Slashdot Mirror
The First Truly Honest Privacy Policy
itwbennett writes "You want to know what really happens to your data? Dan Tynan has penned the first completely honest privacy policy — surprisingly free of legalese. We dare you to use it on your website."
← Back to Stories (view on slashdot.org)
"At COMPANY _______ we value your privacy a great deal. Almost as much as we value the ability to take the data you give us and slice, dice, julienne, mash, puree and serve it to our business partners, which may include third-party advertising networks, data brokers, networks of affiliate sites, parent companies, subsidiaries, and other entities, none of which we’ll bother to list here because they can change from week to week and, besides, we know you’re not really paying attention.
We’ll also share all of this information with the government. We’re just suckers for guys with crew cuts carrying subpoenas.
Remember, when you visit our Web site, our Web site is also visiting you. And we’ve brought a dozen or more friends with us, depending on how many ad networks and third-party data services we use. We’re not going to tell which ones, though you could probably figure this out by carefully watching the different URLs that flash across the bottom of your browser as each page loads or when you mouse over various bits. It’s not like you’ve got better things to do.
Each of these sites may leave behind a little gift known as a cookie -- a text file filled with inscrutable gibberish that allows various computers around the globe to identify you, including your preferences, browser settings, which parts of the site you visited, which ads you clicked on, and whether you actually purchased something.
Those same cookies may let our advertising and data broker partners track you across every other site you visit, then dump all of your information into a huge database attached to a unique ID number, which they may sell ad infinitum without ever notifying you or asking for permission.
Also: We collect your IP address, which might change every time you log on but probably doesn’t. At the very least, your IP address tells us the name of your ISP and the city where you live; with a legal court order, it can also give us your name and billing address (see guys with crew cuts and subpoenas, above).
Besides your IP, we record some specifics about your operating system and browser. Amazingly, this information (known as your user agent string) can be enough to narrow you down to one of a few hundred people on the Webbernets, all by its lonesome. Isn’t technology wonderful?
The data we collect is strictly anonymous, unless you’ve been kind enough to give us your name, email address, or other identifying information. And even if you have been that kind, we promise we won’t sell that information to anyone else, unless of course our impossibly obtuse privacy policy says otherwise and/or we change our minds tomorrow.
We store this information an indefinite amount of time for reasons even we don’t fully understand. And when we do eventually get around to deleting it, you can bet it’s still kicking around on some network backup drives in somebody’s closet. So once we have it, there’s really no getting it back. Hell, we can’t even find our keys half the time -- how do you expect us to keep track of this stuff?
Not to worry, though, because we use the very bestest security measures to protect your data against hackers and identity thieves, though no one has actually ever bothered to verify this. You’ll pretty much just have to take our word for it.
So just to recap: Your information is extremely valuable to us. Our business model would totally collapse without it. No IPO, no stock options; all those 80-hour weeks and bupkis to show for it. So we’ll do our very best to use it in as many potentially profitable ways as we can conjure, over and over, while attempting to convince you there’s nothing to worry about.
(Hey, Did somebody hold a gun to your head and force you to visit this site? No, they did not. Did you run into a pay wall on the home page demanding y
There's a spot in User Info for World of Warcraft account names? Really?
Just how legally binding are privacy policies in the first place? I've taken the time to specifically look for privacy policies on many sites, only to discover that they either don't have one or have one that is completely inscrutable by anyone not a lawyer. What are they designed to do in the first place? Protect the user? Protect the owner of the website from legal action from a user? Does anyone ever actually read a privacy policy?
This must be pretty fresh, as it shows 0 tweets related to it so far ... oh, wait. It's already 3 days old.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
What could be more honest than, "You have zero privacy anyway. Get over it."?
Sun CEO Scott McNealy
"We exploit any and all data we can get from you while you visit our website. You have no privacy with us. Even things you didn't think we could find out, we can. Thanks for your understanding."
I realize this is meant as a joke, but there are some (usually quite small) companies that actually *do* have honest privacy policies.
For example, this one.
Hell, it's honest and gives people an idea about how the world really works.
I love it.
the language needs a little cleaning up, but I'll be putting it on my site later on.
We’ll also share all of this information with the government. We’re just suckers for guys with crew cuts carrying subpoenas.
Um, if any company is going to refuse a government subpoena, then they'd better have a very damned good legal reason to do so. Few companies are interested in going to court themselves and spending boatloads to protect a user.
A nice little idea. If actually put to use.
How about a no-privacy-policy world?
It then should be obvious and/or taken for granted that "We will do whatever the dickens we feel like with your data."
Sites that decide to stick to some rules with regard to protecting privacy can sit down and spend some time drawing up a sketch of a privacy policy. "We will never do such-and-such with your data." etc.
Problem solved. facebook will have no policy while slashdot would have at least a couple of lines. Wikileaks would probably.. oh well, who'm I kidding? :(
Geekism is your _only_ God!
All your data are belong to us!
Just as accurate, easier to understand, and shorter.
I didn't bother reading the article. I'm simply posting an emotional response based solely on the probably inaccurate summary. I don't really care about privacy policies because I'm use to getting tracked all the time. Security cameras watch me drive to work, my badge records when I enter the door, cameras watch me inside the building, my credit card leaves a trail everywhere I buy something... and I don't really care. So go ahead and track what you want and sell the data to whoever. The hundreds of spam messages I get a day proves that there is no hope of ever retrieving any of my privacy. If you start asking for money to visit this site I'll probably pay for it because I tend to develop habits that make me comfortable. I don't like those habits being interrupted.
I'm now going to hit submit without doing a preview because I could really care less about the quality of this post.
"All your data are belong to us."
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Well, the proposed privacy policy is funny and gives the author a nice little medium through which to rant, but it doesn't really do anything to increase privacy on the internet does it? This privacy has a snowball's chance in hell of actually being adopted by anyone with a legitimate web-business. It's a great joke, but this is hardly a YRO story. It's pretty idle.
Motorcycles, Robots, Space Gossip and More!
What could be more ignorant? Clearly Zuckerberg and McNealy are both willing to sell out the principles upon which this country was founded, and give a middle finger to all the people who have died and will die to protect our rights, in pursuit of profits. I guess it is no big surprise that Sun tanked with him at the helm. I can only hope that Zuckerberg suffers a similar fate, but alas that seems unlikely, since people actually listen to these power hungry fools and believe they posses some kind of insight and wisdom.
News Flash: I still have privacy and 4th Amendment protections, and while I have lost some of it because it is literally impossible to defend, I plan on using knowledge of technology and the US Constitution to keep as much of it as humanly possible. McNealy and Zuckerberg can go screw themselves, and I really hope some day one of them is stupid enough to say something so stupid in my presence.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Crewcuts don't make them bad guys, and warrants don't make them good guys. Big Brother (yours, mine or ours) is "sharing" in vast amounts of data without warrants. Now is the time for your tears...
Sure, who wants their information sold? Who wants to be tracked? Problem is, things like cookies and recording contact information and so on is pretty critical to the operation of any site that attempts to be interactive with you as a human being. Without these, so much of the functionality people have come to expect would be either very expensive or entirely infeasible. This is why I donated to Diaspora. If you want the functionality AND the privacy, you MUST shoulder some of the expense and burden involved in making the network and the software work.
Is it legally binding?
Whine Whine Whine Bitch Bitch Bitch.
Or, alternatively, toggle off cookies by default, install noscript and https-everywhere. Look at what Google lets you opt out of and, y'know, opt out. If you're feeling *really* paranoid, set up an alternate profile for any online persona that you don't want tracked backwards to you.
If you have a genuine concern about some evercookie tracking you unethically after you've done that, I'll grant that it's legit. Tracking via IP addresses should of course be limited to things that genuinely require a warrant, and I don't trust our security establishment to abide by that.
But for the love of Pete ninety percent of the time it's like listening to nudists complain about tourist cameras . . . downtown.
"OH my God they got a picture of my jiggly bits!!!!"
Pug
An Invisible Entity of Vast Power whose existence must be taken on faith alone: Liberal Media
What about Zuckerberg's and McNealy's rights to tell people the things you freely told them? I don't think "freedom from gossip" is in our constitution.
..is to have privacy policies set up specifically to tell the customer what we WON'T do with their data, as well as what we will do.
e.g. "We will NEVER sell any of your data, to anyone, at any time..."
"We may use your data to contact you regarding; a contract with you, an order you have placed with us or in response to an enquiry from yourself..."
I think this is the best approach. Always look at it from the perspective of the customer. Put all the legalese stuff underneath and a simplified language version (like a summary) at the top. More people would read these things if the information was clear, concise and to the point. People are sick of having a phone book of ridiculous contract clauses thrown at them every time they want to sign up to a website / install software / purchase a product.
I don't think "freedom from gossip" is in our constitution.
That's what we get for letting women vote!
Here's my privacy policy.
(to save you clicking the link)...
"The Aardvark Privacy Policy
To put it bluntly -- any information you submit through this site
is held in total confidence unless otherwise stated.
Aardvark has built a strong reputation for protecting the information submitted
and collected. I have a total anti-spam, anti UCE policy -- never, never, never
will your email address be made available to any third party without your
expressed permission and never, never, never will I send you unsolicited
email.
That's it ... plain and simple -- Your secrets are safe with me!
What's more -- Aardvark doesn't routinely collect information from its
users. Apart from the Google Ads, this site is a cookie-free zone --
I probably know nothing at all about you anyway!
Here's a whole bunch of stuff about Google's cookie and privacy policy that
You might find interesting and which I'm supposed to include in this
privacy statement as part of my position as an AdSense user
If you've got a problem or a query about this then contact me, you can even do it
anonymously but in that case don't expect a reply (how could I?). "
It's short, to the point and covers all the bases, doesn't it?
What's so hard about coming up with a concise, no-nonsense privacy policy?
Now let's have some analysis of how many ways this data gets abused, but really abused. Like screening employees based on browsing habits, tracking opposition groups and members, what the hell can *really* be done with this stuff, and how easy/how much is it to gain access to the data you want.
Build your own energy sources from scratch. http://otherpower.com/
There is also freedom to ask ridiculous questions that have nothing to do with the parent post, as you have clearly demonstrated. Bravo!
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
I know that a lot of people don't ever read the privacy policies though, or EULAs and etc.
I remember an article at Humorix (linux-related joke site) with a EULA that resembles this privacy policy. it had a clause in it that said something like:
By accepting this agreement you hereby agree to forfeit your firstborn son and/or soul to us..
Seriously though. Perhaps an honest privacy policy like this will let people realize just what they're getting themselves into every time they visit a random site and fill in some information.
Yeah sure tough guy cocksucker. You won't do shit if they say anything in your presence. Maybe your mom will, if they come into your basement. By the way, the 4th Amendment doesn't mean shit to non-government entities, so take your demand for privacy and jam it up your dad's ass while he's raping you.
http://www.rsync.net/resources/notices/tos.html
I especially like:
"No form of data or meta-data concerning the behavior of our customers or the contents of their filesystems, or
even the customer data that we hold in our records for billing, will ever be divulged to any law enforcement
officer or agency without order served directly by a US court having jurisdiction. "
and:
"No consumer or personal information about our customers of any kind will be divulged to any party for any reason."
Of course I will. I'll exercise my freedom of speech to tell them to their face what I think of them in no uncertain terms, in a way that will make them embarrassed. It is your immaturity that caused you to infer that I was making a physical threat.
Great reading comprehension skills to go with your incredible courage. I stated: "I still have privacy and 4th Amendment protections" Clearly if I thought they were one and the same I would not have enumerated them separately.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
There are other, and much older, honest privacy policies out there.
For instance, here's my privacy policy, which I believe is entirely hones, adopted by several others, and has been on my website for well more than a decade:
http://www.cavebear.com/privacy-policy.html
With the rather more comprehensive Buy n Large disclaimer on their website. When in doubt, I assume that it is also the standard privacy policy for any other corporate website.
A REAL privacy policy: http://xpda.com/junkmail/privacy.htm
"This product is meant for educational purposes only. Any resemblance to real persons living or dead is purely coincidental. Void where prohibited. Some assembly required. List each check separately by bank number. Batteries not included. Contents may settle during shipment. Use only as directed. No other warranty expressed or implied. Do not use while operating a motor vehicle or heavy equipment. Postage will be paid by addressee. Subject to CAB approval. This is not an offer to sell securities. Apply only to affected area. May be too intense for some viewers. Do not stamp. Use other side for additional listings. For recreational use only. Do not disturb. All models over 18 years of age. If condition persists, consult your physician. No user-serviceable parts inside. Freshest if eaten before date on carton. Subject to change without notice. Times approximate. Simulated picture. No postage necessary if mailed in the United States. Please remain seated until the ride has come to a complete stop. Breaking seal constitutes acceptance of agreement. For off-road use only. As seen on TV. One size fits all. Many suitcases look alike. Contains a substantial amount of non-tobacco ingredients. Colors may fade. We have sent the forms which seem right for you. Slippery when wet. For office use only. Not affiliated with the American Red Cross. Drop in any mailbox. Edited for television. Keep cool; process promptly. Post office will not deliver without postage. List was current at time of printing. Return to sender, no forwarding order on file, unable to forward. Not responsible for direct, indirect, incidental or consequential damages resulting from any defect, error or failure to perform. At participating locations only. Not the Beatles. Penalty for private use. See label for sequence. Substantial penalty for early withdrawal. Do not write below this line. Falling rock. Lost ticket pays maximum rate. Your canceled check is your receipt. Add toner. Place stamp here. Avoid contact with skin. Sanitized for your protection. Be sure each item is properly endorsed. Sign here without admitting guilt. Slightly higher west of the Mississippi. Employees and their families are not eligible. Beware of dog. Contestants have been briefed on some questions before the show. Limited time offer, call now to ensure prompt delivery. You must be present to win. No passes accepted for this engagement. No purchase necessary. Processed at location stamped in code at top of carton. Shading within a garment may occur. Use only in a well-ventilated area. Keep away from fire or flames. Replace with same type. Approved for veterans. Booths for two or more. Check here if tax deductible. Some equipment shown is optional. Price does not include taxes. No Canadian coins. Not recommended for children. Prerecorded for this time zone. Reproduction strictly prohibited. No solicitors. No alcohol, dogs or horses. No anchovies unless otherwise specified. Restaurant package, not for resale. List at least two alternate dates. First pull up, then pull down. Call toll free number before digging. Driver does not carry cash. Some of the trademarks mentioned in this product appear for identification purposes only. Objects in mirror may be closer than they appear. Record additional transactions on back of previous stub. Unix is a registered trademark of AT&T. Do not fold, spindle or mutilate. No transfers issued until the bus comes to a complete stop. Package sold by weight, not volume. Your mileage may vary. Known as Hellman's east of the Rockies. Beware of greeks bearing gifts. Beware of gifts bearing greeks. This side up. Don't take any wooden nickels. Don't take candy from strangers. Void where prohibited. Caveat Emptor (Buyer beware) Caveat Vendor (Beware of street people). Donde esta el bano. Beware of DOS. Look both ways before crossing the street. All your base are belong to us. Always wear safety belt. Always wear deodorant. Don't forget to breathe. If you park, don't drink...accidents cause people. This supersedes all previous notices.
This modified disclaimer may not be copied without the expressed written consent of whoever I stole it from."
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
"Look, I haven't even updated my resume in five years; you think I'm going to bother doing anything with your data?"
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
"I am hereby open sourcing this privacy policy."
How can anyone "open source" plain text? There is no source and no compiled result. There is nothing you can "close", so it can be "opened" neither.
BTW Why people always say about "open sourcing" and not "opening source"? It really confuses me as non-native English speaker.
Even better is a privacy policy that goes beyond honesty and understandability to:
- Actually value and promote privacy as a central goal of the service provided by the site
- Detail potential caveats with different options or approaches
- Specifically detail what information is shared with whom and for what purpose
- Link to "competing" services with similar policies
http://duckduckgo.com/privacy.html