Slashdot Mirror

← Back to Stories (view on slashdot.org)

Web Firms Choose Profit Over Privacy

Posted by michael on from the surprise-surprise dept.

An anonymous reader writes "Web Firms Choose Profit Over Privacy details the tactics of retailers and marketers to sell customer data. Examples include promising not to sell consumer data, but then 'renting' the data, and the use of shopping cart software with different privacy policies than the merchant."

2 of 249 comments (clear)

  1. Re:Privacy and such... by Fapestniegd · · Score: 4, Informative

    You might also try username+foo@domain.com sendmail lets you have as many +bar accounts as you want.

    I use +comdex and +networld on the end of my username so I can filter the stuff I have to register for. Not everything supports it (I'm not sure about exchange) so YMMV.

  2. Re:Privacy and such... by Fastolfe · · Score: 5, Informative

    I do exactly the same thing (with the user+mailbox@example.com format) and have found at least two otherwise reputable places selling my address. In both cases, when I confronted them, they strenuously denied ever selling my address to spammers (one going so far as to suggest that I was using the same obviously unique address elsewhere, or that a spammer had hacked into my system and sifted through my data looking for e-mail addresses to spam).

    Clearly they leaked the address somehow. But I have to consider the possibility that one of their employees sold it on the side, or that their systems were compromised. In both cases, I presented these as the only likely scenarios and told them if they weren't going to take measures to prevent it, I would take my business elsewhere.

    In addition to this trick, I have a subdomain set up as a 'trap' for spam, and automatically generate e-mail addresses using keywords, encoded IP addresses and date/time stamps to embed within web pages. Spam harvesters pick them up without a significant risk of someone legitimate trying to use one to contact me. With enough information in the e-mail address, you can go back and see exactly who harvested the address. ISPs frequently don't see these types of complaints, and if you're lucky, the spammer is doing the harvesting on a more persistent Internet account and not his throw-away spam injection account. (This is especially interesting for those Nigerian scams, since your local authorities have the ability to use that information to track the guy sending the e-mails by way of his harvesting.)