Reverse 911" (though I forget what number it calls from).

I live in Virginia, but was in Louisiana and I got a call about a hostage situation with a shooter that was happening somewhat near my home address.

What did they want? Just for you to stay inside?

Yes. "If you are in the area, please leave. If you are inside your home, please remain."

This is the kind of thing where we start coming up with these ideas that might actually work, but then some Chinese bot calls you with the ID MOM 911 YOU HAVE WON EMERGENCY.

Let's say I run company A, and Company B wants to buy all of my user's information but I've already created policies that say I won't share user information with 3rd parties.

Could I:

1. Create a subsidiary (Company C)

2. Share info 'internally' with company C

3. Sell Company C to Company B

Usually there's a unilateral T&C alteration clause, so you can do what you like just change the terms first. Change them right back a microsecond later if you like?

Just word it "not share with unrelated third parties" and it reads like "no sharing" but of course any party you're selling too is related by contract.

No-one reads the terms really, well I'd guess <<1%?

Probably what's needed is a general framework from law about not sharing without explicit consent banning the company; and that personal data expires in a company transfer/sale without consent (but perhaps a lower bar there).

Sometimes programmers' minds get infected with the idea that the whole world, especially courts and regulatory agencies, are just little virtual machines that will dutifully execute based on whatever steps you lay out at the beginning. They're not. Machines can't call bullshit on you, but people will.

I think that comment makes the mistake twice over, even. First, because T&C are (usually) not an immutable contract - companies can just change them without any legal shenanigans at all. Then second because, as you say, actions taken just to circumvent laws are usually themselves illegal.

It is pretty baffling to see how often programmers talk about law like it's an algorithm. Even the DAO didn't work out that way, and that was explicitly intended to turn contracts and law into algorithms. If that didn't resist social pressure to redress harms, why would we expect actual humans to do so?

(And frankly, thank god the law doesn't work like that. I don't want to live in a world where legal loopholes open up as often as software vulnerabilities.)

In what sense are you asking if you "Can" do it.

The FTC is fairly broadly empowered to stop deceptive practices, and most of the standards there are about what reasonable users would expect.

So you may be able to work around a contract implicit or explicit, but in practice it's unlikely you would get away with it.

Plus if you said this to a judge they'd laugh at you. They are not (and should not be) judging automatons.

Technically, of course you can, but practically, if someone sued, you would probably have a hard time convincing others that you are complying with your own policy. It's probably easier to just to change your ToS/privacy policy.

Most privacy policies have an "out" only for acquisition of substantially all of the assets of the parent org.

The reality is that if you're considering selling the golden goose of all your user data then you might as well just sell the business outright and be in 100% compliance without the expense of the proposed convolutions or risk of FTC ire.

With not a damn thing your users can do short of trying to delete their accounts.

What policies have you created? How are those enforced? Are they even enforceable?

Depending on how they are worded, either the share, and/oor the sale, and/or neither will break the policy

4. ???

5. Laugh all the way to the bank.

I don't think you need step 4.

'Yahoo is now part of Oath '

Congratulations on finally becoming a swearword instead of an excited yell

It's about time! I wonder when someone last used their products and cheered instead of swearing?

This comment wins the Internet today.

oath: noun; plural oaths


6. any profane expression; curse; swearword: "He slammed the door with a muttered oath."


Until I read this comment, I thought it was saying Yahoo had added Oauth support. Whoops. Thanks for the correction.

Very clever, but

2. a statement or promise strengthened by such an appeal.

Oath promises to connect over a billion people to a stable of brands that they love. The is Oath's promise, feel the .

“This is our promise to you. To connect your brand to over a billion crazy in love [in love with brands] people.“ https://www.oath.com/ [Can you kick it? Play video]

It's in the barftastic marketing-speak copy in the video.

Look, I just want to know if this will lead to a fix of Yahoo's most dire problem: that abominable logo redesign.

AOL and Yahoo, together at last. Because nobody likes to die alone.

> as of 18 September 2017, Yahoo and Oath plan to share some user information within the Verizon family of companies which will enable us to integrate our business, allowing us to coordinate more and improve your experiences.

Might want to finally ditch your yahoo email address. ;)

Any suggestions for migrating away from Flickr while preserving my data? Google, etc. don't really seem like they will be any more ethical.

I've been liking Flickr less and less with Yahoo's decline and the tie-in to Yahoo accounts. The only reason I have a Yahoo account is because it was required for Flickr.

For my own uses, been thinking of self-hosting something like Zenphoto on a subdomain.

1-user gsuite account. 1TB for $5/month

GSuite would be Google. I don't think an advertising company is really going to be that much better than Verizon. And if I just want 1TB of online storage I have better options. The question was about a "photo sharing" application not unlike Flickr.

MediaGoblin perhaps? I've never used it (or Flickr) but it seems like it could be a good fit.



SmugMug possibly although I haven’t looked at them in ages. Premium photosharing sort of fell out of favor as a product category.

Honestly it’s CC search that I value most about Flickr though. I don’t really do the social aspects and I could always find an alternnative personal hosting option.

check out 500px

I read this as part of OAuth

Don't they already have some sort of Oauth support for their APIs?

Oh wait...

My first thought was:


Oath -- what a stupid name.

Trying to invoke honor and valor. Ha!

I appreciate the name. They might have aimed for honor, but also invoked obscenity and that fits perfectly.

I have never heard the unmodified word "oath" used to indicate anything less than positive. Only very rarely is it used in any negative sense, and then almost always with some sort of descriptor -- "Bloody oath", as you say

Are you from AU by chance? Urban Dictionary seems to indicate 'oath' is slang over there


Is it really an obscenity? Closest I've heard "oath" used as an obscenity is "bloody oath" or words to that affect, which means exactly the same as "damn right". Bloody and damn are both mild swear words, but haven't seen "oath" used as an obscenity in its own right.

This is basically the inevitable smashing together of Yahoo and AOL under Verizon. Cue misplaced 90's nostalgia in 3...2...

I really need to get my photos off Flickr.

I thought yahoo was shut down.

tl;dr Verizon bought Yahoo

What the hell is "Yahoo"?

Congratulations, Verizon, on the expansion of your propaganda platform. Net Neutrality doesn't stand a chance now!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact