A Legal Change in Privacy
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: A Legal Change in Privacy

  1. #1

    Exclamation A Legal Change in Privacy

    This one just killed me:

    SecurityFocus Article

    So website privacy policies now mean nothing -- simply because "no one reads them"? What kind of logic is that?! What's the point in even having them anymore, and now what are we going to do to ensure the privacy of our information?

    We have yet to see where this goes from here of course, but I wonder what effect this will have on the security community as it develops.

  2. #2
    Junior Member
    Join Date
    Jan 2003
    Posts
    28
    That is what I call a non thinking way to do things. If people don't read the policies then that's their own fault. I guess that goes back to how lazy society is becomming. I wonder when this madness will end? Can we just slap stupid signs on their heads for this kinda non logical thinking????? Then again like you said, "We have yet to see where this goes from here of course, but I wonder what effect this will have on the security community as it develops."

  3. #3
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    Some companies are taken actions against this behavior such as:

    - to release acess to certain tools, the user must do an online exam. If he/she doesnt get enough points on it, the software that he/she need just dont get installed/available. And some questions are about "policies.... Use to work (if IT has enough power to implemen it)
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  4. #4
    Now that's a good idea.

    But the problem here is that this case threatens to make policies meaningless. The ruling, in part, was that the airline's so-called privacy policy could not be held against them because no one read it (which in itself is a presumption). The policy should stand and be enforceable whether it's read or not, else there's no point it being there.

    The scary thing is that this means, if things continue going this direction legally (and this case could be used as a precedent), a website could have a posted privacy policy, but completely contradict it. In other words, say they won't share your info, then turn around and share it. And according to this court, what could you do about such a breach of contract? Absolutely nothing! Spammers rejoice!

  5. #5
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,528
    My favourite bit:
    So, if the sharing is "authorized," it's ok, and if it's "unauthorized" it's also ok. You gotta love these lawyers.
    I'm hoping that this all 'goes away', however, what happens on the American side of the 'pond' generally makes it over to the UK in time, and when it does..........................
    55 - I'm fiftyfeckinfive and STILL no wiser,
    OLDER yes
    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  6. #6
    Senior Member
    Join Date
    Jul 2001
    Posts
    420
    Originally posted here by AngelicKnight
    Now that's a good idea.

    But the problem here is that this case threatens to make policies meaningless. The ruling, in part, was that the airline's so-called privacy policy could not be held against them because no one read it (which in itself is a presumption). The policy should stand and be enforceable whether it's read or not, else there's no point it being there.

    It seems that only the federal govn't can prosecute for violations of the policy.

    First, the court held that when the U.S. Congress deregulated the airline industry, it didn't want the states to tell the airlines what to do, and prohibited states from passing laws related to the "service of an air carrier." Thus, if an airline commits fraud, deception, larceny, theft, invasion of privacy, or any other civil or criminal wrong, the state can't prosecute the airline under ordinary consumer protection or theft laws (or torts) that would apply to other entities. The airlines as an industry are free to deceive without fear of accountability under state law.
    It seems that if its not in state court and its a Federal Enitity it can go forward. Still its a poorly thought out ruling and the feds are very slow to act on charges of this type.

    Cheers,
    -D
    If you spend more on coffee than on IT security, you will be hacked. What\'s more, you deserve to be hacked.
    -- former White House cybersecurity adviser Richard Clarke

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    using the same logic EULAS are also null and void because nobody reads those either. this could be a good thing if it were used to nail scumware mfgs. their always saying "it was clearly listed in the elua that we'd also install adware, track all you movements and nail your wife"

    Borland says in their eula that they can at anytime come into your company and do a license check. of course that only holds if you buy it, if you steal it it dosn't apply.

    so if its something nobody reads then its something that doesn't apply, like fbi warnings on cd's and dmca warnings
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  8. #8
    Kwiep
    Join Date
    Aug 2001
    Posts
    924
    let's just all read nothing and do anything we want
    Double Dutch

  9. #9
    Hoopy Frood
    Join Date
    Jun 2004
    Posts
    662
    If I understand this correctly, a website's Privacy Policy can say that they won't sell your e-mail address and then they can go ahead and do it ... just because most people don't read the Privacy Policy?!?! Well, as it was stated above, couldn't this work the same with Eulas? I mean, you didn't read it (and most people don't), thus you aren't legally bound by it... Well, now (taking this to the extreme) you can now redistribute their software for free, install it on multiple computers, modify it, disassemble it and lots of other stuff. I really hope I'm wrong...

    Regards,
    Xierox
    "Personality is only ripe when a man has made the truth his own."

    -- Søren Kierkegaard

  10. #10
    Senior Member
    Join Date
    Oct 2001
    Posts
    786
    I think it also means that once you submit it, they own your information, and can sell it anyways, and that the privacy policy doesn't happen to stick in the first place. I don't know about the software/EULA scenario you posted though... IANAL

    I acturally think that is what Internet.com's policy is, BTW. Which was the main reason I didn't post my Admin of Doom play up on AntiOnline (linked instead). And it would explain why you can't submit information you don't own -- because then they didn't get the required "permission" from the copyright holder to own it and use it in any way they want...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •