Slashdot Mirror

← Back to Stories (view on slashdot.org)

Netflix Sued For Privacy Invasion

Posted by kdawson on from the peekaboo-i-see-you dept.

We've discussed the Netflix Prize numerous times as the contest ran, including the news two years ago that the anonymity of the dataset had been broken. Now reader azoblue sends in this excerpt from Wired: "An in-the-closet lesbian mother is suing Netflix for privacy invasion, alleging the movie rental company made it possible for her to be outed when it disclosed insufficiently anonymous information about nearly half-a-million customers as part of its $1 million contest to improve its recommendation system. ... The lead attorney on the new suit, Joseph Malley, recently reached a multimillion-dollar settlement with Facebook over its failed Beacon program, which drew fire in part for sharing users’ Blockbuster rentals with their friends. ... If a data set reveals a person's ZIP code, birthdate and gender, there's an 87 percent chance that the person can be uniquely identified." The suit turns on the question of whether Netflix should have known that their dataset's anonymity could be broken, two years before researchers demonstrated that.

54 of 262 comments (clear)

  1. Yes by RichardJenkins · · Score: 2, Interesting

    How large an area is a zip code in the states? I think in the UK if a company publicly released sensitive data about a people with their birthday and postcode attached there'd be outrage. Muppets.

    1. Re:Yes by Shakrai · · Score: 4, Informative

      How large an area is a zip code in the states?

      Depends on how many households and businesses there are in the area. In a rural setting a zip code may cover an entire city or county. In a heavily urbanized area it may only cover a single building or city block.

      The five digit zip code doesn't tell the whole story though. There's actually the nine digit zip code plus a two digit delivery point code. Every single address in the United States will have a unique nine digit zip code + delivery code. It doesn't mean much to the layman but the USPS can actually represent every single address in the United States with an 11 digit number.

      --
      I want peace on earth and goodwill toward man.
      We are the United States Government! We don't do that sort of thing.
    2. Re:Yes by oldspewey · · Score: 2, Informative

      300000 people in a single ZIP code? In Canada, a unique Postal Code covers maybe 50-80 houses along a street or two, or at most one large condo building with 2000 residents or so.

      Within a pool of 2000 (or fewer) people, I can see how gender and DOB could provide unique identification with 87% accuracy. Within a pool of 300000? Not so much.

      --
      If libertarians are so opposed to effective government, why don't they all move to Somalia?
    3. Re:Yes by E+IS+mC(Square) · · Score: 4, Informative

      There is a difference between US zip code system and Canadian one.

      In the US, there is zip5 + zip4 (total 9 digits). If you use both, you are talking about 2-3 houses on a street. This is equivalent to Canadian 3+3 system. But a five digit US zip code may mean anything from one business building to very large number depending on the density.

    4. Re:Yes by akcpe · · Score: 2, Informative

      There's really two different ways of listing the code actually, one of which would probably get you down to that level. Zip code is 5 digits + 4 additional digits. When mailing something only the first 5 are required. the additional 4 would likely identify you down to the street level. 12345-XXXX would get you there, but there may be a hundred thousand people in all of 12345. Its unclear to me which Netflix released. Generally the mail I receive with an automatically generated address label (such as from Netflix) includes the -XXXX

    5. Re:Yes by MBGMorden · · Score: 3, Informative

      Generally the mail I receive with an automatically generated address label (such as from Netflix) includes the -XXXX

      Just a note, but the reasoning for that is that bulk mailings have a series of steps they can perform to get postage discounts. CASS certification of the address is one of those. It requires lots of things be done to addresses - St. in a city name for example must be spelled out as "Saint" since St is used as the abbreviation for "street". you also have to consistently abbreviate the street names. You can't write out "Street" in the street name unless it's part of the actual name (ie, "Market Street Rd" would be fine, but not "Market Street"). Among the restrictions though is also a requirement that you use the full Zip+4 zip code.

      I can't remember the exact discount but IIRC it's around $0.08 per letter. Not a lot, but where I'm at for example we do several large mailings per year that end up between 70,000 and 90,000 letters in volume. With postage bills for those things being tens of thousands for dollars, that $0.08 per letter adds up fast.

      --
      "People who think they know everything are very annoying to those of us who do."-Mark Twain
    6. Re:Yes by TheSeventh · · Score: 4, Insightful

      Was it necessary to release the birth date of the users? As if the day of the month you were born in would matter in which movies you liked? No more than month and year should have been included, probably no more than the year.

      The problem is most people don't think, and those that do, don't think about what they're doing from a security standpoint. "Will this work?" or "Will this be safe?" is vastly different from "Can this be abused?" or even "Is all of this really necessary?"

      --
      Just because you're paranoid, it doesn't mean that they're not out to get you.
    7. Re:Yes by E+IS+mC(Square) · · Score: 2, Informative

      Hey, I was not pulling that out of my ass. I work on similar system right now and know something about zip codes :-)

      Now about your theory, here is a better explanation (from http://en.wikipedia.org/wiki/ZIP_code#ZIP_.2B_4)

      "A ZIP + 4 code uses the basic five-digit code plus four additional digits to identify a geographic segment within the five-digit delivery area, such as a city block, a group of apartments, an individual high-volume receiver of mail or any other unit that could use an extra identifier to aid in efficient mail sorting and delivery." (the keyword is "within")

    8. Re:Yes by j_166 · · Score: 2, Funny

      12345? That's the stupidest zip code I've ever heard in my life. That's the kind of code an idiot would have on their luggage.

    9. Re:Yes by tenton · · Score: 2, Funny

      I'd better go change the code on my luggage.

  2. netflix tracks birthdates? by Shakrai · · Score: 2, Interesting

    I don't recall handing over my birthdate when I signed up for my account. I just went through all of the account screens and couldn't find it either. What part of their service expects you to tell them your birthday?

    --
    I want peace on earth and goodwill toward man.
    We are the United States Government! We don't do that sort of thing.
    1. Re:netflix tracks birthdates? by fwice · · Score: 4, Informative

      I just signed up for an account. It asked for your birthday on the page with your address. However, it _was not_ mandatory.

      I conveniently skipped the 'birthdate', 'gender', and 'your opinion of these genre' sections.

    2. Re:netflix tracks birthdates? by bmearns · · Score: 3, Insightful

      I'm guessing they probably ask if you're renting adult material. If the mother was outed by the movies she rented, she was probably renting adult material.

      --
      Slashdot is not a game, Slashdot is not a game. Crap, I just lost points.
    3. Re:netflix tracks birthdates? by Shakrai · · Score: 4, Funny

      Netflix has adult material on it? Why wasn't I aware of this awesome featur^W^Wmoral outrage? ;)

      --
      I want peace on earth and goodwill toward man.
      We are the United States Government! We don't do that sort of thing.
    4. Re:netflix tracks birthdates? by Neon+Spiral+Injector · · Score: 2, Informative

      Netflix has no "adult" material. Sure, a few NC-17 films (many of them for violence as much as sex), and some unrated titles, which may get a little blue. But nothing like the backroom of local rental stores.

      They don't require an age to be specified because they assume if you have a credit card (which is required) then you can rent anything they have.

    5. Re:netflix tracks birthdates? by Neon+Spiral+Injector · · Score: 2, Informative

      They do have a "Gay & Lesbian" genre, which includes such films as (from the first page):

      Milk
      The L Word
      Angels in America
      Midnight in the Garden of Good and Evil
      Fried Green Tomatoes

    6. Re:netflix tracks birthdates? by Verdatum · · Score: 4, Insightful

      And the crux of the lawsuit is the presumption that straight people are not allowed to like these movies...wait...I liked Milk quite a bit, and Angels in America was one of the most incredible things I've ever seen. Damnit, my girlfriend is gonna kill me when I tell her I found out I was gay...via Slashdot no less.

    7. Re:netflix tracks birthdates? by flabordec · · Score: 2, Funny

      Don't worry! You're not gay. My system says you are a lesbian mom!

      --
      "I see undead people" Warcraft III - Necromancer
    8. Re:netflix tracks birthdates? by Belial6 · · Score: 2, Informative

      That depends on what you consider adult content. While Netflix claims that Alice In Wonderland: An Adult Musical is rated R, the movie it self has an X rating notice at the beginning. And, while they did cut out the actual close ups of insertion, Pirates was filmed as a full on porno.

      So, while they many not have much, and it may not be hard core by today's standards, they do have adult content.

    9. Re:netflix tracks birthdates? by MikeBabcock · · Score: 2, Funny

      You mean straights don't like lesbian content now? When did this happen?

      --
      - Michael T. Babcock (Yes, I blog)
  3. So lemme get this straight... by Carik · · Score: 5, Insightful

    ... this woman is a closeted lesbian. She came to the realization that, if someone hypothetical person were to come along and get into the NetFlix user data system, he could find out she's a lesbian. In order to protect herself from being potentially exposed, she decided to join a high-profile national lawsuit, charging that they had created a potential for people to find out her sexual preferences. How many days do you think it'll be before her picture is all over the web, sitting right next to the headline "formerly closeted lesbian pulled out of closet by attaching her name and face to a privacy lawsuit"?

    1. Re:So lemme get this straight... by Registered+Coward+v2 · · Score: 4, Informative

      In order to protect herself from being potentially exposed, she decided to join a high-profile national lawsuit, charging that they had created a potential for people to find out her sexual preferences. How many days do you think it'll be before her picture is all over the web, sitting right next to the headline "formerly closeted lesbian pulled out of closet by attaching her name and face to a privacy lawsuit"?

      She filed as a Jane Doe to protect her privacy.

      --
      I'm a consultant - I convert gibberish into cash-flow.
    2. Re:So lemme get this straight... by Shakrai · · Score: 4, Funny

      More to the point, what data does Netflix have on you that reveals you to be a closed lesbian? I don't recall seeing a "Are you a closet homosexual?" button when I signed up for my account.

      --
      I want peace on earth and goodwill toward man.
      We are the United States Government! We don't do that sort of thing.
    3. Re:So lemme get this straight... by Carik · · Score: 3, Insightful

      Right. And of course the real names of people who file anonymously NEVER get out.

    4. Re:So lemme get this straight... by Anonymous Coward · · Score: 2, Insightful

      Netflix shows what you watch to others that are your "Netflix friends". It's a minor social network that allows you to pass recommendations to others. If they're really snoopy they can see what you watch...but there's also an option to cut that off that's about five clicks deep in the settings.

      So, if all you do is rent skinimax flicks. Yeah, I could see feeling exposed...but honestly, I don't think it's a big deal.

      If privacy is such a big deal to people, they need to get informed. End of story. You can't half-ass privacy. Either bury your identity or deal with the fact that if you put it out there...it's out there.

    5. Re:So lemme get this straight... by corbettw · · Score: 5, Funny

      It's all the Rosie O'Donnell and Margaret Cho comedy specials in her queue.

      --
      God invented whiskey so the Irish would not rule the world.
    6. Re:So lemme get this straight... by Carik · · Score: 2, Interesting

      anyone filling a Jane/John Doe lawsuit has to expect their name would eventually become public information.

      Exactly. So she's just come out on her own... in order to sue someone for the potential that someone going through their data MIGHT be able to figure out that she's a lesbian.

      My point is still the same... she's given up on her privacy in order to sue someone for a potential (but not yet real) breach of privacy.

    7. Re:So lemme get this straight... by nomadic · · Score: 2, Informative

      She's asking for injunctive relief. None of the plaintiffs will get money if they win.

    8. Re:So lemme get this straight... by Verdatum · · Score: 5, Funny

      Because first you get the money, then you get the power, then you get the women. That's one clever lesbian!

    9. Re:So lemme get this straight... by Rogerborg · · Score: 5, Funny

      I bet if she got more injunctive relief, she wouldn't be a lesbian.

      --
      If you were blocking sigs, you wouldn't have to read this.
    10. Re:So lemme get this straight... by rhsanborn · · Score: 2, Insightful

      While she may be suing for money, it's not unreasonable that she is willing to accept some backlash and her outing for the sake of justice. Companies would be able to get away with gross privacy breaches if there weren't people to keep them in check like this.

    11. Re:So lemme get this straight... by Bakkster · · Score: 3, Insightful

      My point is still the same... she's given up on her privacy in order to sue someone for a potential (but not yet real) breach of privacy.

      It's a catch-22, no doubt, but at least this way she can possibly force Netflix to fix the initial problem.

      She chose to be proactive, rather than sit and worry. Can't fault her for that. Besides, it is hardly a forgone conclusion that she will be revealed as the Jane Doe in a reasonable time frame.

      --
      Write your representatives! Repeal the 2nd Law of Thermodynamics!
    12. Re:So lemme get this straight... by Hijacked+Public · · Score: 2, Informative

      Above is the most brilliant thing ever posted to Slashdot.

      --
      "Sacrifice for the good of The State" - The State
  4. Filing as Jane Doe? by whoda · · Score: 3, Interesting

    How can a legal-aged adult file as Jane Doe just because of her secret of being 'in the closet'?

    1. Re:Filing as Jane Doe? by Registered+Coward+v2 · · Score: 3, Informative

      How can a legal-aged adult file as Jane Doe just because of her secret of being 'in the closet'?

      Simple - the judge gets to decide if her privacy rights outweigh the public interest in keeping lawsuit information available to the public. for more information see: http://www.legalmatch.com/law-library/article/filing-a-lawsuit-anonymously.html

      To me allowing a Jane Doe suit in such cases is not unreasonable; whether or not her name wil eventually become public is another matter.

      --
      I'm a consultant - I convert gibberish into cash-flow.
    2. Re:Filing as Jane Doe? by Nadaka · · Score: 5, Insightful

      no. Being a lesbian does not mean she cheated on her husband, even if she is still married. For example, this is slashdot, I believe there are a lot of heterosexual men here who have never even touched a woman.

    3. Re:Filing as Jane Doe? by Anonymous Coward · · Score: 2, Funny

      For example, this is slashdot, I believe there are a lot of heterosexual men here who have never even touched a woman.

      They don't want to cheat on themselves

    4. Re:Filing as Jane Doe? by Verdatum · · Score: 2, Insightful

      Infidelity? WTF? That's a major leap of logic. Because she prefers chicks, she obviously cheated on her husband? Who modded this up?

    5. Re:Filing as Jane Doe? by CoderJoe · · Score: 2, Insightful

      While I don't agree with the leap, I think I can kinda see where they got the idea. She prefers chicks and doesn't want anyone to know. Because she doesn't want anyone to know, she obviously has done something wrong, etc.

      It is all a load of hogwash. That's the same logic that comes to the conclusion that if you use an envelope to mail something, you must be doing something wrong.

  5. Outed by movie rentals? by grapeape · · Score: 4, Insightful

    "The member’s movie data exposes a Netflix member’s personal interest and/or struggles with various highly personal issues, including sexuality, mental illness, recovery from alcoholism, and victimization from incest, physical abuse, domestic violence, adultery, and rape."

    Isn't this a bit of a stretch. I've rented a rather broad range of films, over the past year some of the films I have watched include Apt Pupil, Lords of Dogtown, Girl Interrupted, A History of violence, A Beautiful Mind, Brokeback Mountain and Super High Me. Evidently I'm a mentally disturbed,abusive, homosexual, drug abusing, skateboarding, autistic nazi and didn't know it.

    The woman who was outed wasn't outed by her movie choices but by her paranoia leading to her own disclosure.

    1. Re:Outed by movie rentals? by ViViDboarder · · Score: 4, Insightful

      Exactly what I was going to post! This is crazy. Also, I'd really like to know how someone drew the conclusion that she was a Closet Lesbian from her movie rentals AND that someone randomly picked her out of the huge database AND then took the time to find out who she was and then took the time to notify all her friends... All this for the interest of being malicious towards a stranger they will probably never see...

      Seems a little far-fetched.

      Also, the summary is poorly written because it makes it seem like the Zipcodes and Birthdays have been released when they haven't. http://www.wired.com/images_blogs/threatlevel/2009/12/doe-v-netflix.pdf

      http://it.slashdot.org/story/07/11/27/1334244/Anonymity-of-Netflix-Prize-Dataset-Broken Shows that it's possible, but it's not like anyone could draw a conclusion on Sexuality with any certainty by those means.

      Also, after reading the article it seems like they HAVEN'T released Birthdays and Zip Codes but that this is only planned for the second iteration. They only had unique ids for users and ratings... The privacy was breached by people datamining other resources. From what I gathered... the people got the identities of people by matching ratings with IMDB ratings... Which in that case I don't think Netflix really provides any more information about someone than they have already made public via IMDB.

    2. Re:Outed by movie rentals? by Spazztastic · · Score: 2, Funny

      Isn't this a bit of a stretch. I've rented a rather broad range of films [snip]

      I share a Netflix account with my mom. I have the movies go to her address and I use the streaming to my 360 at my apartment. Going by what you mentioned, they must think I'm a menopausal woman who has an infatuation with James Bond.

      --
      Posts not to be taken literally. Almost everything is sarcasm.
    3. Re:Outed by movie rentals? by willworkforbeer · · Score: 2, Funny

      Honey, is that you?

      --
      Pretending this is my office full of bitter coworkers..
  6. Um... by fredklein · · Score: 2, Insightful

    If a data set reveals a person's ZIP code, birthdate and gender, there's an 87 percent chance that the person can be uniquely identified

    What idiot answers all those questions correctly?

  7. Congratulations! Now the world _knows_. by Golddess · · Score: 3, Interesting

    So while before all that was available was a list of rented films which she seems to think indicates that whoever rents them can indicate that the watcher is gay (which I'm having a hard time making the leap from "if someone watches movie X, Y, and Z, that means they are gay), now the whole world knows she is gay.

    --
    "I'm not sure I like the fugnutish tone you used in your post!" -RogL (608926)-
  8. Where are the photos? by Vinegar+Joe · · Score: 2, Funny

    Is she hot?

    --
    "The average reporter we talk to is 27 years old......They literally know nothing." - Ben Rhodes
    1. Re:Where are the photos? by Anonymous Coward · · Score: 2, Funny

      No, this is a real-life lesbian, not a "lesiban" from porn. She probably looks like Rosie O'Donnell.

  9. Don't you need to have actual damages? by joeflies · · Score: 2, Insightful

    The way that I thought that it worked was that you sue in civil court when you actuall suffer damages even when the other party was doing something illegal.

    For instance, you can't sue a drunk driver for almost hitting your car. You could press that they did something illegal and have him charged in criminal court, but there's no payday in that. Given that these types of cases seem to be this lawyer's modus operandi, I'm thinking that this case is more about the payday and not about building stronger standards for privacy.

    1. Re:Don't you need to have actual damages? by nomadic · · Score: 3, Informative

      The way that I thought that it worked was that you sue in civil court when you actuall suffer damages even when the other party was doing something illegal.

      In cases at law, for example tort or contract cases, you generally do. This is a case at equity, so the plaintiffs are trying to get injunctive relief (also attorneys fees, but that's considered ancillary to the injunction).

  10. Stop giving out personal info that isn't needed by harmonise · · Score: 3, Insightful

    if a data set reveals a person's ZIP code, birthdate and gender, there's an 87 percent chance that the person can be uniquely identified.

    Why are you giving Netflix your birthdate and gender in the first place? I never give those things to companies, and if I can't avoid it (forced to enter something when signing up) I give bogus information. Neither of those are any of Netflix's business.

    --
    Cory Doctorow talking about cloud computing makes as much sense as George W Bush talking about electrical engineering.
  11. The closet can be a scary, stupid place by name_already_taken · · Score: 5, Insightful

    Speaking as a gay guy with a lot of gay and lesbian friends, I can tell you that some people get really worked up over being "in the closet". They can start to worry about really stupid things that are outside of the bounds of possibility, and work themselves into all kinds of trouble.

    Case in point: a friend of mine got herself fired over this. She knew that her supervisor didn't like gay people and so she was in the closet, as far as work was concerned. She got called up for jury duty. The court case didn't last long at all, but in the meantime, one of our mutual friends' father passed away. So, my friend was invited to the funeral which happened to fall on the day after her jury duty ended. She was so worked up over the idea that her boss would figure out that she's a lesbian if she took a personal day to go to her gay friend's dad's funeral that she lied and told her boss that she was still on jury duty for the day of the funeral. Well, the boss didn't like her and he called the court clerk to confirm that she was still on jury duty - and then fired her for lying about it.

    Had she just took a personal day and said "I'm going to the funeral of a friend's dad" nothing would have happened. As far as I know, there's no mechanism by which you can figure out if the relatives of a dead person (whose name you don't have) are gay or not.

    Maybe this lawsuit lady should read up on the Streisand Effect (you know her name's going to come out eventually), stop worrying so much about what other people think about her sexual orientation, and concentrate on living her life. Can she truly be deluded enough to think that anyone in her life (work, social, government or otherwise) is going to trawl netflix's database to figure out if she's a lesbian and then use that information against her?

    Seriously, this is like when my boss didn't want to have his pay directly deposited because he thought the payroll company could snoop in his bank account. It's just not grounded in reality.

    --
    Putting moderation advice in your .sig lowers your karma!
    1. Re:The closet can be a scary, stupid place by forand · · Score: 2, Informative

      Seriously, this is like when my boss didn't want to have his pay directly deposited because he thought the payroll company could snoop in his bank account. It's just not grounded in reality.

      While they may not be able to see your transactions any company authorized to direct deposit is authorized to deduct money from your account.

  12. "state-of-the-art defense" and strict liability. by gandhi_2 · · Score: 3, Informative

    The suit turns on the question of whether Netflix should have known that their dataset's anonymity could be broken, two years before researchers demonstrated that.

    This is called a "state-of-the-art" defense, and generally doesn't work.

    State of the art defense is the defense that permits a manufacturer to avoid liability in a design defect case if at the time of manufacture there was no safer design available, or in a failure to warn case if at the time of manufacture there was no way the manufacturer could have known of the danger he/she failed to warn against.

    Lets say I was making Asbestos oven mitts, no one knew it was dangerous. The state of the oven mitt industry and materials science (the art) was that Asbestos was fine. Then, 50 years later we find out it's dangerous. The lawsuits will probably prevail because the "state of the art" defense doesn't stand up to strict liability.

    On the upside, she'll probably make some new friends in PTA. And who doesn't love hot buttered soccer moms?

    --
    THL phish sticks
  13. Zipcodes known to help uniquely identify by realsilly · · Score: 3, Informative

    I've done enough work for companies in my years to know that zipcodes can be used to uniquely identify individuals. Since there are still parts of this country in which a person may own a very large piece of land and Zipcodes use the +4 to determine specific blocks within a zip code range, then all one needs is a name or the other info mentioned above to uniquely identify a person. This has been known by banks and the post office for as long as the +4 has been around. Banks have strict guidelines around uniquely identified people and what they must do if they are identified when dealing with offers of credit.

    Netflix works with the post office for mass mailing, they would be aware of the ways to uniquely identify people.

    --
    Life takes interesting turns, but the most interest is when you're off the beaten path.