The article is a nice summary, but I am uncertain about Safe Shepherd's usage of "non-personally identifying information". The fact that my computer's IP or a unique tracking cookie is tracked while I visit a website does not necessarily mean that website knows anything about me. My IP isn't my name. Yes, the police has it. Yes, Facebook and Google have it, too, as do some other websites, but most other only have my email address or no data at all.
Now, of course, some of those websites who happen to know my realname may use the IP or cookie in a network of sites, in which case every member site knows who I am. That is something I would like to see more clearly stated, e.g. a website plugin that would show me:
You are visiting website CNET.com. It probably shares cookie & customer data with Gamespot.com, X.com, Y.com ... since they are all owned by same company, CBS.
That would raise my awareness and make me care a bit more when providing personal data like credit card numbers, name etc.
I don't see a meaningful way of preventing companies from sharing data across websites they own. I'm not even sure it's meaningful to stop companies that don't have same owner from sharing data, provided they explicitly state the names of these business partners. Perhaps law requiring full disclosure of all partners by name and link to their website would make sense?
We did (its transitional right now, both sites work perfectly on the same back-end as we slowly inform our users), thanks for noticing. We're hard at work absorbing all of the privacy policies of the web, good things are happening for privacy. Would love your ideas or feedback, robert@safeshepherd.com
If you want to see a combined privacy rating for both the website and all the advertisers that you're exposed to when you visit a site, PrivacyChoice has a browser plugin that will help you.
One thing that I've noticed is that old-school media tends to have absolutely terrible scores, and they tend to share lots of stuff, and they share it with less privacy-conscious ad networks. I was very surprised that Facebook and Google, companies that are supposedly so predatory that they have the FTC in house to monitor them, stack up better.
Yep, that's something that I definitely found. I think people are scared by Google/FB more because of their size/power than because their privacy policies are below industry par.
I read it something like:
"We do not share ... information ... _except_ as part of [something you've] chosen to participate in."
Maybe they could bend it to say choosing to participate in the site allows them whatever they please?
Even though the word 'specific' is used, how can you use it in a legal sense? (How broadly can you apply the use of the word?)
I hate reading privacy policies for the exact reason of not being able to absolutely discern how they affect me without having to get a lawyer.
It depends how you arrive at it. If you visit coupons.com, the couponsinc.com policy is linked at the bottom of the page, and the exception covers any meaningful use of coupons.com (but not random browsing without typing out any information; then again that may fall into the “non-identifying” part of the policy).
Not really. The problem is that this is a press release without the traditional "experts say" part, which ruins the persuasiveness of the interpretation. So you got left behind.
11 comments
[ 1.8 ms ] story [ 35.9 ms ] threadNow, of course, some of those websites who happen to know my realname may use the IP or cookie in a network of sites, in which case every member site knows who I am. That is something I would like to see more clearly stated, e.g. a website plugin that would show me:
You are visiting website CNET.com. It probably shares cookie & customer data with Gamespot.com, X.com, Y.com ... since they are all owned by same company, CBS.
That would raise my awareness and make me care a bit more when providing personal data like credit card numbers, name etc.
I don't see a meaningful way of preventing companies from sharing data across websites they own. I'm not even sure it's meaningful to stop companies that don't have same owner from sharing data, provided they explicitly state the names of these business partners. Perhaps law requiring full disclosure of all partners by name and link to their website would make sense?
One thing that I've noticed is that old-school media tends to have absolutely terrible scores, and they tend to share lots of stuff, and they share it with less privacy-conscious ad networks. I was very surprised that Facebook and Google, companies that are supposedly so predatory that they have the FTC in house to monitor them, stack up better.
To my reading it means nothing like that. One of us is suffering severe reading comprehension problems. Is it me?
Maybe they could bend it to say choosing to participate in the site allows them whatever they please? Even though the word 'specific' is used, how can you use it in a legal sense? (How broadly can you apply the use of the word?)
I hate reading privacy policies for the exact reason of not being able to absolutely discern how they affect me without having to get a lawyer.
"We do not share personally identifiable information... except as part of a specific program or feature that you have chosen to participate in..."
and the OP's translation:
“We can share whatever you provide us whenever you touch or interact with our site”
To me these are not the same.