3 comments

[ 6.5 ms ] story [ 25.2 ms ] thread
Another approach might be to restrict your use of online services to those provided by public companies. As I understand it, public companies are required to disclose their sources of revenue in their SEC filings.
The unroll.me privacy policy says "We may collect, use, transfer, sell, and disclose non-personal information for any purpose."

People aren't going to read a clearly written privacy policy they have to acknowledge during signup, but they're going to read SEC filings?

This is perfectly legal so public/private companies will both do it and I believe it would be illegal for private companies not to disclose it in their privacy policy anyway.

The upcoming EU privacy rules should stop this kind of behavior. It requires companies to explain exactly how user data will be used and not hide behind a generic EULA statement such as "anonymized data may be used to improve our services".