Back to previous post: Are you listening, Google? It’s me, Teresa

Go to Making Light's front page.

Forward to next post: LINCOLN’S SWORD

Subscribe (via RSS) to this post's comment thread. (What does this mean? Here's a quick introduction.)

July 26, 2010

…And you too, CNN
Posted by Teresa at 09:11 AM *

See my previous entry, Are you listening, Google? It’s me, Teresa. A few days ago, I almost wrote about the same subject: having websites try to force me to agree to let them propagate information about my activities on their site to other sites and organizations. In particular, trying to force me to tie my participation on their site to my Facebook page, when Facebook has repeatedly demonstrated that it can’t be trusted with its users’ privacy.

The site that did it a few days ago was CNN. They’d put up an article called News sites reining in nasty user comments, about news sites discovering the need to moderate user misbehavior in their comment threads. (More of that cutting-edge reporting they’re so famous for.) When I went to post a comment in their thread, I found I had to register first. That’s fine; I don’t mind site registrations.

The trouble was, they only gave me two options. One was that I could sign up through Facebook, with all that that entails. The other was that I could sign up for their site alone. Either way, I’d have to accept their Orwellian-named “Privacy Policy.”

The initial reason I didn’t register as a CNN site user—ironically, when you consider that I was trying to comment on an article about news sites requiring commenters to use real identities—is that they refused to let me voluntarily sign up under my real name. CNN’s site registration system only allows you 3-12 characters for your name, and my surname alone takes 13-14.

In the end that was just as well, because it slowed me down long enough to take a good look at their policies. Here’s what the registration form says:

CNN will use the information you submit in a manner consistent with our Privacy Policy. By clicking on “sign up” you agree with CNN’s Terms of Service and Privacy Policy and consent to the collection, storage and use of this information in the U.S. subject to U.S. laws and regulations. (learn more)

For our international users, please be aware that the information you submit when registering for our services is collected in the United States of America. In addition to being subject to our Privacy Policy, the collection, storage, and use of your data will be subject to U.S. laws and regulations, which may be different from the laws and regulations of your home country. By registering for this service, you are consenting to this collection, storage, and use.

In the United States, we don’t have many laws protecting our personal information. We need more than we have. The alternative, the one we’ll get by default if we don’t do anything, is to have our online identities mediated by Facebook. If the government had proposed an online identity system that prone to holes, leaks, and exploits, we’d have been up in arms.

Moving on now to the policy itself:


Thank you for visiting, a site presented to you by Turner Broadcasting System, Inc. (“Turner”). Your privacy is important to us.

It’s like those call-waiting systems that keep saying “Your call is important to us.”
As such, we provide this privacy statement explaining our online information practices and the choices you can make about the way your information is collected and used at this Turner site, and among Turner’s network of affiliated websites (“Turner Network”), which includes any sites or services owned, operated or offered by or on behalf of Turner or its affiliates.
There’s a little box on the registration form that comes already checked. It says “Yes, I would like to receive occasional CNN member updates about new features and special offers.” It isn’t clear whether opting out of that checkbox keeps Turner from using your information in all its contemplated ways. My guess is that it doesn’t.

If I’m right about that, you have three choices: (1.) using the CNN site and letting it use you; (2.) the same, only with added Facebook badness; or (3.) not participating there at all.

The Information We Collect

At some Turner Network sites, you can order products, enter contests, vote in polls or otherwise express an opinion, subscribe to one of our services such as our online newsletters, or participate in one of our online forums or communities. In the course of these various offerings, we often seek to collect from you various forms of personal information. Examples of the types of personally identifiable information that may be collected at these pages include: name, address, e-mail address, telephone number, fax number, credit card information, and information about your interests in and use of various products, programs, and services.

At some Turner Network sites, you may also be able to submit information about other people. … Examples of the types of personally identifiable information that may be collected about other people at these pages include: recipient’s name, address, e-mail address, and telephone number.

At certain parts of some of our sites, only persons who provide us with the requested personally identifiable information will be able to order products, programs, and services or otherwise participate in the site’s activities and offerings.

We, our service providers, advertisers and partners may collect various types of non-personally identifiable information when you visit any of our sites.

This is the relatively innocuous early section of the policy. Later on, the range of things that can happen to your data gets much more alarming and expansive. It looks like they expect that most people who bother to read it will quit partway through.
A representative list of the types of non-personally identifiable information we may collect include: current Internet protocol address and type of browser you are using (e.g., Firefox, Internet Explorer), the type of operating system you are using, (e.g., Microsoft Windows or Mac OS), the domain name of your Internet service provider (e.g., America Online, Earthlink), the web pages you have visited, …
That’s no more than any site can tell about you when you turn up on their doorstep. In most cases, they can also make a rough guess about your geographical location. By itself, the information is relatively harmless. Don’t let that reassure you.
… the content you have accessed and the advertisements you have been shown and/or clicked on.
That’s a tad more intrusive.
How We Use the Information

We may use the information you provide about yourself to fulfill your requests for our products, programs, and services, to respond to your inquiries about our offerings, to offer you other products, programs or services that we believe may be of interest to you, to enforce the legal terms that govern your use of our sites, and/or for the purposes for which you provided the information.

If you didn’t opt out of the checkbox, “the purposes for which you provided the information” imposes no limit on Turner’s behavior.
We sometimes use this information to communicate with you, such as to notify you when you have won one of our contests or when we make changes to our subscriber agreements, to fulfill a request by you for an online newsletter, or to contact you about your account with us.

We use the information that you provide about others to enable us to send them your gifts or cards. From time to time, we also may use this information to offer our products, programs, or services to them.

The information we collect in connection with our online forums and communities is used to provide an interactive experience. We use this information to facilitate participation in these online forums and communities and, from time to time, to offer you products, programs, or services.

What you gradually find out is that when Turner talks about offering “products, programs, or services,” third parties may be involved; that those third parties may have access to quite a lot of personal information about you, because Turner reserves the right to combine your non-personally-identifying information with information from other sources; that those third parties aren’t bound by this privacy policy; and that Turner offers no guarantees that the information they collect about you won’t escape into the wild.
If you choose to submit content for publication (e.g., a letter to our editors, comments sent to our television personalities, a posting to a blog or a discussion board), we may publish your screen name and other information you have provided to us.

We may on occasion combine information we collect through our sites with information that we collect from other sources.

And there is the hole big enough for an elephant to walk through. The problem isn’t having single sites or single databases get hold of too much information about you; it’s what happens when you crossbreed those databases. Your email address, ISP, and approximate geographic location, combined with the very revealing social linkage of Facebook, plus (say) the videos you favorite (i.e., bookmark) on YouTube, your publicly readable Amazon wishlists, and the articles you promote via Digg or Reddit or, plus standard name-and-address databases, plus detailed voter-behavior databases (which are commercially available), can add up to a startling amount of information about you.

We’d worry about making our diaries public because that would tell everyone what we think. We’re less clear about the implications of letting strangers collect information about what we want, what we like, what we buy, and what we habitually do late at night when we’re tired.

We sometimes use the non-personally identifiable information that we collect to improve the design and content of our sites, to deliver more relevant marketing messages and advertisements and to enable us to personalize your Internet experience. We also may use this information to analyze usage of our sites, as well as to offer you products, programs, or services.
They keep using that phrase.
Information Sharing and Disclosure

We may disclose personally identifiable information in response to legal process, for example, in response to a court order or a subpoena.

That’s normal.
We also may disclose such information in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms of use, to verify or enforce compliance with the policies governing our sites and applicable laws or as otherwise required or permitted by law or consistent with legal requirements.
I believe that reduces to “We reserve the right to do anything not specifically prohibited by law.” And as I noted earlier, U.S. law doesn’t prohibit much.

We’re now getting into the more alarming parts of Turner’s privacy policy, past my hypothesized point where they expect people will have stopped reading.

In addition, we may transfer personally identifiable information about you if we, or one of our business units, are acquired by, sold to, or merged with another entity.

Our agents and contractors who have access to personally identifiable information are required to protect this information in a manner that is consistent with this privacy statement by, for example, not using the information for any purpose other than to carry out the services they are performing for us.

I beleive that translates as, “Our employees and contractors are not supposed to mess around with your information for their own amusement or gain on company time.”
Although we take appropriate measures to safeguard against unauthorized disclosures of information, we cannot assure you that personally identifiable information that we collect will never be disclosed in a manner that is inconsistent with this privacy statement.

We may disclose personally identifiable information to third parties whose practices are not covered by this privacy statement (e.g., other marketers, magazine publishers, retailers, participatory databases, and non-profit organizations) that want to market products or services to you.

If a Turner Network site shares personally identifiable information, it will provide you with an opportunity to opt out or block such uses either at the point of submission of your personally identifiable information or prior to any such disclosure.

I’m going to skip forward to the end, where there’s a bit of information which I believe is pertinent to Turner’s promise to give you “an opportunity to opt out of or block such uses.” It says:
We will notify you about material changes in the way we treat personally identifiable information by placing a notice on our site. We encourage you to periodically check back and review this policy so that you always will know what information we collect, how we use it, and with whom we share it.
Sure. We’ll all put a regular reminder on our calendars so we’ll remember to check for changes in the Turner privacy policy. We’ll remember to keep a copy of the previous version, too, so we can compare them.


Turner/CNN, if you’re listening: No. I will not sign up for that. If I want to discuss one of your news stories, I’ll do it on a forum that doesn’t reserve the right to sell my participation and identity to anyone that offers.

Comments on ...And you too, CNN:
#1 ::: B. Durbin ::: (view all by) ::: July 26, 2010, 11:19 AM:

I've also become concerned about those contests where you submit photos to show off your cute kid or best sunset or what-have-you. When you read the fine print, you find out that you're giving the site EXCLUSIVE rights to your photo— as in, giving up copyright entirely. I'm looking at you, Disney and its subsidiaries.

Bad form. Very bad form. And thousands upon thousands of people submit to these contests without realizing what they're doing. And this is why I don't submit. Sorry, the illusory possibility of a Big Prize™ is not enough inducement.

#2 ::: Craig R. ::: (view all by) ::: July 26, 2010, 11:28 AM:

And privacy policies like this are why I don't subscribe to Facebook or use Twitter.

As for the loss of copyright that B. Durbin notes -- I think that if an end-user were to find that Disney or other entity were to try to assume the ownership of the copyright, and the submitter were to protest that they were not properly informed, they might be able to contest it if they could get the ACLU or the EFF involved. Otherwise it's going to be a matter of the multi-conglomerate winning by attreition, because they have the much bigger pocket for legal fees.

#3 ::: Lighthill ::: (view all by) ::: July 26, 2010, 11:40 AM:

When I see that a site doesn't consider IP addresses to be personally identifying, I know that I am being bullshat.[*]

IP addresses are "non-personally identifiable" as street addresses: many of them are shared (just like street addresses), and some people change them quite often (just as with street addresses). Nevertheless, if somebody tried telling people that street addresses are non-personally identifiable, and as we should consider them as irrelevant to privacy, I don't think they'd get taken seriously.

[*] I'm not calling out our hostess here: She is right that collecting and retaining IP addresses is a completely normal and routine thing for websites to do. The bullshitters are the people who imply that because IPs do not map 1:1 to humans, they are therefore not personally identifying and therefore without privacy concerns.

#4 ::: paul ::: (view all by) ::: July 26, 2010, 11:52 AM:

So if I understand this correctly, if someone at CNN thinks you might have violated their terms of service, they get to email everyone you've ever forwarded a story to and ask them about it?

#5 ::: Heather Rose Jones ::: (view all by) ::: July 26, 2010, 12:56 PM:

This reminds me of the regular conversations I have with check-out staffers who persistently encourage me to obtain one of their store discount membership cards. Because I am the person that I am, I will try to explain the principle of "no free lunch" and that what they're doing is engaging me in a commercial transaction where I pay for that "discount" with some unspecified and unknown piece of my identity. And I try to explain that I like my commercial transactions to be overt, explicit, and voluntary -- I want to buy something only when I choose to buy it and I want to know exactly what it is that I'm paying for it.

And I am regularly met with complete incomprehension. These systems flourish not simply because many people accept the devil's bargain, but because they don't even recognize it as a bargain. The creepy stranger offers them candy and they respond, "Ooooh! Candy!" and get in the car.

#6 ::: Teresa Nielsen Hayden ::: (view all by) ::: July 26, 2010, 01:00 PM:

Lighthill, when part of your job is blocking trolls, you get familiar with IP addresses. They're insufficiently particular when you're trying to stop an individual's misbehavior, and way too specific when they're being used to chip away at pseudonymous privacy.

I'm mindful of various recent findings about how personally identifying other non-personally-identifying information can be. I'm also aware that if you sifted through who links to me, and you knew my IPA, there would be a single answer to who I might be.

#7 ::: dcb ::: (view all by) ::: July 26, 2010, 01:22 PM:

Heather Rose Jones @ 5: or they blithely say "oh, but they already know everything about anyone so why not share the free lunch, you can't stop the data-gathering."

I generally pay for groceries etc. with cash. Why should I make it easy for Big Business to find out about me (particularly with the all-pervasive "Nectar" cards over here which go across any number of businesses so they can really analyse your life habits and household).

The only store card I've got is one for a bookstore - I don't mind them knowing I buy books (even what books - if I was bothered about a particular book purchase being known, I'd buy anonymously).

#8 ::: D. Potter ::: (view all by) ::: July 26, 2010, 01:34 PM:

During the sign-up period for Big Supermarket Discount Card it was determined that they only required a name and phone number. On the other hand the discounts are substantial and sometimes mean being able to afford seafood.

The current card has a string of 10 random digits and, let us say, Not My Name. The cash register prints one's name on the receipt so the cashier can say, "Thank you Ms./Mr. X."

Let us say that I despair for literacy in this country. ;-)

#9 ::: MichaelC ::: (view all by) ::: July 26, 2010, 01:35 PM:

I can't tell you how many times I've read a post online and felt that I could make an actual contribution to the discussion, only to be stopped by a registration process that requires far too much personal information.

What does astonish me is how many trolls and fellow travelers DO decide it's worth their while to register just to say something nasty and vapid.

#10 ::: albatross ::: (view all by) ::: July 26, 2010, 01:51 PM:

Long term, I'm not too comfortable commenting about CNN stories on CNN's site. If they're paying attention to the comments, I don't trust them not to delete or edit comments that put them or their story in a bad light, or that bring up issues about the story they'd hoped to avoid discussing.

My model is that most of the MSM (and CNN is a good example of this) benefits enormously from being gatekeepers of what information their customers are to be shown. They use that power partly to gain viewers by showing them stuff they want to see, and partly to keep advertisers and confidential sources sweet by *not* showing their audience stuff that would rub the advertisers or sources the wrong way. They have in general been pretty hostile to online sources of information, for pretty understandable reasons--who wants to have their special position in the world taken away by a bunch of upstarts? Who wants to have their ass-kissing of the powerful exposed by a bunch of irresponsible bloggers who call waterboarding torture even when Dick Cheney tells them it's not?

#11 ::: Stefan Jones ::: (view all by) ::: July 26, 2010, 02:04 PM:

For a few glorious weeks bracketing the release of Wall-E, pointed to a scorching corporate website parody, with fake news stories and product page. It was breathtaking anti-corporate satire. I'm guessing it was created by someone at Pixar.

Eventually, it got pulled. The link now redirects to a typical Disney promo page for Wall-E.

But they didn't scrub everything:

Buy n Large Disclaimer

With gems like:

All acquired customer information becomes the property of the Buy n Large corporation and can be used (but is not limited to) any venture the Buy n Large Corporation deems beneficial to it. By visiting Buy n Large (or a Buy n Large partner) the user agrees to relinquish (if requested) any personal assets that may be deemed "usable" by the Buy n Large Corporation; this includes (but is not limited to) real estate, stock holdings, user transportation, employment income and the users "soul" (either real or imagined, regardless of spiritual or religious affiliation).

#12 ::: Randolph ::: (view all by) ::: July 26, 2010, 02:06 PM:

Every now & again I think about going into Safeway in the best Steampunk duds I can borrow and, when the clerk calls me by my first name, saying something like, "I do not recall giving you permission to use my familiar name."


#13 ::: Fragano Ledgister ::: (view all by) ::: July 26, 2010, 02:08 PM:

Stefan Jones #11: Are you sure that's not intentional on the part of Disney?

#14 ::: Fragano Ledgister ::: (view all by) ::: July 26, 2010, 02:12 PM:

D. Potter #8: One discount card in my possession has a name on it. There's a major corporation currently learning a great deal about the posthumous habits of one of the great dictators of the twentieth century. I forbear to mention which.

#15 ::: Stefan Jones ::: (view all by) ::: July 26, 2010, 02:19 PM:

#13: It would be interesting to compare the parody with Disney's actual disclaimer.

#16 ::: j h woodyatt ::: (view all by) ::: July 26, 2010, 02:27 PM:

Teresa writes: "I'm mindful of various recent findings about how personally identifying other non-personally-identifying information can be..."

A friend of mine was until recently the CTO at a company most people here have never about before, which currently describes itself on its "About" page thusly:

Right now, $REDACTED engages all 220 million U.S. Internet users, providing detailed audience profiles for the advertising marketplace to learn more about what consumers are doing online. We also provide advertisers with a new way to evaluate their individual customer profiles against the entire U.S. Internet population, so they can identify prospective customers numbering in the millions, even tens of millions.
Conversations with him about technical topics related to the subject of Teresa's post have been very illuminating to me. It's my impression that a lot what can be constructed with non-personally identifying information is the subject of trade secrets.

For example, I know a lot about what can be done with IP addresses (just get me going about IPv6 and NAT444 if you want to be really bored), and my blood should ran cold when I found out that companies like the one my friend worked at have relationships with ISP's that allow them to correlate IP address assignments with traffic logs to produce surprisingly detailed audience analyses.

He assured me that their database knows enough about my household that it can tell which member is the one that reads Making Light from behind the one IP address assigned to the house. It knows the salaries and brand preferences of everyone in the house. It knows which one is the science fiction fan and which one loves young adult fantasy. It knows what kind of car we will buy and when we will buy it. It knows where our children will probably be going to school next year. It knows how much we will spend on dinners at restaurants next month. It knows our religious and political views well enough to predict how we're going to vote on proposition 19 in November.

It short, it knows more about us than we do ourselves, and it's getting more and more knowledgeable every day. (I doubt it's getting any wiser, however.)

I'd be interested in knowing what it knows about me, but alas, I can't afford the subscription fee. Maybe if I ran a multi-million dollar website, I could find out.

#17 ::: Tom Whitmore ::: (view all by) ::: July 26, 2010, 02:30 PM:

Heather Rose Jones @5: At least one of my supermarket cards was given to me with an attached form to fill in my information.

I didn't return the information card.

Discount card still works perfectly well.

Other stores, I use other people's telephone numbers. For people I like, it's with permission. One only has to find one that works for a given store.

#18 ::: j h woodyatt ::: (view all by) ::: July 26, 2010, 02:32 PM:

Correction to my previous comment: I misremembered my friend's title at that company. He wasn't CTO there. (He was CTO somewhere else.) He was a manager in their operations organization.

#19 ::: Adam Lipkin ::: (view all by) ::: July 26, 2010, 02:33 PM:

J.H.@16 -- you do realize that four seconds with Google or any other search engine reveals the name of that company, right? Not sure if you really care about hiding it or not, but searching on exact phrases is pretty simple.

#20 ::: Constance ::: (view all by) ::: July 26, 2010, 02:36 PM:

This week the NY Times Sunday Magazine has an article pertinent to these issues:

The Web Means the End of Forgetting.

I try to mitigate this as much as possible, i.e. no links, feeds, no twitter, no FB, etc. But there's only so much one can do and have an internet life. I do use countless library, archive, etc. sites. Those are pretty safe.

Love, C.

#21 ::: Tracie ::: (view all by) ::: July 26, 2010, 02:39 PM:

When I call someone from a university phone, the number that shows up on caller ID is not the number I'm calling from, but a fake number. Call that number and you'll get a recording telling you that it is not a working number. It's a handy number to use on occasion.

#22 ::: ddb ::: (view all by) ::: July 26, 2010, 03:30 PM:

Has anybody found where quantcast is setting their cookies from? I mean, besides their own domain? I'd guess they have domains with unrelated names, and do the real cookie setting from there; since blocking the obvious domain is too obvious.

(Everybody does run with third-party cookies blocked, right? Um, say, where has that option gone in Firefox anyway? There's no "tasks" menu, which is how the docs say to get to this function.)

#23 ::: P J Evans ::: (view all by) ::: July 26, 2010, 03:33 PM:

The supermarket cards I have don't have my current address and phone. One does have my e-mail (or one of them), but they haven't sent me much junk. Yet. I don't use the drugstore one - I don't like that chain much.

The other store I got a card for has quit using them, actually.

#24 ::: albatross ::: (view all by) ::: July 26, 2010, 03:42 PM:

ddb: On the Mac, it's under Privacy in Preferences.

#25 ::: Courteous D ::: (view all by) ::: July 26, 2010, 04:07 PM:

I was happy to discover, quite by accident, that an ancient discount card from a now-defunct drug store works perfectly well at the "you-do-the-work-kthnxbye!" self-checkout machines at one of my local supermarkets.

I like to think that somewhere, someone's profile is being populated with my outliers, and every now and then they get peculiar and inexplicable coupons for root beer and Old Spice.

#26 ::: ddb ::: (view all by) ::: July 26, 2010, 04:13 PM:

albatross@24: On Windows, it isn't in tools / options / privacy. There's a link to bring up the box for deleting cookies, but nothing for controlling blocking cookies.

There are add-ons, but they all refer to the underlying service, which I can't find. (I currently have an add-on installed for it, and that may be hiding the underlying service, too. But I looked first.)

#27 ::: John Mark Ockerbloom ::: (view all by) ::: July 26, 2010, 04:18 PM:

My assumption has been that getting a supermarket snooper-card with a fake name gives only a false sense of security, because it can get matched up with real personal data the first time you pay with a credit or debit card linked to you. Though I don't know if that's done commonly in practice.

I instead shop when I can at markets that don't require them for discounts, or for only a few of the discounts they offer.

#28 ::: ddb ::: (view all by) ::: July 26, 2010, 04:28 PM:

John Mark Ockerbloom@27: I think it's safe to assume they do.

Which is why, at the biggest social gathering you go to each week, everybody should put their discount cards in a pile and then draw one at random.

#29 ::: dcb ::: (view all by) ::: July 26, 2010, 04:59 PM:

ddb@28: Would work with discount cards, perhaps. Not over here, where they're loyalty cards, earning you points which you can use against future purchases, plus additional vouchers - generally for a more-expensive equivalent of what you normally buy (so they're making no pretence of not analysing what you're purchasing).

I have an Oyster card for London transport, because they've made cash-tickets prohibitive relative to Oyster for many journeys. I paid for it with cash (despite the offer of a free one sent to your address - uh huh), and top it up with cash; they may know that particular card mainly does X journey, but they can't link it to any particular individual.

#30 ::: Cadbury Moose ::: (view all by) ::: July 26, 2010, 05:08 PM:

Stefan Jones @ #11 re:

It appears to have been comprehensively archived by the Wayback Machine. Much fun...

#31 ::: Bill Stewart ::: (view all by) ::: July 26, 2010, 05:21 PM:

If I go into full privacy-rant mode, remember all those computers we were worried about in the 1960s? They cost a few million dollars and required whole departments of programmers to work for months to create new queries for the punch-card monkeys to run. My old iPod has more horsepower and much more storage than those and it's just sitting in my pocket for background music; any random bureaucrat with a desktop computer can think up a query at lunchtime, play with it a bit, and send the press a list of pregnant immigrants whose papers might not be in order, or something equally malicious, just on a whim. Real privacy protection is very hard, if not impossible.

My grocery store card was filled out as "John Doe", address "General Delivery" in my town, phone +1-650-555-1212. If you don't have the card with you, you can use your phone number, which seems to belong to a "Mr. Lee". Back when there was a Cypherpunks group, we used to occasionally all trade cards, but this is private enough.

Most people who have my zip code online have 90210, which was trouble-free until Apple started occasionally emailing me about in-store specials at their Beverly Hills store instead of my own.

For most of the websites that haven't been borganised into Facebook, all that the checkboxes really mean is that unless you find the right combination of them, they're going to send you occasional spam which is usually ok, and that they'll sell your info to third parties which is not. I do keep enough free email addresses around that that's usually ok, but I certainly don't want YouTube/Google sharing information, nor Flickr/Yahoo, nor Facebook/anything - especially since the reason I got onto Facebook was to keep track of my actual relatives. I didn't mind having real relatives on MySpace, because I didn't use it that much, and the relatives were just the heavy metal band my nephews were in, so there wasn't much risk of leakage except about my alleged musical taste (they weren't great composers, but they're actually both pretty good players.)

#32 ::: Heather Rose Jones ::: (view all by) ::: July 26, 2010, 05:34 PM:

Tom @17

The point isn't that the purchasing information is or is not attached to my real identity, the point is that they're getting a complex set of correlated consumer activity, and they're getting me to collect it for them at the price of a purchase discount. If a company wants to pay me a salary to collect market information for them, that's one thing. But that's not how they're advertising the transaction.

#33 ::: Stefanie Murray ::: (view all by) ::: July 26, 2010, 05:41 PM:

Syracuse must be an anti-privacy hotbed or something. The grocery store that we use here requires you to present a drivers' license or other state ID in order to get a discount card. And actually, we had to present drivers' licenses the other day to visit a friend in the hospital; the machine scanned our licenses and then printed out badges for us to wear, with our DL photos and the room number of the person we were visiting prominently displayed.

#34 ::: j h woodyatt ::: (view all by) ::: July 26, 2010, 05:49 PM:

"Not sure if you really care about hiding it or not, but searching on exact phrases is pretty simple."

I wanted to make it harder for dumb machines to find it. I don't think my friend told me anything that isn't in their marketing materials, but I'm also not trying to create any particular snowball against that company by naming it. It's just one of several companies that do that sort of thing. They're all abominations against nature, if you ask me.

#35 ::: ddb ::: (view all by) ::: July 26, 2010, 05:51 PM:

Privacy in the computer age requires performing one of the most unnatural acts ever invented, one that all true programmers are conditioned against since the beginning: throwing away information. It makes me shudder just to type it.

Furthermore, you don't just have to throw away the information, you have to throw away all backups that contain it at the same time; or else it's not really gone.

And this is nearly impossible, unless your backup scheme is structured in ways very unlike the normal to make it possible (grouped on physical media by expiration date).

For reasonable information retention rules, fields in the same row of a database table might have different lifetimes! (Well, it's perhaps unlikely the implementation would end up that way once the information retention rules were taken into account.)

#36 ::: bartkid ::: (view all by) ::: July 26, 2010, 05:52 PM:

The Onion News Network reported about this months ago.

Google would forceably airlift all opt-out users of the internet to a remote internet-less, electricity-less, lightless, and oxygen-less enclosure on a remote island, IIRC.
(The Web Means the End of Remembering.)

#37 ::: ddb ::: (view all by) ::: July 26, 2010, 05:52 PM:

dcb@29: works fine with discount cards, which are the norm here.

I hate rebate cards with a red-hot passion. I rarely get any benefit from them, and they're a pain in the ass, and I feel bad about not spending the energy to get the benefit out of them. I'll avoid a store because they push rebate cards at me.

#38 ::: John L ::: (view all by) ::: July 26, 2010, 06:51 PM:

I guess I don't really see the problem with companies wanting more information on you. Whether you realize it or not, they already have a lot of that data.

I sign up for discount cards at favorite stores, have a Facebook account (with most of the privacy controls turned on, especially the 'can we share your info with 3rd parties?' one), and use common sense when it comes to clicking on online advertisements. Internet use is so prevalent now that it's impossible to keep your personal data hidden from companies and providers, unless you hide behind multiple pseudonyms.

#39 ::: Kevin Riggle ::: (view all by) ::: July 27, 2010, 12:39 AM:

I wonder if the correct conclusion here isn't the same as the conclusion we draw about terrorism -- not "oh my god look at all the personally-identifying information available to strangers!" but, "wow, there's a heck of a lot of information available about me but very few people want to use it for nefarious purposes", (cf. "oh my god look how insecure flying is" vs. "wow, very few people want to be terrorists").

In terms of my own information, I try to make it hard for people to ask questions about me that they don't want to know the answer to. If someone wants to know my sexual orientation, or my religious or political beliefs, they can find them, but they have to go looking, and if they make any decisions based on that information then I in turn get to base my response off the fact that they went looking. Generally speaking I'm in a position to say "fuck you" and associate elsewhere if someone takes a piece of information the wrong way -- a benefit of white male privilege, among other things -- so I'm not in too much danger there. I hope that my not hiding my weirdnesses helps build a world where more people can choose to not hide their weirdnesses if they so desire.

#40 ::: paula Helm Murray ::: (view all by) ::: July 27, 2010, 01:01 AM:

Stephanie, that is a scary thought. On the other hand, when one of the three of us goes into hospital, it's with papers that say the other two have power-of-attorney.

Which was really peachy a couple of years ago, when while out of work and one of my life partners, who had had a breast biopsy for cancer a few days earlier, woke up to find herself in a pool of blood from a blood clot and infection from the surgery.

It did really help that the hospital had all our information in hand, but we also brought the folder that had all our paperwork in case anyone gave my any grief.

(y'all don't want to know what happens if a family member gets treated badly by medical staff and i'm there..... it is ugly and usually involves profanity; If someone I love is under medical care and gets treated with diffidence, woe betide the doctors and nurses!)

#41 ::: Lighthill ::: (view all by) ::: July 27, 2010, 04:00 PM:

Teresa @ #6: I'm mindful of various recent findings about how personally identifying other non-personally-identifying information can be.

For an extremely recent finding with interest to the Netherlands contingent of Making Light, check out Koot, van 't Noordende, and de Laadt's "A Study on the Reidentifiability of Dutch Citizens." From the abstract: "We found that 67.0% of the sampled population is unambiguously identifiable by date of birth and four-digit postal code alone, and that 99.4% is unambiguously identifiable if date of birth, full postal code and gender are known."

This reproduces Dr. Latanya Sweeny's earlier and better known results about US citizens.

#42 ::: Lighthill ::: (view all by) ::: July 27, 2010, 04:02 PM:

Oops! That link should have been . Apologies!

#43 ::: Paula Lieberman ::: (view all by) ::: July 27, 2010, 07:02 PM:

Death to the datamining dastardly turds
Collecting in their echelon to spy upon the world
Death to the oligarchs in their gated homes
Beggaring the populace and plotting more dire deeds.

Death to the oligarchs who lie to start their wars
Death to the lying weasel doctored datastores
Death to the smarmy slime denying climate change
Death to the third party fuzing data spreading ways.

Death to the product sales of data so released
Death to abusive practice spreading spam and meme
Death to the blockers of self-determined fate
Death to the datamining slavers of today.

#44 ::: Robin Wilton ::: (view all by) ::: July 27, 2010, 07:18 PM:

You should find that if you print off that "Privacy Policy" it is enough to cover a large corporate backside. Which is, after all, its purpose.

#45 ::: paul ::: (view all by) ::: July 27, 2010, 08:28 PM:

"I hate rebate cards with a red-hot passion. I rarely get any benefit from them, and they're a pain in the ass, and I feel bad about not spending the energy to get the benefit out of them."

We would be broker than we are without our grocery card. The price break on a lot of semistaples (fruit, veg, chocolate, soda) is up to 50%. And for the first half of the year, 30 cents a gallon on gas.

It's a devil's bargain, but especially in the current economy the devil has the whip hand.

#46 ::: Meg Thornton ::: (view all by) ::: July 27, 2010, 10:37 PM:

I keep getting asked whether I have a "loyalty" card at either of the two major supermarkets here in .au. I keep saying "no". I used to have one (back when I worked for a store which was part of a major conglomerate) but I soon realised that my relatively frugal spending habits (as in: if I don't need it, I don't buy it) weren't sufficient to earn me $BIG_PRIZES and couldn't see the point in carrying the silly thing around with me.

#47 ::: P J Evans ::: (view all by) ::: July 27, 2010, 10:56 PM:

The main reason I keep the supermarket cards is that some of the products I usually buy can have very deep discounts often enough to make it worthwhile. They're trying to get me to sign up for the newer version, where I would get 'points' that would eventually add up to a small rebate.

#48 ::: David Goldfarb ::: (view all by) ::: July 28, 2010, 12:14 AM:

The Central Market used to have a rebate card (Katie and I would earn $25 a quarter with it) but they discontinued it around the beginning of this year. Now they just mail us coupons every once in a while (e.g., one this month for "get $10 off seafood with a purchase of $50 or more" -- I don't normally spend $50 at a time, but it doesn't take much extra to get there, so while it's not quite "get $10 off for buying what you'd buy anyway" it's close enough for jazz).

#49 ::: dcb ::: (view all by) ::: July 28, 2010, 04:03 AM:

paul @ 45: I think you're talking discount card (which ddb also uses) versus the loyalty card/rebate card, which I mentioned and I think ddb is agreeing with me regarding not being worthwhile (you have to spend lots to get anything back). P J Evans @ 47 also notes the difference.

I'll admit a discount card would be harder to resist that the loyalty (rebate) cards we get offered over here (UK). I make good use of the fact that we live 5 minutes walk from a big supermarket and I know what time they put things on final reduction (down to as low as 20% of original price). I think I save more than £500 a year on our grocery bill. I mostly buy stuff (veg, fruit etc.) we'd be buying anyway full price, plus a few treats (pack of two or three Gu chocolate puds for 50p - what's not to like?!).

#50 ::: Paula Lieberman ::: (view all by) ::: July 28, 2010, 04:11 AM:

Various of the supermarkets around here say they don't datashare.

Data collection and data mining and data analysis... when I was doing market research, the data I collected in raw form did not go outside the organizations I was doing the studies for. The reports generated did, but name of respondents, etc., did not get released, nor did anything but quotes, which did not have names of people or companies attached ("a respondent in the auto industry involved in vehicle electronics design..." was about as specific as it got, and "75.4 percent of the respondents wanted...." --the reality was that the .4 was there to make the figure more authoritative looking, the error margins were a lot more than 0.1 percent....

The current regimen, thinking about it, has an error level built-in that's qualitative that gets overlooked--people tend to buy what's available that they know about, and is convenient, and wht they can afford or get credit/loans to purchase. There may be "better" products, but if they don't know about them, can't get them, don't have accurate information (iPhones get lot of sales because they're in the public eye and get direct and indirect promotion in all sorts of ways...), can't conveniently get them, etc. etc. etc., they won't buy.... and the tools for analysis in the form of CLUEFUL surveys, tend to massively stink.... "Which is the one reason..." questions are some of the biggest crocks of crap going, because they can TOTALLY miss key points regarding what people bought/buy and why....

"I bought that miserable piece of shit because I needed something then immediately that I could afford and walk out the door with and couldn't get what I would have WANTED -immediately-!" is not an answer usually available on surveys, for example. "I bought this because at the time it had the five of the ten features I most wanted and I could get it within two weeks and it wasnt from a company I refuse to buy things from" also isn't an answer most surveys allow.... or "it was pink, and I wanted pink!"

So, there is all that datamining, and it may have some really bad assumptions--and NOT allow corretion.... I sometimes take vicious glees responding to e.g. "Why don't you like this?" on Facebook....

Again, when I was doing market research, the people who gave me the best input, were people who wanted things that they either couldn't get, or wanted to have it be known, "I want suppliers to provide these capabilities at that price and with his sort of support...." they wanted someone to listen to them because they had a strong interest in having their input paid attention to. Sometimes there were people who wanted to provide input saying "there are these things I'm using and I really like them and I like dealing with the company that makes them."

Issue with promiscuous, mindless, STUPID, etc., data acquisiting and data mining and data analysis, include institutionalization of bad assumptions that never even get the slightest bit of vetting, lack of rigor in considering what the parameters of interest really ought to be, granularity issues, and often all sorts of systematic biases and blindnesses and inapppropriate preconceptions....

#51 ::: David DeLaney ::: (view all by) ::: July 28, 2010, 06:07 AM:

ddb@26: After checking, in Firefox on Windows (which I am currently typing in), go to Tools / Options / Privacy ... and pull the top dropdown box to "Firefox will: _use custom settings for history_", at which point a raft of checkboxes and options appear. (One of which is a checkbox for accepting third-party cookies.)

--Dave, experimentally

#52 ::: John L ::: (view all by) ::: July 28, 2010, 07:28 AM:

My Kroger discount card gives us price discounts that add on to in-store sales, and using it earns us points that get turned into discount coupons they send us in the mail. Since some of these coupons are "$20 off your next purchase" or even higher, the card IMO is definitely worth it.

Same with the big membership club stores. If you've got the room to store a cubic yard of toilet paper, for example, buying in bulk those items you're going to use anyway (and won't spoil before then) will definitely save you money.

#53 ::: John Mark Ockerbloom ::: (view all by) ::: July 28, 2010, 07:37 AM:

There have been some informal studies showing that the supermarkets with the discount cards don't actually save you money compared to stores without them. All they're doing is taking away the discounts they used to offer everyone and replacing them with selective discounts. In fact, overall they cost you slightly *more* (there are overhead costs involved with the card system, after all).

See for example, this Wall Street Journal article, in which their reporter went on 5 comparison shopping trips, and every time ended up spending less in the card-less store.

While many of the large supermarket chains now withhold discounts unless you use a snooper-card, a number of smaller chains and independent markets don't. (And some local franchises of big chains will scan their own card for you if you ask.) Among larger chains, Trader Joe's has always given the same price for everyone; and Target is also offering more groceries in many locations, without requiring cards for discounts. (I believe the same is true of Wal-Mart.)

#54 ::: ddb ::: (view all by) ::: July 28, 2010, 09:58 AM:

David DeLaney@51: Yes!

Boy, that's bad naming; it never occurred to me to look there, because what I was after had nothing to do with what "history" means to me in a browser.

Plus of course a dropdown completely altering the rest of the box is pretty unusual.


#55 ::: Mark ::: (view all by) ::: July 28, 2010, 10:15 AM:

For a while I was willing to put rather more time and energy into preparing for my grocery shopping runs, which included poring over the sales flyers for the four chains within striking distance to see where the best prices were in a given week. I came to realize, though, that for my typical household shopping list, it worked out to within a standard deviation of the same total wherever I went - different items discounted, but the amount all that figuring actually saved me in a given week was minimal.

Then one of the chains opened a string of its own gas stations offering a significant discount with the loyalty card. That pretty much settled the issue. I don't particularly like how much information they're accruing about me, but with the amount of driving I do, it has real value for me.

#56 ::: Mary Aileen ::: (view all by) ::: July 28, 2010, 10:55 AM:

The supermarket I've been using for the last 20+ years, through three changes in ownership, has loyalty/discount cards in its current iteration. They have the option of *not* tracking purchases for later coupons but just giving the immediate point-of-sale discounts. I doubt I would have signed up for the tracking-my-purchases version, although I might eventually have caved. The other local supermarket, where I buy milk and a few odds-and-ends, will just scan their own card when I tell them I "don't have mine on me" (truth: I don't have one there).

I now have two drugstore loyalty cards, but the coupons are usually pretty useless. I decide where to go based on which store is more likely to have what I want to buy, not on the cards.

#57 ::: joann ::: (view all by) ::: July 28, 2010, 11:10 AM:

David #48:

Here in Austin CM seem to have given the coupons up, and it was just coincidence that it seemed to happen shortly before we moved, or else a: my no-longer-so-new new address got lost in the shuffle or b: they don't send coupons to anyone living east of I-35.

#58 ::: Debbie ::: (view all by) ::: July 28, 2010, 01:48 PM:

...At some Turner Network sites, you may also be able to submit information about other people. … Examples of the types of personally identifiable information that may be collected about other people at these pages include: recipient’s name, address, e-mail address, and telephone number....

And as Teresa then remarks,
This is the relatively innocuous early section of the policy. Later on, the range of things that can happen to your data gets much more alarming and expansive.

Holy heck, I find the implications of that one statement quite alarming enough.

#59 ::: twif ::: (view all by) ::: July 28, 2010, 04:11 PM:

this i've why i've always used to get login ids. though, honestly, the comment boards of major news sites (well, minor ones too) are a swamp of insanity. no good can be had from wading in.

#60 ::: Chris Sullins ::: (view all by) ::: July 30, 2010, 10:37 PM:

Just for reference, there's a site called TOSBack, run by the EFF, that serves as a "terms-of-service tracker". Makes it a little easier to notice updates. They also provide a diff so you can see what has changed.

Legal protections, of course, would be nicer.

#61 ::: Rob Hansen ::: (view all by) ::: July 31, 2010, 12:44 PM:

Read this, and then ask yourself if we have any hope at all of preserving privacy:

#62 ::: j h woodyatt ::: (view all by) ::: August 02, 2010, 12:59 PM:

Rob Hansen writes: "Read this..."

I was just about to pass along the same link.

#63 ::: Jo Walton ::: (view all by) ::: August 03, 2010, 03:17 PM:

I was just given a Starbucks card as a gift. In order to find out how much money was on it, and to register it so I could use it, Starbucks wanted to know my name, date of birth, city of birth, address with postcode, and telephone number. They also wanted to sign me up to get stuff from them, and the box was ticked -- I had to untick it.

That's a whole lot of information for a $10 giftcard, and instead of leaving me feeling pleased to have had a gift, it's left me with a bad taste.

#64 ::: Bill Stewart ::: (view all by) ::: August 06, 2010, 02:03 PM:

Jo@63 - I'm surprised; whenever I've gotten Starbucks gift cards, I've just taken them in to the store and bought coffee with them, and they've worked fine. And you can ask the cashier how much money's left on them, and add money by giving them cash if you find that useful.

Smaller type (our default)
Larger type
Even larger type, with serifs

Dire legal notice
Making Light copyright 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 by Patrick & Teresa Nielsen Hayden. All rights reserved.