Slashdot Mirror
Can Blockbuster be Sued Over Facebook/Beacon?
An anonymous reader writes "A professor at the New York Law School is arguing that Blockbuster violated the Video Privacy Protection Act of 1988 when movie choices that Facebook members made on its Web site were made available to other members of the social network via Beacon. The law basically prohibits video rental outfits from disclosing rental choice of their customers to anyone else without specific written consent. Facebook's legal liability in all of this is unclear; with Blockbuster it's a straightforward case of not complying with the VPPA, the law professor says."
Doubt it. If anything, I would guess this will be the case where they decide the term "Specific Written Consent" is synonymous with any EULA or application of your signature to a document.
Yes, the users did give permission to Blockbuster to broadcast their rentals. So this is really an issue between "written consent" that the summary says and electronic consent without a hand-written signature. I would guess there's tons of precedent one way or the other, though I wouldn't know which way this would lean.
Reviewing just the first hour of video games.
What exactly has changed since 1988 that should make this law different?
If the law says that this information must be kept private, the internet and computers don't make it any less private.
Rather, the newfound popularity of the internet and computers should make privacy even more important, because once information is released, it spreads far more quickly and easily.
No, this is about Beacon, the Facebook feature that allowed participating websites to publish stories on your Facebook account about the dealings you had had with them - e.g. items you've bought, or in this case, films you've rented.
Beacon was particularly controversial because it was not only opt-out, you couldn't opt-out of it altogether, you could only opt-out on a per-participating company basis *after* that company had already published a story. Facebook has since made changes due to the backlash the original version caused.
This isn't a case of users making information available and someone else using it, this is the Blockbuster website making available information about its users who also use Facebook, apparently in direct contravention of this legislation.
It's official. Most of you are morons.
You can't spend much time on facebook without some third party application asking for personal information. More than that the "viral" content is vicious, asking to check your various mail accounts to send requests for more people to join. This is just friendster with a new twist, but the twist is dangerous. You have no idea who you are giving up your information to. Want Big Brother? Think about how facebook looks to the CIA or NSA and now you entire social network was mapped. Not by them, but by you.
No, I quit facebook. Deleted as much as I could before I left, but I know they still have it.
Facebook is dangerous. Period. Go ahead and be a pirate/ninja warrior... but take a look at who wrote that ap. They get your infomation.
The issue is that facebook opts int by default, doesn't fucking tell you, then makes it's it unclear on how you disable the "feature"
You mad
The only reason the VPPA exists is because the video records of Supreme Court nominee Robert Bork were leaked. To this day, the act of invading the privacy of a politician for political advantage is called "borking".
Bork's video rentals were unremarkable, so there were no skeletons in Bork's closet. But from that day on, every Senator and Congressman knew that their video rental histories were also subject to exposure to news agencies, and Washington acted to protect itself. If you've got something to hide, you've got plenty to fear, and Washington was evidently so terrified that they made the VPPA apply to regular citizens, not just politicians.
The only way we're going to get a pro-privacy law out of the government is for some enterprising hacker to leak the clickstream of everyone in the government about 20 years from now. Today, that won't work -- because 99% of government officials don't even use the "series of tubes", let alone depend on it for their gay hookers and pr0n. 20 years from now, that will have changed, and a similar Bork-style scandal will erupt. Just imagine the kinds of privacy laws we'd have if someone like Sen. Larry "I'm Not Gay" Craig (R-estroom) had been bound for higher office, NSA leaked their logs of his Intertube traffic.
We know when you've been sleeping,
We know when you're awake,
We know if you've been bad or good,
So be good for goodness' sake!
Oh, you better not surf!
And zip up your fly!
Stop tappin' your toes and trollin' for guys,
Election season's comin' to town!
I wrote BBOnline about this, and this was the reply they gave me:
Thanks for contacting Blockbuster Online Customer Care.
I'm very sorry for any inconvenience this may have caused. When you log in to your BLOCKBUSTER Online account, the site uses "cookies" to determine if you have ever visited Facebook.com. (Cookies: a collection of information, usually including a username and the current date and time, stored on the local computer of a person using the Internet. It is used by websites to identify users who have previously registered or visited the site.)
If cookies detect that you have a Facebook account, regardless of whether or not you have installed the Movie Clique(TM) application, then activities on blockbuster.com such as rating movies or adding movies to your Queue will be sent as notifications to your mini-feed and friends' profiles. You will see a "toast" for each action resulting in a notification. If you want to permanently disable the Facebook integration on blockbuster.com, you can easily change these settings on Facebook by clicking on Privacy Settings for External Websites. Under "Allow these websites to send stories to my profile" for Blockbuster, click "Never" and Save.
You may see a pop-up on blockbuster.com which introduces Movie Clique(TM) encourages you to link your BLOCKBUSTER Online® account to your Facebook profile. If you don't want to see the screen pop anymore, click the "Do Not Show This Again" box and click Save. I hope this information helps, feel free to contact me anytime.
So basically, they snag your facebook cookie, then they add your rental info on your account without asking permission, forcing itself on your account, and announcing away. It's up to you to then uninstall that shit.
BBOnline: See you in court!
I can see my friends' rental histories on Netflix, and I'm sure they can see mine. I probably checked a box somewhere, but I don't think I consented to this sort of thing "in writing."
Third-party applications run on third-party servers. They have access to most of your profile information, but aren't allowed to save all but the most basic pieces (user id, network id, etc.) because of the Terms of Service. They aren't supposed to store your friends, even. However, any info that you enter in the app is fair game. For example, if you enter the books you've read in this app, they can store that information.
The question is, do you trust these 3rd party apps to not store your personal info from your profile?
For reference, halfway down this page is a decent list of profile information available to developers.
.. except there is mountains of case law that says otherwise: that EULAs are, in essence, only marginally enforceable.
This being in some hidden Facebook EULA, or on some 'policy page' for Blockbuster does not mean "the user notifies us in writing". That has specific legal meaning: if they don't have a SIGNED PIECE OF PAPER with the words "I allow you do release my video rental records", they don't have notification in writing of permission.
All this is irrelevant, anyway: the worst that's likely to happen here is some states' attorney general will file a lawsuit, get it certified as "class action", and Blockbuster will settle out-of-court and pay some piddly fine + attorney's fees and send everybody who asks a $5 for free rentals. Big deal.
I don't have a problem with Company X choosing not to produce Movie Y because they don't see commercial potential. Studios have to make those decisions all the time (and bad business decisions are inevitable). After all, they have to put up a lot of resources to get a movie made. But if Movie Y does get made, and Company Z, that is in the mainstream movie rental business, refuses to make that movie available to its customers, only to appease some rabid bunch of loonies, then I have a problem with Company Z. I can also understand it if Movie Y is in some niche market that Company Z doesn't play in. It's the caving in to special interest threats like these that I don't like (this holds, whether or not I had any interest in seeing Movie Y).
But, I wanted socialized health insurance!
Beacon also uses Adobe Flash "stored data" space to write cookie style information, that can be read and written to by any site with a flash bug.
This was the buzz all this week at a conference on how to make money from internet tracking. Adobe controls the settings on how much information can be written to your local hard drive, and they sell the ability to anyone willing to pay. There is a global setting that users can turn to "off", but Adobe ignores it if they are given enough money. Since Flash tends to be installed system-wide and on all browsers on a machine, it doesn't matter if you clear out browser cookies or try blocking tracking sites. If a partner site sticks a 1x1 pixel flash bug on their site, it has the ability to read tracking info from any other site, and to write back additional information.
Beacon is clever because it creates a large enough "cookie" that many sites can write into the cookie without changing the size taken on disk. Beacon also defines exactly how to parse the information, and how to write new info without changing the total cookie size.
Of course, I was just watching a canned demo of this, so the company claiming to be behind Beacon could be making it all up, but the sales pitch was pretty convincing. I haven't the time or inclination to verify this, as I don't ever look at face book, and generally don't allow flash on my machines (which leaves the web looking very poorly these days)
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
You have a 5 second window to "cancel" the sending of the info, but it's worded in a way that you're forced to think about allow or deny... then it chooses on its own and sends. And... you don't get asked to confirm the post. The post happens whether you want it or not, then you are forced to remove it if you don't want it. Beacon==bad UI from a human user standpoint
No he isn't.
From Wikipedia...
During debate over his nomination, Bork's video rental history was leaked to the press, which led to the enactment of the 1988 Video Privacy Protection Act. His video rental history was unremarkable, and included such harmless titles as A Day at the Races, Ruthless People and The Man Who Knew Too Much. The list of rentals was originally printed by Washington D.C.'s City Paper.[5]