Sears Installs Spyware

← Back to Stories (view on slashdot.org)

Posted by kdawson on Thursday January 3, 2008 @04:35AM from the naughty-naughty dept.

Gandalf_the_Beardy writes in with news that's been around a while but is getting more attention lately. Last month Benjamin Googins, a security researcher at CA, determined that Sears Holding Corp. installed ComScore spyware without adequate disclosure. Sears said, yes we tell people about tracking their browsing. On Jan. 1 spyware researcher Ben Edelman weighed in, noting that Sears' notice occurs on page 10 of a 54-page privacy statement, and twits Sears because its installation identifies the software as "VoiceFive" and later claims it's coming from a company called "TMRG, Inc." even though a packet sniffer confirms the software belongs to ComScore, adding "These confusing name-changes fit the trend among spyware vendors."

16 of 201 comments (clear)

Sears is evil. by TheDarkener · 2008-01-03 04:42 · Score: 5, Informative

My dad worked for Sears as an appliance repair tech for 25+ years. The stories he's told me about their tracking their employees, their customer "service" practices, sales approaches, etc... is just plain wrong. He was constantly intimidated by "the boss" to perform better or he would be fired (even though he was the top performing tech in the area). It was nothing but stress for him and I wish he had never worked for them.

Now he works for a small appliance/TV repair shop, and he absolutely loves it. Just another reason to flip the bird to big corporations - they don't care about people, they care about money. The spyware installation on their own customers' computer systems is just one small example.

--
It is pitch black. You are likely to be eaten by a grue.
1. Re:Sears is evil. by pilgrim23 · 2008-01-03 04:49 · Score: 4, Informative
  
  I also worked a time for Sears. I can confirm the above. Their motivational technique was equal part bombast and intimidation. Not a fun company to work and play with.
  
  --
  - Minutus cantorum, minutus balorum, minutus carborata descendum pantorum.
2. Re:Sears is evil. by oahazmatt · 2008-01-03 05:17 · Score: 4, Interesting
  
  I worked for Sears for six days. I was in the electronics department, and didn't have a number so I couldn't ring up any sales myself.
  
  Anyway, someone asked the manager for Sunday off, the manager said "sure, find someone to switch with you." The employee did one better and just switched his name on the board with someone else, without asking anyone.
  
  So the person who has been switched realizes their now working six days in a row without being consulted, go to the manager, and the manager says "well so-and-so isn't working, so you need to find someone to cover." Somewhere I hear about this and mutter "isn't this the manager's job" and everyone just looks at me like I'm an idiot.
  
  This snowballs. I show up, a trainee, during a heavily promoted sale, as the only "associate" (Can't I be a freakin' employee) working the electronics floor for four hours. I can't ring up sales. So I tell people the truth. I also tell them about other locations in the mall where they can find the product they're looking for. And you know what, about 30% came back to me later to buy the stuff when they knew I could ring up sales. One person even told the manager that I was the best employee he'd seen at that store and I bent over backwards to make him happy even if he didn't buy from me, and that if I wasn't there whenever he came in, he wouldn't buy from the store at all.
  
  So now the manager was not happy with me because I made him and the other employees "look bad", to quote him.
  
  I drove into work on that seventh day, and it was an absolute mad house. Big sale, horribly understocked (1 new computer, 3 floor models, about 25 people wanting them) and the manager starts telling me how he needs me on the floor.
  
  So I look at the chaos that his scheduling and his lack of proper planning created, looked him in the eye, told him I quit, and walked out the door.
  
  Shame I had to throw away that 3-cent commission on the big screen TV.
  
  --
  Those who believe the Internet is private,
  find their privates are on the Internet.
3. Re:Sears is evil. by himurabattousai · 2008-01-03 05:26 · Score: 4, Insightful
  
  GP is not off-topic. The treatment a company gives its employees and the treatment a company gives its customers are often one and the same. After all, the employees are just an indirect revenue stream (by helping to separate the customer from his money). As far as the big mega-corp is concerned, money is king, and it will do whatever is necessary to milk their customers (and employees) for every cent of profit it can get. Things like good customer service only cut into that profit (in the mega-corp's mind), and the mega-corp would rather take the small chance that spyware would bring them more money than to have good customer service because the spyware costs less.
  Of course, the obvious way to avoid problems like these is to not sign up for such things in the first place. How many people receive an actual benefit by signing up for this kind of service?? I'd bet the number is somewhere between zero and two.
  
  --
  "osake no hou ga, biiru yori ii" to omotteiru.
4. Re:Sears is evil. by pongo000 · 2008-01-03 06:09 · Score: 4, Insightful
  
  I worked for Sears (retail) for about 4 years. I never experienced any of the issues related here, which just goes to show you that there are always both sides of the story.
  
  In fact, the Sears I worked at (in Houston) went out of their way to accommodate us (most of us high school or college students at the time). The supervisors were, for the most part, reasonable to work with, and nobody put undue demands on us to perform. I wasn't commissioned sales, but I probably knew everybody in the store, and I don't recall anybody relating horror stories like those mentioned already.
  
  I'm not saying the stories related here didn't happen...but let's be fair: Mod up four or five "negative" stories without counterbalance?
  
  Oh, wait, this is /. What am I thinking...
What is Sears Looking For? by JohnAllison · 2008-01-03 04:43 · Score: 5, Interesting

Granted, I fall into the crowd of Spy Ware is evil, but I really want to know what Sears's plan was for the data they were monitoring.

I would love to meet the decision maker that believes this is morally permissive act that can be "contracted" through an EULA.
1. Re:What is Sears Looking For? by viking099 · 2008-01-03 04:56 · Score: 4, Interesting
  
  Sears and Kmart are suffering heavily from their competitors like Wal-Mart, Target, Home Depot, and Lowes. They need to find new revenue streams, and this is probably some marketing tech-savvy manager's way of doing that.
  
  They link up with a spyware company, get people to sign up for a community or whatever, then rake in the user data that is generated from their browsing. There may or may not be any specific danger to an individual user, and most of the gathered data is probably used in an aggregate sense, but the problem lies in the fact that no one knows what's there, how it's gathered, coded, or stored, and how secure it is.
  
  I wonder if a SHC Community member has their identity stolen because of weak software programming on the spyware company if that company can be held liable, or if there's a clause in there that absolves them of any real responsibility regarding the security of the data being collected.
2. Re:What is Sears Looking For? by gstoddart · 2008-01-03 04:59 · Score: 4, Insightful
  
  I would love to meet the decision maker that believes this is morally permissive act that can be "contracted" through an EULA.
  
  Surely, you're kidding right?
  
  Large companies operate on what is legally permissible. If current case law says you can legally put any bullshit into an EULA and have it be valid, that's the bar.
  
  They don't give a flying crap about morally OK -- it's irrelevant.
  
  Companies are impersonal entities, managed by people with a profit motive to maximize their bonuses by doing what they can do to maximize shareholder value in the short term. Morality doesn't apply if the lawyers tell them it was legal.
  
  Cheers
  
  --
  Lost at C:>. Found at C.
3. Re:What is Sears Looking For? by rah1420 · 2008-01-03 05:55 · Score: 4, Informative
  
  IDK about identity theft, but you should read the comment that "heather" left on the CA blog about "managemyhome.com," another Sears web site. Apparently all you need is a name, address, and phone number and you can log on as that person and view purchase history from Sears for, what I would surmise, is the big ticket items like refrigideezers and washers.
  
  Now that's almost criminal.
  
  --
  Mit der Dummheit kämpfen Götter selbst vergebens.
4. Re:What is Sears Looking For? by radish · 2008-01-03 06:04 · Score: 5, Informative
  
  That's actually not universally true. I've sat in a lot of meetings with very senior, very well paid people (and their associated lawyers) and have heard them literally say "we wouldn't be breaking the law, but it wouldn't look good in the press". Many companies value their image and reputation extremely highly and doing something which leads to the company being embarassed, even if it's 100% legal, would be a firing offence.
  
  --
  ---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"
What a deal! by charlesbakerharris · 2008-01-03 04:46 · Score: 5, Funny

This is the least expensive install Sears has ever done for me!
Part of a general trend: consumer as commodity by tbg58 · 2008-01-03 04:52 · Score: 5, Interesting

This is a fairly obvious example of what has happened to the concept of "the customer" in the retail space. The old principle of serving the customer still applies, but the identification of the customer has changed. The customers of K-Mart Sears are no longer the people buying products in stores and use the Sears website; the new customer is the stockholder. The people who buy products and use the website are just commodities to be traded like anything else.

Installing spyware on website users? Why not, if the website users are just inventory to be controlled and traded.

This is true not only in retail, but in IT. Do you think the people who actually buy, say, operating systems, are the customers of the software companies that make them? Think again. Their customers are their stockholders too. The purchaser is just a commodity. Maybe companies which commoditize consumers need a wake-up call to remind them that consumers are still the real customers. A PR mess like this sends a bit of a reminder, but the only message that really hits home is one that impacts the EPS.
Re:Part of a general trend: consumer as commodity by i.r.id10t · 2008-01-03 04:55 · Score: 4, Insightful

The customers of K-Mart Sears are no longer the people buying products in stores and use the Sears website; the new customer is the stockholder.

This is true of any publicly traded company. How or what that company does to produce max profits for its shareholders is a different matter...

--
Don't blame me, I voted for Kodos
Tell StopBadware.org by Animats · 2008-01-03 04:59 · Score: 5, Informative

StopBadware should hear about this. It's exactly the sort of thing that gets a company a big red X on the StopBadware site. Plus some really bad publicity.
StopBadware is sponsored by Harvard Law School, Oxford University, and Consumers' Union. There's heavy legal firepower available if needed.
Re:This is Sear's Privacy Statement by tyraen · 2008-01-03 05:03 · Score: 5, Funny

That was too long for me to read so I just clicked past it.
Re:Surprised that Sears is still in business? by BigHungryJoe · 2008-01-03 05:10 · Score: 4, Funny

If Sears goes out of business do my Craftsman tools still have a lifetime warranty? Who will honor that warranty?

I'll be goddamned if I'm going to buy TWO hammers during this lifetime.