21 comments

[ 6.3 ms ] story [ 60.1 ms ] thread
Court rules that the case may proceed. It is not making a judgement whether they actually violated the rules.
That's what the headline says?
The headline is written in a presumptuous way that makes it look like the court has already decided on it, which is not what the have done yet.
It's funny, because on the one hand we have privacy advocates demanding simpler and plain language TOS's that aren't so draconian. On the other hand, if you don't have a draconian TOS's, you're going to get sued by a privacy advocate.
According to the article, the law in question explicitly says a TOS is not sufficient to grant permission.

Which is really the whole point. There's no room to negotiate the language of TOS, so it naturally is written to only benefit Facebook or Shutterfly.

Or better, how about simple and honest business models? "Shutterfly is a photo printer, so they make money by charging people to print photos." No biometric database is needed.
But that is a low-margin business.

So I have tons of images associated with accounts. So, why can't I do a 'google' and image mine too? Aaaand, I can sell the results to whatever data company?

Suddenly, higher margins and fulfills corporate charter.

A business making high margins is always suspicious – because they need to get the money from /somewhere/, and if you’re a customer, then the company will only get those margins by charging you more than it is worth.

(By the way, too high margins are even illegal in some countries)

That's the special part of this: People who buy prints that they upload are a customer and a product.

Companies that buy the aggregate big data package of all individual customers are also customers.

A simple EULA boilerplate "we can do whatever we want with your images" is usually enough to disclaim liability or privacy... Because you chose to upload them out of your control.

I didn't say it was ethical.

They already acquired a company that does that and makes them into photo albums: Groovebook http://www.forbes.com/sites/amitchowdhry/2014/11/18/shutterf...

Know that you're just giving an example. Points about simple and honest business model comment. Maybe this is considered simple now in terms of the Valley. The honest part, almost no one reads the TOS/EULA.

Your comment seems to be missing the forest for the trees.

Privacy advocates aren't looking to let companies invade everyone's privacy as long as they do it right, the advocates want to stop it in the first place.

Have you considered that a company could use unintrusive technology, operate on private data only to the extent fundamental to delivering the product the customer has purchased and removing the surveillance clauses from their contracts of adhesion? I suspect privacy advocates might possibly leave them alone if they did that.

Another option is to simply behave.
> In his ruling, U.S. District Court Judge Charles R. Norgle rejected Shutterfly's argument that only in-person scans of people's faces are covered under the statute.

That can't be the law, right? Because "scan your face" vs "take a photo and scan that" are identical.

http://www.ilga.gov/legislation/ilcs/ilcs3.asp?ActID=3004&Ch...

> "Biometric information" means any information, regardless of how it is captured, converted, stored, or shared, based on an individual's biometric identifier used to identify an individual.

Did shutterfly misread this...

> Biometric identifiers do not include writing samples, written signatures, photographs, human biological samples used for valid scientific testing or screening,

as this...?

> Biometric identifiers do not include [...] photographs.

Well there is usually some certainty associated with biometrics and I'm not sure a single photograph would provide enough certainty. For example iPhoto's facial recognition is constantly confusing my face with my moms (and I have a beard!)
I'd guess they were surprised by the law and now their lawyers are trying to come up with a defense.
Legal or not, this is plain creepy. For those who don't use Shutterfly or Facebook, knowing our faces, found on random backgrounds of photos, are being scanned and analyzed without even our implicit consent (by not having these services at all) is simply mind-blowing.

I don't know how these companies can make this consensual or not. If they scan a face that opted out, then that information of "not opting in" is stored somewhere, so even to opt out, you have to be implicitly opted in once.

I think the issue is that these companies actually believe people don't want or value any sliver of privacy. I really don't understand how this is different than government dragnets.

(comment deleted)
TR : Terör Örgütü Destekçileri Açık Hedefimizdir. ENG : Supporters of the terrorist organization open our destination.

TR : 300 web Sitesi Hacklenmiştir. ENG : 300 Web site was hacked.

Link : http://pastebin.com/ya4azQeV

Turkish Hacker Th3Sehzade

TR : Terör Örgütü Destekçileri Açık Hedefimizdir. ENG : Supporters of the terrorist organization open our destination.

TR : 300 web Sitesi Hacklenmiştir. ENG : 300 Web site was hacked.

Link : http://pastebin.com/ya4azQeV

Turkish Hacker Th3Sehzade

TR : Terör Örgütü Destekçileri Açık Hedefimizdir. ENG : Supporters of the terrorist organization open our destination.

TR : 300 web Sitesi Hacklenmiştir. ENG : 300 Web site was hacked.

Link : http://pastebin.com/ya4azQeV

Turkish Hacker Th3Sehzade