Slashdot Mirror
FTC Seeks Battle With Toysmart
wrenling writes: "Toysmart promised to never share their customer's data. They lied. They are seeking to sell their customer databases. The FTC voted today to begin a court battle with Toysmart to block them from doing so. CNN has more details in a CNNfn article."
Assuming that the FTC didn't enter into a court battle, couldn't we (the users) enter into a class-action lawsuit against Toysmart? I mean, getting cash cost for damages, etc., above and beyond what they were paid for the database would send out a better message, IMHO. I would think that to be a better deterrent.
"I'm not even supposed to BE here today!"
If you don't want your info given out to other companies don't give it to anyone in the first place. Anytime I submit my info I assume that it's going to be sold to other companies.
It is about time the government did its job. I am not a fan of Disney to begin with (owners of Toysmart) and this make me like them even less. Even if they had no direct influence in this, they certainly knew it was going to happen. Stick it to them FTC!
Free as in speech, free as in beer, or free as in lunch?
I actually read a similar article about this initially at news.com talking about companies doing ths all the time when they go bankrupt. Of all the hardware and everything they have (as much as an internet company CAN have) customer databases sell for the most and oft times get them out of debt the most. It's good to see a government organization standing up for the people for once.
For the attentive (like me) check news.com from Saturday, I believe, and see which OTHER companies are currently auctioning off customer databases. You may have done business with them at some point.
Excercise your rights or loose them.
"Fighting the underpants gnomes since 1998!" "Bruce Schneier knows the state of schroedinger's cat"
Just how binding was Toysmart's promise? Was it a "Above subject to change without notice" or was there an explicit contract between user and Toysmart?
In the former case I doubt that anything will happen, but it will be very exciting if somebody goes down because of this.
--
Eric is chisled like a Greek Godess
marotti.com
I think it should be perfectly possible, legal, and reasonable to sell the personal data -- provided that it stays with the web site. In other words, anyone taking that personal data must use it in conjunction with the URL "toysmart.com" and whatever website they put up in its place.
Don't moderate this as "off topic" just yet - allow me to get around to my point.
I am a libertarian - so don't accuse me of libertarian bashing, because that's not what this is about. And when I say "libertarian," think "political party", not "crypto-anarchist". Do that for the sake of this article, whatever you really believe.
There, now that is out of the way.
So, as a libertarian, I have a problem here.. An inner conflict, if you will. One one hand, I believe (like a good libertarian should) that there should be less government. That the government should keep its hands out of just about everything. But on the otherhand, without the government, toysmart can violate my rights. Microsoft can crush my company. And I cannot stop them.
Of course, we can talk about standing up for your beliefs, and organizing this and that, etc. etc., but right now, toysmart is all set to disclose private information trusted to them - after they said they wouldn't.. and it looks like the FTC is the only thing with enough force to stop them.
So, knowing there are a lot more involved libertarians out there, what is the answer in cases like these - where the government stands between us and toysmart, or microsoft...
What is a libertarian supposed to think about it?
wish
---
The heart of the issue here is whether or not the company promising its customers that such information will remain private is a binding and legal contract.
While IANAL, I do know that in Massachusetts there are provisions to make even oral contracts binding. Oral contracts can be difficult to prove, but can be used as a legal agreement. This is a Massachusetts based company, but it is unclear whether this type of behavior would be handled under state law. If so toysmart's efforts have a really good chance of failing. Otherwise, I can give no opinion.
While there is a question of law at hand, I am more concerned with the question of corporate ethics in web-land, especially when it comes to consumer privacy. When someone gives information to a site and specifically request that the information be kept secret, there is a good faith agreement that in exchange for the business they conduct, their wishes will be adhered to. In this case, there is no more business to be conducted. What happens to good faith when a web company goes belly-up? This could set a veeeery interesting precedent.
This is definately a case of a company breaking an agreement, which warrents civil action at the least, and possibly criminal liability.
IANAL, IAAl (I am not a lawyer, I am a libertarian).
Information wants to be anthropomorphized.
This is the way to stem and break the trade in customer data.
Enforcing contract law is a vital role of the government. Without it, there's no recourse when one doesn't get what one pays for (in this case, I consider Toysmart's privacy policy to be a part of the terms of sale).
-Isaac
I am not a lawyer, and this is not legal advice. For Entertainment Purposes Only.
Let's see...
The Federal Trade Commission has a cadre of crack investigators backed up by masses of professional bureaucrats.
Toysmart has warehouses full of Sooper Soakers and a legion of G.I. Joes with Kung Fu Grip[tm].
My money's on Toysmart.
k.
--
"In spite of everything, I still believe that people
are really good at heart." - Anne Frank
"In spite of everything, I still believe that people are really good at heart." - Anne Frank
So you tought that coming here and buying our crap merchandise ONCE, a miserable one time in your life was enough?
Look at what you acomplished, you moron! We are out of business now, thanks to you! Why haven't you come back? Why haven't you told your wife, your husband, your neighbours, your friends to come and buy from us? Why?
Know what, we will get even with you. Yes, just wait and see. We have you by the hand. We know where you live, we know your credicard number, we know your phone number.
We will go out and sell all this to highest bidder. No, I have a better idea yet. We will sell it to MEANEST bidder.
Your phone number will go to the worst direct marketeers in the country! Your address, to every church in your area. Your children's names will go directly to alt.sex.pedophilia.children.offer.themselves. Your wife's name we have already sent to a scort's online site. And your boss will be hearing about that sex toys you bought.
You made us suffer. Now taste our revenge. Next time you will thinking twice before failing to help an honest and good online store to trive.
The article didn't make it very clear as to whether they want to sell the database of customer info, or if the database will change hands along with the rest of the company.
;).
The former seems to be a bad idea; as stated previously, even if the FTC didn't step up to the plate, they'd be facing a pretty lengthy civil fight (probably class action) against everybody who registered with them.
The latter seems much more reasonable, and is what appears to be actually happening. This is certainly acceptable, I'd think. A corporation is an entity unto itself, and would retain ownership of the database regardless of who was pulling the strings behind the scene.
But, if the latter is really going on, why was it reported in such a provocative way (i.e., "This company is going to sell your information even though it promised not to!") instead of a more direct manner ("This company is going to change hands."). Seems like rabble rousing to me.
But, what do I know?
-- if(game-theory) moderate++;
You know what scares me the most? The fact that even if they somehow stayed afloat, most of the people out there would still buy from them. Its a sad fact that there are millions of morons out there that just don't know, or care what people are doing with their private information.
All the people who use major online companies for internet access are pretty used to spam from thier provider selling thier email address. They seem to accept this as normal and something that they deal with and think nothing of it. Look at all the "click to win" type sites. Where is all the money comming from to pay the winners? Why by the selling of the full info that you have to provide them to participate.
I find it depressing that the internet has formed a new form of revenue in the selling of personall information to be abused by marketing people. Telemarketers, spamers, ect. And the very sad thing is this is being done by the companies you are purchasing items from. It isn't enough you are buying from them, they also sell your info to make even more money.
Just thinking about all the uncarring people who will continue to use any company regardless of thier actions makes me sick.
Hint: If you are logged on to AOL and reading this you might fall into the catagory I mentiond
If ignorance is bliss, the world is full of blissful people
There is a parallel, in my view, between this and "click-through" and "shrinkwrap" licensing schemes.
From a common sense standpoint, the FTC has to win this battle. If they don't, this would not only make privacy policies essentially unenforceable, but other types of non-signature contracts as well.
If a company is able to arbitrarily go against their posted privacy policy, then consumers should be able to do the same in reverse for any other similar type of contract. IE, I should be able to click on one of Microsoft's "I Agree" buttons on one of their click-through licenses, and then feel free to go against it at a whim. They are both equally valid contracts, requiring exactly the same effort to "agree" to them (clicking on a little button on a webpage), and both employing the same tactic for proof of identity (they take your word for it).
It would be in any software company's best interests to fight on the FTC's side on this one.
>about it?
You aren't *supposed* to think anything about it.
Go ahead... think any damn thing you please. No one'll burn you at the stake. Form an opinion for yourself, and don't wait for the libertarian gurus to form one for you. Just because you belong to a particular political party/religion/group does NOT mean you MUST adjust your entire thought processes to fit it's doctrine.
OTOH, some of those same entities *DO* beleive that everyone MUST think alike. And will go to great lengths to silence/excommunicate their critics. Which is why I will never support groups like the republican or democrat parties, the christian church, peta, cult of scientology, micro$oft, etc.
But, the last I checked, there was nothing in the libertarian philosophy that said you MUST accept, beleive in, and think in line with, EVERY aspect of the philosophy.
john
Resistance is NOT futile!!!
Haiku:
I am not a drone.
Remove the collective if
Imagine all the people...
National Public radio news had a long story on this on Friday.
One of the possibilities identified is that a judge might allow the sale of the very valuable data (this sort of thing goes for 15 bucks a name,) to a company that agrees to uphold the same garauntee.
The issues are complicated here, as the shareholders want some return of their investment, and this is one of the most valuable assets the company has.
Our promise
At toysmart.com, we take great pride in our relationships with our customers and pledge to maintain your privacy while visiting our site. Personal information voluntarily submitted by visitors to our site, such as name, address, billing information and shopping preferences, is never shared with a third party. All information obtained by toysmart.com is used only to personalize your experience online. This information is received via the following areas of our site: My toysmart and the Gift Center. When you place additional orders, our site will update your order history, which you can view in My toysmart. If you sign up for the gift registry, information you submit will be added to your personal profile. Other than these two instances, the information that you provide us is not supplemented in any way.
Right Now, our government is doing things you think only other governments do.
It's not that they'll sell the data to such a company. It's that they'll sell all of Toysmart to such a company, thereby sweeping the customer data issue under the rug. Selling the data by themselves would be rather senseless if the receiving company isn't allowed to make use of them.
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
Somehow this reminds me of Xoom-we-will-never-put-ads-on-your-homepage-dot-co m, and their "They aren't ON your homepage, they are on top of it" policy.
Toysmart may have pledged to never sell your personal details but toysmarts creditors probably aren't bound by the agreement that you had with the website.
Unlike xoom.com, toysmart have little to loose. If they sell your details then the creditors will be happier and if they dont then it's no big deal really.
It's a pretty sad situation
... For the simple reason that Toysmart is in bankruptcy proceedings, and therefore anything that they do must be approved by a judge and given the imprimatur of the state. It's one thing for a company to reneg on an agreement. It's another thing for a judge to be holding the pooperscooper when it does.
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
Friday NPR's All Things Considered show ran a story about the Toysmart mailing list debacle. You can find it here or for the bandwidth challenged here.
The net will not be what we demand, but what we make it. Build it well.
As an example, I'm pretty sure that Amazon.com knows the following about me:
- My name, billing address, and shipping address(es) I've used. That's pretty obvious.
- My E-mail address.
- My credit card number. Obviously, I want to protect this. However, even though Amazon knows my credit card number, I'm reasonably sure they're not going to submit bogus charges against it. If that ever happened, I'd call my credit card company.
- My ordering history. Yeah, this is personal, but it's not like they can use this against me. Of course, if I ordered Slashdot Trolling for Dummies, I might think differently. (Besides, their history doesn't reflect the fact that I bought some books as gifts, so they seem to think I'm interested in the book Measured Drawings of Eighteenth-Century American Furniture.)
- They could have a list of books and other items I browsed, but never ordered. That doesn't necessarily reflect my interests, though, as I'm reasonably sure I won't be ordering Harry Potter and the Chamber of Secrets.
So, does Amazon.com know anything about me that I haven't told them? Or any other online retailer, for that matter? I can see that they could use my ordering history to get an idea of what my interests are, but that doesn't mean that they'll sucker me into buying every single book about Linux.If Amazon, or any other online retailer I've done business with, ever goes bankrupt and resells my customer information, I'm not entirely sure what the threat is. Sure, it's personal information and I'd really rather not have it resold, but I'd like to at least know how much of a threat this is.
There would have to be a way to link the answers to people if it is going to sell. But a free software organization could collect such information from people willing to volunteer it and sell it, using the proceeds to fund projects. And a summary of the data could be a powerful argument for the size of the free software community whether or not it is sold.
The net will not be what we demand, but what we make it. Build it well.
The information is beaing treated as an asset with value. Toysmart's violation of their promise could be interpreted a theft of that value. (i.e. Now I can't sell my info to the marketer, because Toysmart already sold the pirated info.) Therefore, the damages are at least as high as the sale price of the information.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
There is no conflict. Most libertarians approve of using government to oppose force and fraud. This Toysmart thingie is a form of fraud.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Do NOT give a company any more than it needs to know to sell you a product. In the case of in internet based company, they need a name, credit card number (and expiration date), and address. That is IT. If they insist on getting more information, do business with a less intrusive company.
I'm not sure where this trend started, but this business of a company not only taking your money for a product/service, but also demanding personal information for marketing purposes is outragous. If a book from Amazon costs $30.00, that is all they are getting for it, I refuse pay them more by giving them valuable marketing info that they in turn can use as currency with another company.
So don't fill in false info or get around the "Bold means required" fields of an order form, simple take your business elsewhere, and make sure to inform them why you are taking your business elsewhere. If enough people refuse to hand over personal info, they will take a hint. Unfortunatly, people have been trained by these companies to fill out surveys every time they buy something.
Finkployd
The choices are simple - wipe the data, or pay the penalty.
I just posted the following to the Toysmart Feedback Page. Feel free to copy/paste my message - let the departing officers of this failed business know that they will not get off the hook so easily. So, you think you can quietly sell of my private information just because your incompetence lead to your failure? I will not give any private information to any web sites or businesses with known associations to the following privacy policy violators, at anytime in the future: David N. Lord Mark S. Reese John Puckett Roy Liu Sincerely, A Former Customer CC: slashdot.org
-- "In order to have power, I must be taken seriously." -Mojo Jojo
Sure the users could enter into a class-action lawsuit against ToysMart, but think about what happpens if you win: you become another creditor of a bankrupt company, and your info has still gotten away. What's that bought you? And where are you going to find a contingency-fee attorney to take on the battle for what will probably amount to no money? Perhaps a lawyer can comment, but as far as I know, class-action suits are only for monetary damages, and there are none to be had here. I think what you really want is injunctive relief based on breach of contract (part of the terms they're in breach of were that they would never release your personal info). I'd think a temporary restraining order would be relatively easy to get. Then the battle becomes the attempt to get a permanent injunction, which probably won't be cheap if they (in the form of their bankruptcy trustee and creditors) decide to fight it.
(emphasis mine)
--
I'm glad we can't vote for the head of the FTC. Means Disney can't donate to his election campaign.
The problem with the FTC's plan is that this is a bankruptcy proceding. The very act of entering bankruptcy releases an entity from all contracts between it and other entities. For instance, it releases the entity from the requirements between it and any employees it might have, and between it and any lien-holders it might have. Damaged individuals may be able to recoup some of their losses through the bankruptcy court when the entity's assets are liquidated, but that's all.
I don't like this, but I rather suspect that the FTC is about to lose. Why should the contract between Toysmart and those customers who gave away information be any more binding than that between Toysmart and those customers who ordered merchandise which they will now never recceive?