Slashdot Mirror

← Back to Stories (view on slashdot.org)

What to Do When Company Breaks Privacy Agreement?

Posted by Cliff on from the as-the-consumer-suffers dept.

Mustang Matt asks: "Earlier this month, I caught ALXNet redhanded in breaking their own agreement in their privacy disclaimer. I've started generating unique email addresses for use in signups that are formed like [domain]@mydomain.com. [ C :"mydomain.com" is just used as an example, here] I just received spam to alxnet@mydomain.com, and here's the kicker: what I received was not even from ALXNet! It was filled with forged headers regarding an online trading newsletter, and this address has never been used anywhere else other than their signup. How can I hold them accountable? All I've done so far is asked Yahoo to close the account they are using." What, if anything, can be done about companies that pay lip service to their privacy agreements? For those SPAM busters out there, an example of the SPAM's headers is included, below. SPAM with full headers: 
Return-Path: directaccessus@yahoo.com

Received: from yourwebsite.com (66-108-136-65.nyc.rr.com [66.108.136.65])
by linux.thoughtprocess.net (8.11.0/8.11.2/SuSE Linux 8.11.1-0.5) with SMTP id fB7M8Dv07978
for alxnet@mydomain.com; Fri, 7 Dec 2001 16:08:13 -0600
Message-Id: 200112072208.fB7M8Dv07978@linux.thoughtprocess.net
X-Authentication-Warning: linux.thoughtprocess.net: Host 66-108-136-65.nyc.rr.com [66.108.136.65] claimed to be yourwebsite.com
Reply-To: directaccessus@yahoo.com
From: directaccessus@yahoo.com
To: alxnet@mydomain.com
Subject: Trading Newsletter
Sender: directaccessus@yahoo.com
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Date: Fri, 7 Dec 2001 17:12:38 -0500
X-UIDL: 6cadc61cbcf01cac2a66f167c5416863

3 of 43 comments (clear)

  1. Use the power of the free market by an_mo · · Score: 5, Interesting

    I am afraid most of those privacy statement in the U.S. are unilateral, and can be revoked by anytime by the company that offers them to the customers. Read the fine print: I bet you'll find they stated that they could change their privacy policy anytime; you can argue they did it without notice but if they posted it on some page on their web site they can argue they gave it enough publicity (sure you don't want an email from them anytime they change two words of legalese contracts :-) )

    Then your only weapon is to let them know you're pissed and to change company. A little sad, but hopefully if enough people care about this then you'll find a company willing to maintain its reputation.

    The situation in some other countries is a little different; in some european countries you have to sign in advance a statement that says you are aware of the privacy policies. Most of the times you have to sign a statement saying you are aware you have no privacy. In the end the outcome is no better and sometimes worse than the american market solution to privacy.

  2. what no lameness filter on the story!! by DrSkwid · · Score: 5, Interesting

    i'm having to scroll left and right to read the comments, sheesh, don't the editors have a preview (not that it helps me !)

    --
    There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
  3. Upstream ISP by leastsquares · · Score: 2, Interesting

    I also use unique email addresses for web sign-ups. And, occasionally get spam sent to those addresses.

    I forward the spam to all of the upstream servers in the form abuse@upstream.com, root@upstream.com, postmaster@upstream.com.

    Nearly always, I get no response, except in one case I received an email stating that the company had been warned that if this happens ever again, their hosting contract will be cancelled. I thing this is enough justification to continue this procedure.