Borders Bust Means B&N May Get Your Shopping History

coondoggie writes "To perhaps no one's surprise, Borders bookstore collected a ton of consumer information — such as personal data, including records of particular book and video sales — during its normal course of business. Such personal information Borders promised never to share without consumer consent. But now that the company is being sold off as part of its bankruptcy filing, all privacy promises are off. Reuters wrote this week that Barnes & Noble, which paid almost $14 million for Borders' intellectual assets (including customer information) at auction last week, said it should not have to comply with certain customer-privacy standards recommended by a third-party ombudsman."

Glad I never bought from them.

[weav]

Hope this never happens to Amazon...

Re:Glad I never bought from them.

[mjwx]

Hope this never happens to Amazon...

What difference would it make?

Amazon UK has been spamming me with the same book I bought a month and a half ago. Would it matter if B&N does it too?

Re:Glad I never bought from them.

[mjwx]

Hope this never happens to Amazon...

In all seriousness,

How long until Gmail "prioritises" all advertising into a "secondary" inbox that is not presented with ones personal mail by default.

I'm certain I'm not the only /.er who's set up rules for Amazon and the like to be automatically shunted into a different folder.

Re:Glad I never bought from them.

[C_Kode]

Hope this never happens to Amazon...

What difference would it make?

Amazon UK has been spamming me with the same book I bought a month and a half ago. Would it matter if B&N does it too?

You are extremely naive if you think that is the only implication here.

Re:Glad I never bought from them.

[FatdogHaiku]

Amazon sells many, many things including (but certainly not limited to) herbs, electronics, sex toys, bondage gear, gourmet food, and of course books about almost any subject. Any marketer would love to have detailed shopping histories from Amazon...

Re:Glad I never bought from them.

[maxume]

Does Amazon actually send you stuff you don't want? All I get from them are order and shipping confirmations, perhaps I clicked something about not sending me advertisements.

Re:Glad I never bought from them.

[jgagnon]

This. I've never received junk email from Amazon and I've been a customer since 1997.

Re:Glad I never bought from them.

Hope this never happens to Amazon...

What difference would it make?

Amazon UK has been spamming me with the same book I bought a month and a half ago. Would it matter if B&N does it too?

You are extremely naive if you think that is the only implication here.

And you are extremely paranoid if you think advertising is out to get you and you need to overreact to absolutely every type of potential marketing. What's your point? A solid point, please, not just "Advertising *sudden crazed handwaving* EEEEEEEEEEEEVUL HATE HATE HAET they're all gonna steal YOUR SOUL!!!1!1!".

Re:Glad I never bought from them.

[maxume]

Imagine if Amazon were to begin marketing things.

Re:Glad I never bought from them.

[dadioflex]

Right at the bottom of every marketing message from Amazon is a link to take you to your account page. Don't click on it. Instead open your browser and manually enter the link and enter your account. You can adjust exactly what email they send you from there.

Re:Glad I never bought from them.

Not just marketers. A few examples if Amazon's data is public:

Ex-spouse: They find the bondage gears, candy, and take that in front of a judge to show that the person is unfit for any custody of the kids in the divorce, even supervised visits.

Insurance agents: The candy and gourmet food means that they can jack up health insurance rates. Oh, the cigars bought? Well, time for a physical unless you want smoker's rates.

Employers: More stuff to use to filter candidates on. Someone buys a lot of aspirin or herbal medicines? They might be a loon. Skip them .

LEOs: A DA riffling through what people bought in his district finds that certain people bought rolling paper, grinders, and an occasional scale. He gets the judge to sign off on multiple search warrants, gets a good number pot smokers put away for 2-10, and now him and the judge look good because they have added more people to the private prison rolls (who finance their election campaigns).

Re:Glad I never bought from them.

[Abstrackt]

I believe the point is information was shared under the assumption that it would remain confidential, the fact that a company purchasing the scraps of the company that entered into this agreement is no longer willing to honor those conditions is a little disconcerting; it could potentially set a precedent where other information can be "released" without your consent simply because a company stops existing.

Re:Glad I never bought from them.

That would explain the Oregano Flavored Spongebob Ballgag offers I keep getting.

Re:Glad I never bought from them.

[Mister+Whirly]

A DA riffling through what people bought in his district finds that certain people bought rolling paper, grinders, and an occasional scale.

And anybody foolish enough to buy that combination of items, on Amazon, is an idiot. Those are all items you buy in person, with cash.
That being said, those are all legal items and no sane judge would issue a search warrant based on this type of flimsy circumstantial evidence alone.

Re:Glad I never bought from them.

[rtb61]

The real question is whose asset is your information. Consider that your information is on loan, subject to conditions of contract being fulfilled, at any time you are entitled to recall your private data and in turn the company is no longer required to provide you will value based upon the loan of that data.

The company has gone bankrupt and as such is no longer able to fulfil the conditions of contract the were the basis of the loan of your private data, failure to adhere to the conditions of contract means your private data must be returned to you ie. deleted.

You private data can not be transferred upon bankruptcy under new conditions, because the bankrupt company now owes you a debt, your privacy because it no longer can provide contracted services.

Re:Glad I never bought from them.

[bickerdyke]

I set up a filter for that. I sometimes need to add a new "newsletter" to it, but it sends those mails that are not-quite-spam to a seperate folder. I can skim over that every few days (cause these com from companys that I perhaps want to do business again with) but they don't disturb me with ringing my phones new mail alert.

Re:Glad I never bought from them.

That sounds like a very apt description of how it _should_ work, but not even close to how it actually works...

Re:Glad I never bought from them.

[Obfuscant]

the fact that a company purchasing the scraps of the company that entered into this agreement is no longer willing to honor those conditions is a little disconcerting;

I would say that a company that WOULD honor a set of conditions that it was not party to in the face of a hefty profit would be the surprise. "No longer willing" implies that they were once willing to do so, something that isn't true. They've never been willing to protect Border's data and were not part of any privacy agreement between customers and Borders.

Borders said they wouldn't use the data. Borders is the one who broke the agreement by including that data in the sale, but I doubt they had much say in the matter now that they are bankrupt.

That's why I always paid cash when I went into the now-empty local Borders, and never used their frequent buyer card despite being asked every time I checked out if I wanted one.

Re:Glad I never bought from them.

[Anrego]

As I understand it, information _about_ you isn't owned by you. Even if it was, companies would just put a clause in their TOS/EULA/Contract/whatever wherein you grant them full and unrestricted use of your information. You could of course refuse these terms, but unless you are prepared to live in the woods somewhere off the land.. good luck with that.

Re:Glad I never bought from them.

[m50d]

I got a "we have new recommendations for you" email from them about a month ago - first time I'd got anything unsolicited, it surprised me quite a bit as I hadn't changed anything.

I was about to plonk it in spam but then saw the first recommendation was actually something I wanted at a good price. So perhaps this is something they only start doing once they feel confident enough in their recommendations to you?

Re:Glad I never bought from them.

[JWSmythe]

    And you're naive if you think that selling this kind of information only happens *after* a company goes under.

    I've worked in the background information business for a while now. I'm always amazed at what datasources are available. Despite what any company says their privacy policy is, just about any company is willing to sell their collected customer information for the right price.

    An example of this is the state I live in. The state DMV was caught selling their drivers license database. The name, DOB, SSN, DL number, address, phone number, and even what flags are on your license. It only because a big deal this year, because someone found out and made a stink. The truth to it is, that information has made its way out for years, being sold to credentialed companies.

    Basically, if we proved (with a stack of paperwork and investigations) that we were only to provide that information to those who need it (law enforcement, etc), we could buy the whole list, and get it updated frequently. If we were caught selling it to others (such as the general public), there'd be a whole shitstorm come down on us, followed by fines that would likely exceed our gross income for the decade. That's not to say that credentialed companies don't have bad apples. If I have access to the DB, I could (in theory) make a copy, and sell it for a small fortune on the black market.

    Would I be generally concerned that B&N got Borders data? Not really. My concern is that a disgruntled ex-Borders employee (probably in IT) took a copy of the DB, and is selling it to whoever wants it. There are thousands of companies in the background information business, who would be very happy to get their hands on it. And once one gets it without all the strings attached (i.e., black market), it's going to get out to others.

    Beyond the data, there is misassociation of data. With one company, they associated me to my mom, sister, and several complete strangers. Just the "where have you lived?" list became an interesting assortment of addresses that I knew, and addresses that I'd never heard of. They even did email address associations. Someone with my real name (first and last) in a different state, had an email address with a provider I had never used. According to them, that was *MY* account. That's where the ugly part comes in. Wrong information causes problems.

    Have you ever received collections calls for someone you never heard of? Do they continue to call because they are sure it's you? That's because there was a wrong association of information somewhere along the line. And every company that touches the data manipulates it in different ways. All it takes is one company to associate the information wrong, and that will propagate out to other providers forever.

    Sometimes that information gets merged back into your credit history. I've had wrong addresses and other details show up on *my* credit report, because they bought a list of some sort of data which was suppose to be good, but wasn't. I had a collections company coming after me for money owed to an apartment complex, in a city that I never lived in, 10 years earlier. It was only $300. I couldn't convince them that I'd never lived there. They wanted proof. how do I *PROVE* that I never paid rent for a place in another city? I can't. I can show that I had a residence in the city I really lived in. Who's to say that the other residence wasn't for weekends, for my mistress, a friend, or whatever. I fought with them for 6 months, disputed the claim with all three credit bureaus, but it didn't help. Because i was trying to clean up my credit to buy a house, I ended up paying them off. $300 down the drain, for something that I had absolutely no involvement in, ever.

Re:Glad I never bought from them.

[hairyfeet]

Tell me about misinfo! I had to deal with it for about two years because of my "doppelganger" as I called him. The guy lived on the other side of town, but he had the same first, last name and middle name (his middle was spelled differently but was the same name) , he had a sister with the same name as mine, and both of his parents had the same names as mine, only they were a couple of years younger than my parents.

I found out it was ending when my landlady used her key to get into my apt one morning and I got woke up in bed with "OMG thank goodness you aren't dead!" needless to say sitting there in my boxers i thought the sweet old lady had flipped her lid, but she told me that "I" had died in a car wreck that night and it had been reported that morning. when she heard it she rushed over to see if it was true and hopefully find a number for my family. Reading an obit for "yourself" was more than a little unnerving.

But you would think businesses would go by more than name, but I got his bank statements (and he got mine), CC reports and offers for him (and I'm sure ditto for him and my data) it just went on and on. I finally had to leave my bank because they thought sure I had to be "pulling something" to have two accounts under personal with two different addresses and contact numbers until finally in frustration i called the guy up (because i didn't want to have them close HIS account too) and had him show up and we both whipped out our IDs.

It was strange as hell though to have someone who was the polar opposite of me (he was a little guy and a hillbilly, and i'm a 6 foot biker type) running around with MY name and so damned many similar details.

Re:Glad I never bought from them.

[lee1]

no sane judge would issue a search warrant based on this type of flimsy circumstantial evidence alone

I wish this were true, but either it's not or we have a significant number of insane judges. It's legal to buy electricity, too, and lightbulbs, but search warrants are commonly issued for suspicious patterns of power usage or evidence of the installation of grow lights (thermal imaging).

Re:Glad I never bought from them.

[rtb61]

Infinite contracts are a delusion of lawyers relying on legal bluff. Contracts are never one sided and both, repeat 'BOTH" parties must continue to fulfil the conditions of contract, for the contract to continue. Technically your private information is not a one shot deal as it continues for as long as you live. Corporations as always simply choose to interpret the law as it suits their greed until to forced to do otherwise and pay the consequences.

Re:Glad I never bought from them.

[JWSmythe]

    That actually makes perfect sense. "Person" searches are done on a few different criteria. They're typically:

First name, last name, state (possibly city).
First name, last name, SSN.
SSN

Date of birth, or approximate age are frequently used to narrow down a list.

    Sometimes the SSN isn't available to the person doing the check, so they have to guess on who you are by first and last name. Lots of databases don't have the middle name. They may be missing, or inaccurate. According to my information in various databases, I have one of 5 middle initials, and none of them have my full middle name.

    I run into this all the time. A couple weeks ago, I went to a major pharmacy chain for a refill on my prescription. They ask to verify your address. I told him mine. The system showed another city, 100 miles away. I know there is someone in that city with my name (first and last), who isn't me. He cross referenced it, and asked if I had prescriptions from a particular MD. I confirmed that I did.

  Somehow, that same chain ended up with two different records for just me. I phoned in for a refill. They filled it at my "regular" pharmacy. When they refilled it, they did it at the one where I used to live (about 50 miles away), even though I haven't filled a prescription there in years.

    Some places will associate vague information with everyone that could match. So if you are John Smith in New York City, and B&N was to take the Borders information to figure out what you may be interested in reading, you may suddenly have the purchase history for *every* John Smith in the area. It's stupid, but when all they have to go on is your name, they have to guess as best as they can. If *I* were to be doing such an import, I would just take that as inconclusive, and not associate it to everyone. First and last name aren't enough to work with, they shouldn't ever be considered as the search parameter, only as the verification. Search for SSN 111.22.3333, and then verify the name matches. Too bad they're frequently working with limited information.

    I guess you were lucky in that there wasn't a death certificate issued for you. From what I understand, that is a bastard to get fixed.

Re:Glad I never bought from them.

Infinite contracts are a delusion of lawyers relying on legal bluff. Contracts are never one sided and both, repeat 'BOTH" parties must continue to fulfil the conditions of contract, for the contract to continue. Technically your private information is not a one shot deal as it continues for as long as you live. Corporations as always simply choose to interpret the law as it suits their greed until to forced to do otherwise and pay the consequences.

Do your ramblings have a point, or are you just describing the world that exists in your mind? The law is what the Congress and the courts decide that it is. If they don't agree with what you think it should be, then your ideas don't mean squat.

Re:Glad I never bought from them.

[hairyfeet]

I could understand that with something like a book of the month club, but the bank and electric company? Or the CC bunches? Surely is ANYONE has enough data to tell two people with similar names apart it would be them. And it was even worse because this is a heavily Irish area and I have the equivalent of John Smith for Irish. It would be like assuming every Mexican girl named Maria is the same gal.

And while I'm sure that's true about the death cert, you'd have to admit it would be a cool if not incredibly morbid wall hanging. And while i'm sorry the guy is gone now there are only three other guys in my town with the same first and last but luckily for me their families don't match up like he and I did so i'm not getting hassled anymore. But for awhile there it was truly maddening!

Re:Glad I never bought from them.

[mjwx]

You are extremely naive if you think that is the only implication here.

You are extremely naive if you have missed the joke.

Not to mention judgemental.

Just to explain it to you, Amazon UK has been emailing me with suggestions that I buy a book I bought from Amazon UK over six weeks ago, it's not like I'm going to buy the same book again is it?

Re:Glad I never bought from them.

[mjwx]

Does Amazon actually send you stuff you don't want? All I get from them are order and shipping confirmations, perhaps I clicked something about not sending me advertisements.

I deliberately left the advertisement checkbox checked when I bought some books from Amazon UK so yes, it's solicited. Same with other brands I wish to know about (Singapore Airlines and Air Asia spam has saved me hundreds in flights). As for sending me stuff I would like to buy, apart from advertising a book I've already bought (it's an old book so I suppose it would have a few different SKU numbers's for different publication batches) they've been pretty good.

But as mentioned above I sort this into a secondary folder (label) and mark as read so I can read it later and it doesn't bother me.

Re:Glad I never bought from them.

[maxume]

Your tone (in the other comment) sort of implied that you didn't appreciate the messages, so I did wonder why you wouldn't shut them off.

Re:Glad I never bought from them.

[JWSmythe]

I do wish people could see some of the stuff that I've seen. Most of it's protected by NDAs and stacks of laws.

    But the problem originates with the fact that people don't necessarily have enough information to make educated guesses. It'll come out as some silly like searching for John McSmith (you said Irish, right?) in Boston or Chicago, 10% have a DOB, most have an address. So who is the John McSmith who they're referencing? Pick one. :)

    Really, the information available is pretty sad. not that there isn't mountains of useful data. It's just that it is so easily tainted by various things. Maybe when you first called the electric company to have your power turned on, they keyed in John McSmith at 123 Main St. When you called again because they didn't turn on your service, they couldn't find your real address record, John McSmith at 321 Main St. so now you have two records. And at some point it's likely they'll either sell that information to someone else, or even just querying the credit bureau for your current score (ya, they do that).

    If they aren't using a direct feed from the credit bureaus (most places don't), the place that the request passed through may be kind enough to remember that Jon Mack Schmit lives at 321 Main St. Aw shit, now you have another record because someone couldn't spell a good Irish name like McSmith. :)

    I found that much like spammers, once some bad information gets in there, it'll continue to propagate out forever.

    This could be easily fixed with an accurate and verifiable system of information. Something along the line of using the SSA issued SSN, with drivers license information. Both issuing parties do a good bit of verification. I won't say it's perfect, but it's far better than the procedures required for commercial entites to set up services. People get bent out of shape about privacy though, so you can't just go query the SSA for a SSN, nor the state DMV nor the federal databases in regards to your drivers license information. Nope, they are dependent on what they already know about you "the guy said Joe MicSmith on the phone, right?", and common pools of information such as the credit bureaus and other data mining companies.

    Being that there are so many variations of my own name on my own credit bureau records (I check all 3 frequently), and none of them have my correct home address, nor even my employer listed. One has an employer that's 15 years out of date. Another is a company that never existed, that I put on a form because I didn't have anything better to put down. Basically, I put the name of one of my sites, rather than "unemployed and looking". I can't remember exactly where I did it, but that's the only situation I would have given that name, and it wasn't to get a line of credit established. Most likely I gave it when I had to give something for a grocery store "savings" card (mandatory, unless you want to pay double for groceries at that chain).

Re:Glad I never bought from them.

[perlchild]

There'd be a better solution is eulas were

a) negotiable or
b) negotiated on your behalf by a consumer association of some kind

right now, eulas are written by the lawyers of the firm in question, with the very minimum to make them legal(if that much) and you have to waive a bunch of what's basic consumer rights, just to enter into business with those firms.

Why is it that whenever someone points a flaw in the system, the answer always is "go away, cuz noone will fix it"

Re:Glad I never bought from them.

[tehcyder]

Hope this never happens to Amazon...

What difference would it make?

Amazon UK has been spamming me with the same book I bought a month and a half ago. Would it matter if B&N does it too?

You are extremely naive if you think that is the only implication here.

Big deal, another book company gets what? your name, email address, and a list of what books you bought recently. If any of that information is particularly sensitive, you should have bought the books somewhere anonymously in cash.

Re:Glad I never bought from them.

[tehcyder]

The real question is whose asset is your information. Consider that your information is on loan, subject to conditions of contract being fulfilled, at any time you are entitled to recall your private data and in turn the company is no longer required to provide you will value based upon the loan of that data.

But when some assclown gets sacked for posting pictures of him drunkenly buggering a goat on facebook, everyone here says "well, you shouldn't have published that information on the internet inthe first place".

Similar thing here. If you want stuff to be private, don't tell third party companies about it, even if they give you a free diary or something.

Re:Glad I never bought from them.

[tehcyder]

Tell me about misinfo! I had to deal with it for about two years because of my "doppelganger" as I called him. The guy lived on the other side of town, but he had the same first, last name and middle name (his middle was spelled differently but was the same name) , he had a sister with the same name as mine, and both of his parents had the same names as mine, only they were a couple of years younger than my parents.

That's what comes of having parents with a warped sense of humour, changing their surname to "Public" and calling their kids "John Q" and "Jane Q".

Re:Glad I never bought from them.

[tehcyder]

I guess you were lucky in that there wasn't a death certificate issued for you. From what I understand, that is a bastard to get fixed.

It would be a fucking great alibi though

Re:Glad I never bought from them.

[tehcyder]

Amazon sells many, many things including (but certainly not limited to) herbs, electronics, sex toys, bondage gear, gourmet food, and of course books about almost any subject. Any marketer would love to have detailed shopping histories from Amazon...

Luckily, Amazon won't sell to third party marketers, it would be giving information to their competitors.

Re:Glad I never bought from them.

You can't just make up your own reality to suit your needs. Well I guess you can, but if you ever get into the situation where any of this matters I'd highly recommend getting a lawyer who operates on this plane of existance.

Re:Glad I never bought from them.

[tehcyder]

no sane judge would issue a search warrant based on this type of flimsy circumstantial evidence alone

I wish this were true, but either it's not or we have a significant number of insane judges. It's legal to buy electricity, too, and lightbulbs, but search warrants are commonly issued for suspicious patterns of power usage or evidence of the installation of grow lights (thermal imaging).

But presumably enough of these search warants uncover large drug producing facilities, so it's worth the authorities' while?

Re:Glad I never bought from them.

[Anrego]

I honestly think the answer is

c) mostly non-existant

I haven't given too much thought into how well this would actually work or how we would get to this point, but I can envision a system where there are a set of laws that cover both parties interests to a certain level that society as a whole can agree on (good luck with that, I know..). Kind of a global TOS. You buy a product or service, and are just implicitly bound by these terms. Companies would need to justify having their own TOS and justify what's in it, and there would be laws in place that severely limit what can be signed away in a TOS.

Right now as you said, we have very little say in the TOS and EULAs that we sign, and unfortunately unless you live out in the forest off the land, you really can't avoid these "click here to sign away your rights" type agreements that are required for just about every basic product and service we rely on.

We are already heading in the right direction, with some laws showing up limiting what rights a person can sign away.. so maybe someday :)

Re:Glad I never bought from them.

[Anrego]

Similar thing here. If you want stuff to be private, don't tell third party companies about it

Problem is, in todays world that's pretty damn hard. No online shopping, no telephone service, no credit cards, no internet, no car insurance .. the list goes on and on. You can barely buy a pack of gum these days without providing all your info and signing some "I give up my basic consumer rights" agreement. Just about everyone sells your information. They don't even really hide it any more because they know people have little choice but to bend over and take it.

It's not impossible, you can live a cash only existance .. but it's not really living.

Re:Glad I never bought from them.

[Ol+Olsoc]

Another true story here

I was the president of a youth Hockey organization. As part of becoming a coach or a board member, we were required to have a state police background check. It wasn't a big deal, just checking a person's criminal record. It was even stressed to the potential coaches that we were not looking for anything other than red flags that someone might not be safe to be around children.

Whereas we once had a steady group of volunteers, it dried up pretty quickly. People became "too busy - sorry". If they gave a reason at all. Most just disappeared into the background. I did get one fellow to talk to me about it. He noted that especially with his fairly common name, it would be very easy to have a mistake made; someone else with the same or similar name showing up as him, and with a problem report. And people being what they are, they will automatically assume the worst. And even the smallest suspicion of a child abuse problem can ruin a person's life and career. So yeah, he said just to be a coach is not worth it.

And that's pretty much what I figured out that all those folk thought. And that's really sad. People have become incredibly distrusting. This personal info and possible incorrect info are a big part of it. I believe that unless something is done, it will become counterproductive to the businesses using it, as in reduced sales.

So somewhere between tinfoil hat conspiracy kooks and the "Eeef you haf dun nossink wong, you haf nossing to vorry about." crowd, there is a thread of truth to getting your information mixed up with someone else's information - and it can make your life a mess. Borders Books information on it's customers should have gone away the moment they went bankrupt.

Re:Glad I never bought from them.

[Psmylie]

Due to a joke by a co-worker many, many years ago, my title at work has been "Head Tech Monkey", at least according to all the tech-related junk mail I get. It's kind of funny to see, but it's also a bit alarming, getting all this mail from places I never signed up for or had any business dealings with at all, and all of them with that bad information from the same source.

Actually, that might be an interesting experiment. Purposely putting bad information out there like that, and seeing how quickly and how far it propagates.

Re:Glad I never bought from them.

[black+soap]

The problem is, companies see data as infallible. If it is there, it must be correct enough to work with. You think the employees are allowed to work on the assumption their data is wrong?

There is basically no liability to companies who get your records mixed up, even if it costs you time and money fto fix. The problem is they are putting together the bad data, buying bad data from others, and combining it badly, but you are the one that gets inconvenienced. Companies and bureaucracies tend to treat the data as the real thing they are dealing with, and forget the reality that you are the real thing, the data is just their guesses, their collection of rumors and stories about you.

When companies keep specific records on specific people, they ought to be more careful about knowing the limitations of the data's accuracy. I am not a credit score, that is a number the credit rating agency made up to describe me. If they are inacurately describing me (saying I am a bum who doesn't pay his bills) and it costs me money, why isn't that slander/libel?

Re:Glad I never bought from them.

[black+soap]

It would be a horrible fucking alibi. The police could prove you were in any part of town they wanted you to have been in.

Re:Glad I never bought from them.

[FatdogHaiku]

Right, but the supposition was what if their IP was auctioned off as is the case with Borders...

Re:Glad I never bought from them.

[amRadioHed]

Singapore Airlines and Air Asia spam has saved me hundreds in flights

Why would you call it spam if you requested it? That's like calling someone a thief for accepting a gift you offered.

Re:Glad I never bought from them.

Borders said they wouldn't use the data. Borders is the one who broke the agreement by including that data in the sale

Let's SUE THEM INTO OBLIVION THEN.

Re:Glad I never bought from them.

[JWSmythe]

    If you have the time and patients to do it, you can do some pretty interesting tracking of how your info gets shared. Parts of your info are always going to be there, and some aren't. For example, you can be confident that your first name, last name, street address, and usually email address will stick. Your middle name and zip+4 may get dropped.

    if you have a domain name (or subdomain) that you don't mind inviting a bunch of spam to, you could do a wildcard redirection, and give each place a unique ID number. It has to not look like tracking though, or they may drop it. So if you own example.com, I could primarily use jwsmythe@example.com, but for each place that I give my info out to, I could use jwsmythe###@mail.example.com, where ### is a unique number.

    For your physical mailing address, you'd want to check with your local postal carrier, but you could likely make your mailing address:

    JW Smythe
    123 Main St #123
    Anytown, NY, 10011

    The #123 should be a unit, room, or something, and the postal carrier should be ok with delivering it to your mailbox. Obviously, that doesn't work as well if you live in an apartment or other multi-unit dwelling. Put it on the first address line, not on the second. Sometimes the second line gets dropped off.

    The harder part, that requires the dedication, is to track all the numbers. It can be months to years before you really start seeing that new info showing up from the wrong places.

Re:Glad I never bought from them.

[WNight]

If you want to sit and passively wait for pics like the rest of us, sure. But if you want to collect information more easily by saying "We'll treat it well", you had better.

That asset is worth less, and thus given more freely, because it's encumbered with conditions. Pretending the conditions on an asset go away on transfer is ridiculous. If you buy land where someone else has the water rights, for instance, you cannot remove that right by simply selling the land - even via bankruptcy. That personal information is seen differently is a legal aberration, and part of the reason nobody respects "the law".

The real way to deal with this is rent the involved CEOs' houses (as if for a movie shoot) and go bankrupt, selling the houses (which we all agree are not yours to sell) for pennies on the dollar. Because that's what they're doing to people.

Re:Glad I never bought from them.

[hairyfeet]

The problem I had wasn't the screwed up, we're human, shit happens. it isn't fun but i'm not getting my panties in a wad because someone screwed up feeding a DB, it happens. no what royally pissed me off is how many believe the machine never is wrong and will argue up and down that the machine is right and you don't know your own data! I think I know where I live, thanks dumbass. I even argued with AT&T once for an hour because they swore up and down my building, which is a historic landmark and been there since after the civil war, didn't exist because their computer said so!

But believe you me i know about having generic data. I found out that Kevin is the equivalent of Joe to the Irish and with a VERY common Irish last name I might as well have been Joe Smith or Maria Sanchez. I just wish when confronted with the facts that so many wouldn't just droolingly look at the God PC to tell them what is right. if there is ANYTHING we geeks know to be 100% true its garbage in garbage out, yet so many Sally Secretary types just refuse to believe anything Mr computer doesn't tell them is so, no matter how much paperwork and data you show them. THAT is the frustrating as hell part!

The only way I finally got shit straightened out at the bank was to quit the one I was at and go to a little bank across town. Naturally they had another with the same name but the girls there are smart enough to know if they are unsure to go "Is this pickup truck Kevin or sportscar Kevin?" because the other Kevin has a Mustang and I have a Ranger. Kinda sad that with us having different parent names, DOB, and all that jazz they go by vehicles, but I guess its just human nature to go by names and he and I have used the drive through enough they know us by our wheels. Once in a while I'll get stuck behind him at the drive through and yell "Whazzup sportscar me?" and he'll laugh and yell back "Wash your damned truck, you're making us look bad!". Yeah yeah, some of us have better things to do sportscar me.

Re:Glad I never bought from them.

[JWSmythe]

    Hehe, nice story (err stories).

    Ya, I never saw how screwy things were until I actually started parsing data on my own. I'd pick an arbitrary person, and search the DB directly for their information. The "arbitrary" person was always someone who I knew personally, that I could tell and laugh about it later on. So I'd go in knowing at least their name, age, and home address. I'd search by name, get a SSN. Search for the SSN and get other varitions of their name. Search those results by home address. Find what cars they'd owned, and/or where they had drivers licenses. Every bit of information that I hit, I compile into the larger report.

    It doesn't take my kind of access to get that kind of information though. A while back, I was talking to a woman before we started really dating. This is before I ever worked for a data mining company. She dared me to find out where she lived. I got it right within a mile of her house. I found her date of birth, partial social security number, past residences, and even 15 year old traffic tickets. Not all of the information is because of the Internet either. It would have required me driving out to court houses to do research. So what would have taken weeks of flying around to different cities, was done in about an hour for free, while sitting at home. :)

    I've never met any of my alter egos, even the ones who live near by. I am surprised by what I find out there. My alter egos are doctors, veterinarians, lawyers, executives, programmers, and a pilot. Some are close to my age, but most are way off. I heard there is one who isn't exactly a good guy. He is 30 years older than me, and had outstanding felony arrest warrants. I haven't bothered to research him to find out what his current status is. It's probably for the best that I have no clue.
   

Re:Glad I never bought from them.

[mjwx]

Your tone (in the other comment) sort of implied that you didn't appreciate the messages, so I did wonder why you wouldn't shut them off.

I was being a bit sarcastic.

But advertising a book I already bought was a little annoying. Also, Amazon's algorithm for figuring out books to suggest isn't that good, for the most part they've just shown me books from the same authors.

how is this legal?

[ILongForDarkness]

Information is an asset I'll admit. But the access to the information was clearly bounded by Border's privacy policy. I really don't understand why the courts are even considering the possibility of allowing it to be sold. If the privacy policy said only Borders would access the data then when Borders ceases to exist than so should the data. B&N can just ask you to give them the info if you choose to under their privacy agreement. The fact that the company would even try to purchase information covered under a privacy agreement with another company puts them on my no-buy list.

Re:how is this legal?

The US does not have any data protection act (other than medical, which is taken very seriously). He who collects it can do what the please with it. Which generally translates to selling to other parties.

Re:how is this legal?

[0123456]

If the privacy policy said only Borders would access the data then when Borders ceases to exist than so should the data.

Data doesn't disappear just because the company does. This is why anyone who's interested in privacy should be ensuring that no-one else has their data in the first place.

A 'privacy policy' is not a legally-binding agreement, and even if it was there's no guarantee that it would apply in bankruptcy.

Re:how is this legal?

[ColdWetDog]

No, no it's much worse than that.

Corporations can't be killed. They can be consumed by another corporation but the bits and pieces (especially bits these days) never dies. New corporations feed off the rotting entrails of older ones but they grow up to be functionally all the same.

Much worse than a Zombie infection. Sort of like a rootkit. Reboot all you like, it's still there.

Re:how is this legal?

[ILongForDarkness]

I think the article mentions a "deceptive business practice" clause that could cover this kind of thing. The fact that the information was supplied to you for a specific purpose should bind you to only use it for that purpose. I know I'm being naive but it does seem a rather unethical thing to do. What if for example the courts decide to license out the info from Borders rather than just sell it to one company (or the buying company does it)? Say they see you bought books about animals and the next thing you know you have door to door gypsies showing up with trained circus monkeys :-)

Re:how is this legal?

[tripleevenfall]

I think part of this is legal - B&N doesn't want to find itself ensnared by legal complications resulting from deficiencies in Borders' data collection or handling practices.

Even if B&N never in a million years intends to misuse the information, it's still worthwhile for them to attempt to indemnify against the possibility.

An example of this same kind of thing is that in states which allow one to carry a concealed weapon, there are many people who hold permits even though they never actually carry them, because the web of law around possession and transport of firearms is complex, and if you inadvertently violated some provision of the law you could find yourself in legal trouble. But having a permit to carry and possess at all times could save you in the case of you forgetting to lock a container or something like that.

Maybe that metaphor is a reach, but suits related to this can be very costly. It's worth B&N having their legal eagles see if they can conjure up a "get out of jail free" card, just in case.

Re:how is this legal?

[chuckinator]

B&N has been on my no-buy list for a very long time after my experience with the university textbook market.

Re:how is this legal?

[TemporalBeing]

I think part of this is legal - B&N doesn't want to find itself ensnared by legal complications resulting from deficiencies in Borders' data collection or handling practices.

While IANAL, From my limited understanding of Bankruptcy law, the courts can basically dissolve nearly any contract in place. So as far as the Bankruptcy court is concerned the Private Policy doesn't exist, and they can sell the information off regardless of what the Private Policy said. The Privacy Policy only protects against what Borders itself can do with the data in the course of their own business, but once you get to Bankruptcy court then all bets are off. That is the problem with Privacy Policies.

Now, if another company simply bought Borders then the Privacy Policy would still be in effect. The issue only comes into play when a company goes through Bankruptcy. Privacy Policies might even survive restructuring under Chapter 11 Bankruptcy; but it won't likely survive Chapter 7 Bankruptcy.

That said, I think this is one area that Congress should address and fix - so the Bankruptcy courts are not so free to break the Privacy Policies, however restrictive the company may have made them.

Re:how is this legal?

[sabt-pestnu]

I wonder if you could use the theory that the information isn't Borders', it's yours - and by breaking the contract under which it was provided, Borders no longer has a right to it.

Re:how is this legal?

I tend to agree... Customer data ought to go away with the company. Or, at the very least, the buyer of such data ought to be required to ask the peopel represented by it if they want to opt out... But that isn't the way it is right now, so I suspect B&N has a legal standing here...

Re:how is this legal?

Unethical yes, but what does ethics have to do with law?

Re:how is this legal?

[DrgnDancer]

This sounds not unreasonable. B&N already has a huge amount of information on my book buying habits from my accounts with them (I have a loyalty card, and buy stuff from them online), and they've never used that to spam me excessively. I don't see why they would abuse the more limited info Borders may have on me. At best it would serve to piss me off and be less likely to use them.

Re:how is this legal?

[mlts]

This exact issue is also affects cloud computing as a whole.

Take a cloud provider goes out of business. Another entity buys up all their servers, and now has free and complete access to the former clients' data. All data can be sold to the highest bidder (even if it is in a hostile country), or just slap it on a 20TB BitTorrent off of thepiratebay? Easily done, and there is not one thing legally that can be done about it.

Until the bankruptcy code addresses this with a stipulation that all data is either erased (with certificates of destruction of data or physical media), one needs to assume any and all "privacy policies" are "we will give any info to any and all we please."

Re:how is this legal?

[frank_adrian314159]

A "deceptive business practice" clause that could cover this kind of thing.

Well, yeah, if there was anyone left to enforce it against. Which there isn't. Because the whole point of Chapter 7 is that tere's nothing left.

Re:how is this legal?

[icebike]

While IANAL, From my limited understanding of Bankruptcy law, the courts can basically dissolve nearly any contract in place.

I don' think bankruptcy can dissolve anything other than money contracts. (IANAL either).

Physical property, like land and houses are often accompanied with "contracts" such as covenants, easements, etc.
Yet even when these assets get sold thru bankruptcy you can't then claim that the easement or covenant is no longer in force.
These are public contracts that bind all future owners.

Similarly a publicly stated privacy policy, and explicitly restrictions on revealing consumer's credit card information, are public contracts.
The policy was in place at the time B&N bid on the Borders asset.

Borders explicitly stated (since 2008) in their Privacy Policy:

Disclosures in connection with acquisitions or divestitures. Circumstances may arise where for strategic or other business reasons Borders decides to sell, buy, merge or otherwise reorganize its own or other businesses. Such a transaction may involve the disclosure of personal and other information to prospective or actual purchasers, or receiving it from sellers. It is Borders' practice to seek appropriate protection for information in these types of transactions. In the event that Borders or all of its assets are acquired in such a transaction, customer information would be one of the transferred assets.

Similarly, B&N explicitly states (at least since April) in its privacy policy:

Sales, mergers, and acquisitions. If Barnes & Noble becomes involved in a merger, acquisition, or any form of sale of some or all of its assets, personal information may be provided to the entities and advisors involved subject to a confidentiality agreement, and we will provide notice before any personal information is finally transferred and becomes subject to a different privacy policy.

So this seems to me to have been in the policy statements of Borders for a long time, most customers knew or should have known about this provision, and Borders provided an opt out link in the page referenced above. Therefore think B&N is well within their rights to use this information.

Re:how is this legal?

The best solution to most textbooks that I need is to import international editions. UPS from India beat FedEx from New Jersey, and was better wrapped. There maybe a variety of sites that help this type of market, but I use abebooks and only retailers in my country (US in this case). $140 book cost $28 (shipping included).

Re:how is this legal?

[0123456]

UPS from India beat FedEx from New Jersey, and was better wrapped.

Yeah, but with UPS they try to deliver it, you get home, find the card, go to the web site and tell them you'll collect it, but it's too late for them to take if off the truck so you can't collect it the next day, then the next day you go to their office wihch is only open two hours a day and queue up for half an hour and they tell you they forgot to take it off the truck so you'll have to come back again the next day.

I've often had UPS parcels take longer to cover the two miles from their depot to our house than they took to travel half way around the world to the depot. With Fedex I just stop by on the way to work the next day and collect it from them, because they're actually open at sensible times.

Re:how is this legal?

[ILongForDarkness]

But they are claiming there is something left when they try to sell it. Also if the court is controlling the bankruptcy sale they should be able to say this can be sold, that can't etc. My understanding is you file Chapter 7 but it is an ongoing process it isn't a one time "oh we are done" it is a long involved process potentially with the attempt to salvage the company, sell of parts, etc.

Re:how is this legal?

[black+soap]

This is an asset they wanted, that was attached to a promise (contract) - basically a liability attached to the asset. Bankruptcy is often used to restructure debt, but this obligation/liability is an intrinsic part of the asset. Better that data be destroyed than transferred apart from the promises of privacy that made the collection of it possible int he first place. If the separation of the data from the privacy policy is allowed, I can see it quickly getting abused.

Re:how is this legal?

[tripleevenfall]

Frequently, companies refuse to honor warranties after bankruptcy.

GM is now doing this regarding an issue with the Chevrolet Impala. They are refusing to warranty work that is covered under the warranty on the grounds that pre-bankruptcy GM and the current GM are two different companies.

This is common.

Re:how is this legal?

[compro01]

Beats the hell out of Fedex, who don't come within 100 miles of me, so they receive my package on Monday, sit (possibly literally) on it until Friday, then drop it in the mail to the bus station (Which is literally 4 blocks from the Fedex office in that city!), after which I can pick it up at the local bus station probably on Wednesday.

And don't even get me started on their inability to do simple math and calculate taxes and duty properly, leading to my package getting stuck at customs for a week, without them informing me that it was there because tax was due.

Re:how is this legal?

Yes, it's the judge managing the bankruptcy who's the problem here. He should be stopping things like this.

Re:how is this legal?

[DarkOx]

I disagree, that information IS and asset and creditors in order of seniority should have an absolute right to extract as much value in a bankruptcy up to what they lent as possible. This is a pretty fundamental concept of credit and private property which are more basic to our society that even the notion of privacy. That is why what the Obama administration did with Chrysler was such an atrocity.

They take away here is consumers need to learn the lesson that information is an asset. They need to be less willing to give it up and learn to demand much more in return if they decide to do so. Perhaps after they get burned a few times with things like this they will actually vote with their wallets and choose to do business with those who don't attempt to uniquely identify them and their transactions, and don't run face recognition on the surveillance video from the parking lot.

Re:how is this legal?

[CCarrot]

UPS from India beat FedEx from New Jersey, and was better wrapped.

Yeah, but with UPS they try to deliver it, you get home, find the card, go to the web site and tell them you'll collect it, but it's too late for them to take if off the truck so you can't collect it the next day, then the next day you go to their office wihch is only open two hours a day and queue up for half an hour and they tell you they forgot to take it off the truck so you'll have to come back again the next day.

I've often had UPS parcels take longer to cover the two miles from their depot to our house than they took to travel half way around the world to the depot. With Fedex I just stop by on the way to work the next day and collect it from them, because they're actually open at sensible times.

This. UPS availability and service just blows for people who have jobs outside the home and can't loll around all day waiting for a package. It's why my first name for all UPS-delivered items (when I know the vendor is planning on using UPS, that is) is "HOLD-FOR-PICKUP", along with another note in the special delivery instructions (if the option is even available on the ordering page). Or, if all else fails, I specify my workplace as the delivery address, but I don't like to do that very often even if the mailroom doesn't mind it for small packages...

Re:how is this legal?

[Culture20]

Go ahead and sue Borders... after they've dissolved themselves and sold the company assets.

Re:how is this legal?

[TemporalBeing]

This exact issue is also affects cloud computing as a whole.

Take a cloud provider goes out of business. Another entity buys up all their servers, and now has free and complete access to the former clients' data. All data can be sold to the highest bidder (even if it is in a hostile country), or just slap it on a 20TB BitTorrent off of thepiratebay? Easily done, and there is not one thing legally that can be done about it.

Until the bankruptcy code addresses this with a stipulation that all data is either erased (with certificates of destruction of data or physical media), one needs to assume any and all "privacy policies" are "we will give any info to any and all we please."

While (again) IANAL, that is probably a little farther fetched as the Bankruptcy court would probably recognize the contract in place and not recognize that data as belonging to the company. Not to say it couldn't happen, but it'd be a lot harder to have happen than the Privacy issue as there is an actual service contract involved. (Not so with the Privacy Policy.)

Re:how is this legal?

[TemporalBeing]

hysical property, like land and houses are often accompanied with "contracts" such as covenants, easements, etc. Yet even when these assets get sold thru bankruptcy you can't then claim that the easement or covenant is no longer in force. These are public contracts that bind all future owners.

WHile (again) IANAL, I think there is a big difference there. For example, easements are a matter of law - the land in the easement doesn't technically belong to the land holder even though they assume responsibility for the land (it belongs to whomever has the easement rights). Also, in a land property you also have zoning and building codes - things that are outside the jurisdication of the bankruptcy court, things they have no control or influence over - so there are limits to what a bankruptcy court can do in those cases. So even in your example it very much depends on the type of contract involved and where the requirement comes from.

The problem is, there are no limits regarding privacy policies for the bankruptcy courts right now. They're just another informal, single-sided contract - one that the court can break.

Re:how is this legal?

[TemporalBeing]

This is an asset they wanted, that was attached to a promise (contract) - basically a liability attached to the asset. Bankruptcy is often used to restructure debt, but this obligation/liability is an intrinsic part of the asset. Better that data be destroyed than transferred apart from the promises of privacy that made the collection of it possible int he first place. If the separation of the data from the privacy policy is allowed, I can see it quickly getting abused.

IANAL, but there are several kinds of Bankruptcy. Most popular is Chapter 7, which results in Solvency, and Chapter 11/13 (11 for companies, 13 for individuals) which simply allow restructuring of the debt under court supervision. The court can break a lot of contracts in place even under Chapter 11/13; however, they tend not to so long as the contract does not prevent the company/individual from exiting Bankruptcy, which is the ultimate goal of Chapter 11/13 Bankruptcies. However, under Chapter 7 there is no exit from Bankruptcy, just shut down - in which case, all assets are taken, and all contracts can be terminated, and the court can do nearly anything within its jurisdiction to do (e.g. it can't change zoning or building codes on land or structures).

Re:how is this legal?

[TemporalBeing]

I disagree, that information IS and asset and creditors in order of seniority should have an absolute right to extract as much value in a bankruptcy up to what they lent as possible. This is a pretty fundamental concept of credit and private property which are more basic to our society that even the notion of privacy. That is why what the Obama administration did with Chrysler was such an atrocity.

I'm not stating anything here per what I think about whether the information is an asset. All I am saying is that there should be limits to what can be done with information collected under a Privacy Policy when the entity that did the collecting goes through Bankruptcy. The bankruptcy court should not have a completely free hand in what can be done with it, as is (AFAIK since IANAL) the current case.

Re:how is this legal?

[icebike]

The problem is, there are no limits regarding privacy policies for the bankruptcy courts right now. They're just another informal, single-sided contract - one that the court can break.

But again, As I pointed out later in my post, BOTH companies have EXPLICIT statements in their on-line privacy policy stating well in advance that personal information of customers were an asset that WOULD BE INCLUDED in any sale.

So no need to break the allegedly single sided contract.

Re:how is this legal?

[operagost]

It wouldn't be ambiguous if the government hadn't meddled and, like every other corp, told GM it's chapter 11 or chapter 7: take your pick.

Re:how is this legal?

[ZombieBraintrust]

It is screwy. But I am sorta glad B&N purchased the info and not someone else. At least with B&N we know what that the info will be used in the exact same way it was used under Borders. I would love a ruling that the data needs customer approval for transfer though.

Re:how is this legal?

[mlts]

Very true. To us, it makes sense. However, what is needed in order for this to not be something that ends up bounced in the courts for years is a clear law -- client data on a company that goes bankrupt? The physical machine's drives get zeroed (if the drives support cryptographic erasures), or physically destroyed, and a third party certifies that this has been done to the bankruptcy court.

Ideally, we need a data protection act, where unless there is explicit reason for data to remain on a machine (intrusion attempt, motion of discovery), it has to be destroyed within a reasonable time frame (30 days for Web logs, 12 months for back purchases, etc.) This way, the damage from a bankruptcy would be limited.

Re:how is this legal?

[ZombieBraintrust]

Bankruptcy is a legal process where you legally break your contracts because you are out of money. The only way to protect data privacy is through legislation that limits how data is transferred in Bankruptcy.

Re:how is this legal?

[ZombieBraintrust]

When attempting to salvage parts of the company the Judge doesn't want to rule that something can't be sold. His primary concern is making sure debtors get money back. The data is something that clearly has value to B&N. There is not much damage to consumers if the data is transfered from Borders to B&N. No customer is going to lose money, be embarrased, or go to jail because of this deal. Damages to the consumer is very hypothetical. So why not let it go through.

Re:how is this legal?

[TemporalBeing]

The problem is, there are no limits regarding privacy policies for the bankruptcy courts right now. They're just another informal, single-sided contract - one that the court can break.

But again, As I pointed out later in my post, BOTH companies have EXPLICIT statements in their on-line privacy policy stating well in advance that personal information of customers were an asset that WOULD BE INCLUDED in any sale.

Again, that has little to do with the issue at hand. While IANAL the Bankruptcy court can completely ignore what they say they will do in those agreements per a sale. Most all of them state that the conditions will carry through, while the Bankruptcy court can completely ignore that if it so desires.

So no need to break the allegedly single sided contract.

Unless you as an individual (i) sign a copy, (ii) return the signed copy to them, and (iii) receive a copy of what you signed with a signature of one of their representatives (either before or after you signed) then it is a single-sided contract as they are defining the terms of which you have no say in the matter. That is a legal definition. There is no "allegation" going on.

Re:how is this legal?

[tlhIngan]

Information is an asset I'll admit. But the access to the information was clearly bounded by Border's privacy policy. I really don't understand why the courts are even considering the possibility of allowing it to be sold. If the privacy policy said only Borders would access the data then when Borders ceases to exist than so should the data. B&N can just ask you to give them the info if you choose to under their privacy agreement. The fact that the company would even try to purchase information covered under a privacy agreement with another company puts them on my no-buy list.

In a bankruptcy situation, the court is the one in charge of trying to get back as much money as possible for creditors (secured first, then unsecured if there's anything left over).

Some stuff can't be sold, and aren't. Others may have zero value, but if someone comes to the court and say they want to pay money for it, the court will sell it because it allows creditors to be paid.

If it concerns you that much, put in a bid. Maybe you can convince the court that not selling it to B&N is a good thing and you'll pay for it for its destruction. Heck, maybe you can ask the court for permission to see the list so you can put up a collection of $10 each to pay for the information. If you can convince the court you'll get at least $13M for it, they'll probably allow it. If you get more, even better for all involved. Of course, you have to guarantee it, but the courts will entertain higher bids (again, more creditors get paid).

Re:how is this legal?

[TemporalBeing]

Very true. To us, it makes sense. However, what is needed in order for this to not be something that ends up bounced in the courts for years is a clear law -- client data on a company that goes bankrupt? The physical machine's drives get zeroed (if the drives support cryptographic erasures), or physically destroyed, and a third party certifies that this has been done to the bankruptcy court.

Ideally, we need a data protection act, where unless there is explicit reason for data to remain on a machine (intrusion attempt, motion of discovery), it has to be destroyed within a reasonable time frame (30 days for Web logs, 12 months for back purchases, etc.) This way, the damage from a bankruptcy would be limited.

Agreed.

Re:how is this legal?

[Obfuscant]

This. UPS availability and service just blows for people who have jobs outside the home and can't loll around all day waiting for a package.

Not for me. They just pried open my locked front screen door and hid the package there. And when the replacement arrived, after I reported that the first one had never arrived, they simply hid the second one right next to the first.

Their only mistake was that two packages didn't quite fit, so the locked screen door was slightly ajar and I noticed it when I got home that night. If they had been better at hiding things, I might never have noticed.

Re:how is this legal?

Would you like some cheese to go with your irrelevant off-topic whine? Or maybe have someone call the whaaaaaambulance?

Re:how is this legal?

[CCarrot]

This. UPS availability and service just blows for people who have jobs outside the home and can't loll around all day waiting for a package.

Not for me. They just pried open my locked front screen door and hid the package there. And when the replacement arrived, after I reported that the first one had never arrived, they simply hid the second one right next to the first.

Their only mistake was that two packages didn't quite fit, so the locked screen door was slightly ajar and I noticed it when I got home that night. If they had been better at hiding things, I might never have noticed.

Ha ha, epic UPS fail. I hope the company charged the cost of the second widget to UPS...

Come to think of it, years ago I do seem to remember coming home to a large-ish $400 item left on our semi-covered back porch in the middle of winter, whereas a $15 book delivery required chasing them around for three days to retrieve it...along with the lovely threats to send it back to the vendor if I didn't retrieve it within a week...

Bite me, UPS. Just bite me.

Re:how is this legal?

So, it might be legal, but it isn't right. Fuck you B & N, I'm buying my books (you know which ones, don't you?) somewhere else.

Re:how is this legal?

[AK+Marc]

HIPAA shouldn't be taken seriously. There has never been an investigation into someone improperly sharing data or having lax security that allowed a successful intrusion. There have only been two fines, both for holding data when required by law to share it. HIPAA will *never* be used to prosecute a lax policy (whether poor policy or poor application of an adequate policy). Yes, you can quote me on that. The fear of HIPAA is all generated by consultants lying to increase their income. Never trust anyone who stands to gain materially by lying to you. "You buy this from me or you'll be in violation of HIPAA" has been said millions of times, and was a lie every time it was ever uttered.

Re:how is this legal?

[Obfuscant]

They've also hidden what would normally be a non-perishable item hidden around the corner of my house. The only problem was that it was rainy season, and the normally non-perishable dried plant item happily absorbed the water and grew a heavy layer of green fuzz. Stinky green fuzz. Stinky green fuzz in a soggy cardboard box.

In case you didn't know, UPS now has a "deliver by USPS" (spelling is correct, US Postal Service) option. You can have a package shipped across country UPS ground in official brown-logo UPS trucks, only to be delivered to the local POST OFFICE, which will then take another day to sort it out and deliver it to the corporate mail unit, which will then take yet another day to sort it out and do final delivery. Instead of simply leaving it at the normal USP delivery point two doors down the hall, where someone responsible will sign for it and deliver it immediately.

Re:how is this legal?

[Hognoxious]

I think his point was that there are restraints, constraints and obligations that still apply after bankruptcy or other changes of ownership, so why can't data usage be the same?

Re:how is this legal?

[Overzeetop]

This is an interesting point, actually. If my truck is parked on the lot of the local Ace Hardware store, and it goes bankrupt, can the bankruptcy court sell off my truck to settle Ace's debts? What if Ace had a stock of widgets that they were selling on consignment for me? What if I delivered widgets for them to sell, but have not been paid for them?

I believe the first two the ownership reverts to me, but in the third case I may be SOL. IP has weird twists that make it hard to conflate with physical goods, too. I agree that legislation is the most likely solution. If these were medical records, there wouldn't be an issue.

Re:how is this legal?

[tehcyder]

The US does not have any data protection act (other than medical, which is taken very seriously). He who collects it can do what the please with it. Which generally translates to selling to other parties.

Not credit card information, surely?

Re:how is this legal?

[TemporalBeing]

I think his point was that there are restraints, constraints and obligations that still apply after bankruptcy or other changes of ownership, so why can't data usage be the same?

The court might treat it the same, but the Bankruptcy court does not have to carry those restraints, constraints, or obligations forward aside from what is in the law to do so. That is, if the Privacy Policy goes above and beyond the law, then anything "above and beyond the law" does not need to be adhered to. Unfortunately we are in a era when most Privacy Policies are "above and beyond the law" as the law is so far behind in that area. (Again, IANAL.)

Re:how is this legal?

[AmiMoJo]

A 'privacy policy' is not a legally-binding agreement, and even if it was there's no guarantee that it would apply in bankruptcy.

It sounds like you need some better laws. In the UK the Data Protection Act would prevent this sort of thing.

Re:how is this legal?

[black+soap]

What about the VPPA? (video privacy protection act?)

Re:how is this legal?

Yes, actually, a privacy policy is legally binding, even in case of bankruptcy, at least in the European Union.

Re:how is this legal?

[Kashgarinn]

If the data actually gets sold, that means greed of the few has won over fairness to the many.

Everyone and his mother would judge that if a company ceases to exist, then any privacy data should be deleted. The decision to give your data to a company is tied to the reputation of that company.

"no guarantee in a bankruptcy" should not mean "let the wolves rip the thing to shreds without exemption" it should mean that the grey-area should be judged to the favor of the security of the majority. there's just too many ways this could be abused by selling it off.

No Borders Rewards Card

[Animats]

Now I'm glad I always turned down the Borders Rewards Card.

Re:No Borders Rewards Card

If you hadn't turned it down, they would have had enough money to stay in business and this wouldn't be happening! Thanks a lot.

Re:No Borders Rewards Card

[Skapare]

Borders went out of business because they were too pushy with the Rewards Card. I just wish now that I had not turned it down so I would have standing to file a petition to enter the bankruptcy proceeding as a defrauded creditor.

Re:No Borders Rewards Card

Now I'm glad I always turned down the Borders Rewards Card.

And paid cash.

Re:No Borders Rewards Card

[Existential+Wombat]

I have one, but since I always use mail redirection (my email address with them is borders@myowndomain.com for example), if I start getting spam it's a simple matter to delete that forward.

Times like this I am glad I do this!

Re:No Borders Rewards Card

[Desler]

You do realize that you'd be at the bottom of the list and never get any attention, right?

Re:No Borders Rewards Card

I suppose there's many reasons Borders went under . . . but I seriously doubt anybody believes Borders' cashiers offering their customers a FREE loyalty card was a factor at all. (I actually appeciated the fact it was free as opposed to the ones pushed by B&N or Books-A-Million)

Re:No Borders Rewards Card

[MimeticLie]

If that were true, Gamestop would have gone out of business years ago. As would a number of grocery chains.

The fact is, people don't care about giving away their personal information.

Re:No Borders Rewards Card

I never understood the Rewards program. Most customers pay with a credit card, so couldn't they use that as a tracking device instead (like other retailers do)? And those that pay cash probably aren't the biggest fish in the lake anyway.

Re:No Borders Rewards Card

[operagost]

Seriously. I cashed out my rewards as soon as I heard they were circling the drain.

The final clause in all privacy policies

[SirGarlon]

The final clause in all privacy policies are words to the effect, "this policy is subject to change at any time, with or without notice to you." Now we have an example of what that means.

I have always regarded that a license to defraud the consumer, as they can initially offer privacy terms that are acceptable, then collect your data, then revoke the privacy protections without giving you a chance to change or delete your data.

Re:The final clause in all privacy policies

[e9th]

this policy is subject to change at any time, with or without notice to you.

Borders' Privacy Policy is still available. It doesn't quite seem to say that.

Re:The final clause in all privacy policies

I always referred to that as the "Bend it and Spread em clause".

That is why I never read those things anyways and assume the worst. They are always written to the point of "this is our product and a team of highly paid lawyers made sure that we are never exposed for anything and that all the shit will fall on you, the fucking lowly consumer. You don't like it, don't buy our fucking product or shop somewhere else."

Re:The final clause in all privacy policies

[TemporalBeing]

The final clause in all privacy policies are words to the effect, "this policy is subject to change at any time, with or without notice to you." Now we have an example of what that means.

I have always regarded that a license to defraud the consumer, as they can initially offer privacy terms that are acceptable, then collect your data, then revoke the privacy protections without giving you a chance to change or delete your data.

IANAL, but that is only there so they can update it via the website without specifically telling you what the changes are or that changes occurred. One reason for that is because it can be hard to track someone down when the only information may have changed - e.g. they moved or they got a different phone number, or a different e-mail address and (for any or all) they forgot to tell you about any of the changes. How then would you go about notifying them?

The issue here is that Bankruptcy courts have pretty much a free hand in manipulating agreements, canceling contracts, etc. So as far as the Bankruptcy court is concerned, the Privacy Policy doesn't exist.

Re:The final clause in all privacy policies

Updates to this Policy

We reserve the right to update our Privacy Policy from time to time. When we do, we will post a notice on the Websites for a reasonable period of time after such changes are made that this Privacy Policy has been updated and we will revise the "Last Modified" date at the top of this Privacy Policy. We encourage you to check this page periodically for any updates. Your continued use of the Websites following the posting of updates to this Privacy Policy will mean you accept those updates.

[1]

Re:The final clause in all privacy policies

The final clause in all privacy policies are words to the effect, "this policy is subject to change at any time, with or without notice to you." Now we have an example of what that means.

And yet there are still people who give credence to Steam's verbal intent to unlock the games in the event of Valve's untimely demise.

Cases like this are proof that it's bullshit. If Valve ever goes down, the assets managed by Steam no longer belong to Valve, and the fate of your games is in the hands of whoever buys Steam in the resulting firesale. Somehow this is an acceptable compromise, even amongst people who proclaim not to believe in DRM.

Re:The final clause in all privacy policies

[SirGarlon]

IANAL, but that is only there so they can update it via the website without specifically telling you what the changes are or that changes occurred.

That's what they want you to think, and they may have even meant it at the time. IANAL either, but since the clause does not specify the nature or extent of changes they make, it seems to me they can change it completely, even reversing the entire spirit of the thing, and all they have to do is "post" (read, bury) a notice on their Web site somewhere.

Re:The final clause in all privacy policies

[Americano]

We reserve the right to update our Privacy Policy from time to time. When we do, we will post a notice on the Websites for a reasonable period of time after such changes are made that this Privacy Policy has been updated and we will revise the "Last Modified" date at the top of this Privacy Policy. We encourage you to check this page periodically for any updates. Your continued use of the Websites following the posting of updates to this Privacy Policy will mean you accept those updates.

Key terms:
"from time to time" == "whenever we feel it's necessary."
"post a notice [...] for a reasonable period of time after changes are made" == "for a day or two, unless we forget, in which case, well, you didn't check the modified date anyway, did you?"

In other words: "We will change this occasionally. Your notice that it's changed is that the Last Modified date has been updated, and we'll post a little blurb on the main site saying "We updated our privacty policy, check out the new version! Oh, and if you continue using the sites after the policy has been updated, you accept the terms of the update."

Net effect: "The policy is subject to change at any time, with a bare minimum of effort given to notifying you of the change."

And in plain terms: "This policy is subject to change whenever we want, we'll do whatever we feel we need to with your data with the wide latitude given to us by current legal standards, and you won't say a thing about it because you're too lazy to pay attention to these things."

Re:The final clause in all privacy policies

[icebike]

this policy is subject to change at any time, with or without notice to you.

Borders' Privacy Policy is still available. It doesn't quite seem to say that.

Exactly.

Further, Borders provided an opt-out link on their page.

And their policy statement EXPLICITLY states (since at least 2008) that if they are sold, your info is among the assets that would be transferred.
B&N is doing nothing wrong here.

Re:The final clause in all privacy policies

[e9th]

There are enough free CDN sites out there that no one should let TOS, AUP, PP, etc. changes take them by surprise anymore.

Re:The final clause in all privacy policies

[SirGarlon]

So if they change the policy to something I no longer find acceptable, I can demand they purge all my data, right? No? Then I fail to see how simply notifying me I've been screwed somehow makes it fair.

Re:The final clause in all privacy policies

I read that last part and cringe.

In effect it says, "We can change this at any time, and when we do the new version will be up on our website. By using our website, you agree to the new terms."

Weasle worded at best, as these things tend to be. If I dont agree to the changes, but cant verify changes without using the site, that use there of quantifies as acceptance of the terms...

Re:The final clause in all privacy policies

Buying new, full price games from Steam is silly. Buying games on sale at Steam is acceptable.

I paid more to rent NES games when I was a kid than I do to 'buy' (for varying definitions of buy) the daily deals on steam.

I'm a huge supporter of owning my games, but Steam provides an acceptable price point for me to risk a difference of opinion on exactly what I own.

Re:The final clause in all privacy policies

[e9th]

It seems pretty straightforward. "Your continued use of the Websites following the posting of updates to this Privacy Policy will mean you accept those updates." So stop using the site.

IANAL, but if the changes appear to be retroactive and are really objectionable to you, I guess the best thing to do would be to send them a certified letter telling them that your business relationship has ceased and that you expect any prior data they've collected to be handled according to the old policy.

Re:The final clause in all privacy policies

[TemporalBeing]

IANAL, but that is only there so they can update it via the website without specifically telling you what the changes are or that changes occurred.

That's what they want you to think, and they may have even meant it at the time. IANAL either, but since the clause does not specify the nature or extent of changes they make, it seems to me they can change it completely, even reversing the entire spirit of the thing, and all they have to do is "post" (read, bury) a notice on their Web site somewhere.

True. All they have to do is update the publicly posted agreement. However, that wouldn't protect them from a Class Action lawsuit - while Bankruptcy court would. (IANAL)

Re:The final clause in all privacy policies

[Joe+Snipe]

B&N is doing nothing wrong here.

They may not be doing something illegal, but make no bones about it; it IS wrong.

Re:The final clause in all privacy policies

[icebike]

That decision is above your pay grade.

Re:The final clause in all privacy policies

[scot4875]

Technically legal does not mean the same thing as "not wrong."

--Jeremy

Re:The final clause in all privacy policies

[icebike]

The difference is, that "technically legal" is defined.
"Not wrong" is simply a matter of opinion.

Everybody has an opinion, and I see no reason to adopt your opinion in place of my own.

bankruptcy creditors

[Skapare]

This kind of decision would turn every (former) Border's customer into a potential creditor in the bankruptcy proceeding, since it becomes a cost and damage to that customer if the privacy terms already agreed to are changed. Imagine if even 1 person of Border's (former) customer were to file a petition with the bankruptcy court to enter as a creditor.

Re:bankruptcy creditors

[Skapare]

Oops, that should be 1 PERCENT of ...

Re:bankruptcy creditors

This doesn't make sense at all. How does your personal information disseminated to a third party qualify you as a creditor?

But go ahead and file a petition if you want. The bankruptcy judge honors the actual debt/bond holders first, employees second, third party contracts next, and shareholders/owners last. I seriously doubt you could qualify as any type of creditor, bond holder, debt collector, employee, shareholder or owner, and your information doesn't enter you into any implied contracts.

Re:bankruptcy creditors

[Wrath0fb0b]

This kind of decision would turn every (former) Border's customer into a potential creditor in the bankruptcy proceeding, since it becomes a cost and damage to that customer if the privacy terms already agreed to are changed. Imagine if even 1 [percent] person of Border's (former) customer were to file a petition with the bankruptcy court to enter as a creditor.

Even if this, shall we say novel, concept of counting you as a creditor based on some implied contract in the privacy terms actually flew with the court (I doubt it, but I'm humoring you) the whole point of bankruptcy is that the debtor cannot honor all its creditors going forward. That's what it means to be asset-insolvent -- you owe creditors more than you are worth and so many of them, by necessity, don't get the obligations honored.

Since, even in your theory, you took an un-secured (no-collateral was offered to back up the implied privacy contract) credit interest in Border's, meaning that everyone with a secured (bonded) debt gets in line in front of you and you never get paid. That's how bankruptcy works, after all, the creditors line up in order and they take until there's nothing left.

IOW, not only do you have to convince a court of the unprecedented concept of a debt in the form of a privacy obligation, you have to convince the court that you should be paid in front of other, secured, creditors. The former is already far-fetched, the combination is patently absurd.

TLDR version: Even if B&N "owed" you something they are in no position to pay what they owe anyways so you are going to get the shaft will all the other unsecured creditors that lent them money and are not going to see any of it back.

Re:bankruptcy creditors

[dkleinsc]

Imagine if even 1 person of Border's (former) customer were to file a petition with the bankruptcy court to enter as a creditor.

The court would come back with "Go away - your information might be worth about $10 to you, while these other creditors are owed millions."

Re:bankruptcy creditors

That's how bankruptcy works, after all, the creditors line up in order and they take until there's nothing left.

Or, as in the case of the SCO bankruptcy, the creditors lined up and the lawyers mucked around and took until nothing was left...

AC

Re:bankruptcy creditors

[MarkvW]

This kind of decision would turn every (former) Border's customer into a potential creditor in the bankruptcy proceeding, since it becomes a cost and damage to that customer if the privacy terms already agreed to are changed. Imagine if even 1 person of Border's (former) customer were to file a petition with the bankruptcy court to enter as a creditor.

First, you would be an unsecured creditor. Second, you'd have to address the valuation of your claim. Third Litigation of that claim would be expensive. Fourth, You would get no money.

Re:bankruptcy creditors

[chrismcb]

Sure they can do that, in fact all 100% can do that. They'll get placed on the bottom of the creditors list, and get nothing.

Re:bankruptcy creditors

[sjames]

It doesn't have to actually fly. It sends the courts a message: "Protect privacy or be buried in a blizzard of paperwork, all perfectly legal".

Besides, clearly someone didn't bother to read the comments box where I clearly indicated that by retaining my data they agreed to my personal information license and that it would supersede any privacy policy they might publish.

They ARE in a position to delete the relevant data in order to fulfill the termination clause without incurring the ten million dollar penalty.

Re:bankruptcy creditors

[IIH]

OW, not only do you have to convince a court of the unprecedented concept of a debt in the form of a privacy obligation, you have to convince the court that you should be paid in front of other, secured, creditors. The former is already far-fetched, the combination is patently absurd.

From my understanding of the OP, you wouldn't have to expect to be paid at all for this work, just to reduce the "value" of the asset containing the personal information, and/or link the obligations of the usage of the date to the ownership thereof.
Currently the personal information is just seen as an asset worth X, with the liabilities of the same asset (the obligations of how it's used) seen as completely separate (and not taken over). If you could get them linked officially, then the people buying the personal information would be required to buy both the data and the obligations.
For a very rough comparison, if you bought a property lease from a company, I wouldn't expect to be to choose to just take over the "right to occupy for the next X years" and not accept the "obligation to pay rent for the next X years" as they are inextricably linked. If the same could be done with the personal information, then the privacy obligation would have to transfer across, as it woudl turn from selling just "a database with personal information" to "a database with personal information with the following liabilities/obligations"

Re:bankruptcy creditors

[david_thornley]

There's lots of people you might want to send a message about this. The court really isn't one of them.

Courts deal with the law as handed to them. This is almost certainly a matter of law, and the court can't do anything. Legally, the court is bound to get as much money as possible for the creditors, within legal limits. The judge very likely has absolutely no discretion here: if the data can be sold to somebody, the data gets sold. There is no legal possibility of deleting the relevant data, no matter what the judge thinks of the law.

There are people that you can send a message to who are actually in a position to do something: write your Congressional representatives and tell them you want to see some sort of data privacy act in place. That's the only thing that can stop such data from being sold in bankruptcy proceedings.

Re:bankruptcy creditors

[sjames]

The judge DOES have a bit of discretion here. If there was none, they'd just replace the judge with an expert system (or a flowchart) and whip those cases through at light speed. The judge is to weigh the interests of creditors, people's privacy, and what is permitted under law.

It makes perfect sense to let the judge know in no uncertain terms that the citizens he works for expect him to weight the privacy concerns as heavily as the law allows.

It also sends a message beyond the courts to the legislators that it's an issue that matters to people.

Re:bankruptcy creditors

[Wrath0fb0b]

They ARE in a position to delete the relevant data in order to fulfill the termination clause without incurring the ten million dollar penalty.

No, they aren't. Destroying assets claimed by a secured creditor is actually criminal. Once you know that you are going to declare bankruptcy, you have to do everything in your power to ensure that the creditors get as much back as possible.

That data has value to buyers and those creditors have claim on the proceeds of that sale.

Besides, clearly someone didn't bother to read the comments box where I clearly indicated that by retaining my data they agreed to my personal information license and that it would supersede any privacy policy they might publish.

And every such contract (forget that you don't even have one for a second) is null and void upon bankruptcy. That's the point of bankruptcy! You can't fulfill all your obligations so you are going to have to let some of them go. And since you are unsecured, you are last in line.

It doesn't have to actually fly. It sends the courts a message: "Protect privacy or be buried in a blizzard of paperwork, all perfectly legal".

No, filing frivolous claims is not legal and is actually punishable by sanctions under FRCP11. I know a number of judges that wouldn't even bother waiting for the other party to order you to show cause why you are filing numerous redundant and patently absurd claims with his court and should not penalized.

http://www.law.cornell.edu/rules/frcp/Rule11.htm

[ Also, seriously, stop trying to play lawyer. ]

Re:bankruptcy creditors

[sjames]

Bankruptcy doesn't free you of all obligations, just financial ones. For example, I have the valuable secrets of several companies. I also cannot disclose them due to NDAs. I can't declare bankruptcy and sell those secrets to the highest bidder! That information is NOT an asset because I am barred from selling it.

When a bank goes bankrupt, they don't break into individual's safe deposit boxes and sell off the contents, it's not their stuff! Likewise, the rented furniture goes back to the rental place, not up on the auction block.

There is nothing frivolous about asserting that information provided conditionally (complete with a non-disclosure clause) cannot be converted into an asset.

That's awesome!

[Ardeaem]

So, if I buy a harddrive from someone, and it has some software installed on it, that means that I can do whatever I want with it because I didn't agree to the ToS! Right...?

Re:That's awesome!

No, you can access the information, you can't do anything you want with it.

Re:That's awesome!

[DinDaddy]

Along the lines of corporations are people. If someone has private pictures of you on their computer, and has promised never to show them to anyone else, but they die and someone buys their computer at an estate sale, you're sort of SOL.

Re:That's awesome!

[Echoota]

you can't do anything you want with it.

I think B&N is asserting the opposite of that, which
is Ardeaem's point.

Re:That's awesome!

[0123456]

I think B&N is asserting the opposite of that, which
is Ardeaem's point.

Nope. If Borders bought a hard drive before they went bust, then that would be their property to be auctioned off. Similarly, the data Borders had about you is their property, which is to be auctioned off.

People are acting as though the data Borders collected belongs to them, rather than the company.

Hopefully this may help a few people realise the perils of letting random companies collect data about them.

Re:That's awesome!

[gstoddart]

So, if I buy a harddrive from someone, and it has some software installed on it, that means that I can do whatever I want with it because I didn't agree to the ToS! Right...?

Someone should distribute the information for the entire management-level people at B&N. Phone, address, list of children, VISA numbers ... And, then of course, anybody with that information would say that they couldn't possibly be bound by any terms of use because they never made any agreement.

That might demonstrate to these people why customers do not want their information to be bought and sold.

In Canada, I believe this would be illegal, because we actually have privacy legislation designed to limit what companies can do with your information.

Sadly, I just can't see the US passing a law which would actually restrict what a corporation can do -- the lawmakers are too beholden to corporate interests.

Re:That's awesome!

[black+soap]

If Borders had saved all customer's credit card numbers, the buyer of that hard drive isn't obligated by certain rules about what they can do with the information?

Re:That's awesome!

[rwv]

Phone, address, list of children, VISA numbers

Yes, yes, NO, Yes.

Paint of an example for these people. Leave them voicemails about how important privacy is. Send them mail about how important privacy is. Use their credit card to buy yourself books from Barnes and Nobles (or buy books about privacy and ship the books to their addresses). But for the love of all that is good, leave their kids and families out of it.

Re:That's awesome!

[gstoddart]

Actually, I definitely have to agree ... leave the kids out of it ... didn't think that through as I typed it.

R.I.P. Borders

[cyberchondriac]

I liked Borders so much better than BN. BN is fine if you want current Best Sellers on the cheap, but if interested in more of the off-the-wall stuff, the coupons the free Border's membership offered (BN offers no free membership) were a far better deal.
It's a troubling sign of the times, I don't like seeing brick 'n' mortar book stores going belly up, I loved to spend a few hours on Saturday afternoons looking around.

Re:R.I.P. Borders

[93+Escort+Wagon]

It's a troubling sign of the times, I don't like seeing brick 'n' mortar book stores going belly up, I loved to spend a few hours on Saturday afternoons looking around.

An easy problem to solve.
1) Download several of these
2) Set one of those photos as your computer's desktop image
3) Glance at your desktop background occasionally while you do your shopping at Amazon.com

Re:R.I.P. Borders

It's a troubling sign of the times, I don't like seeing brick 'n' mortar book stores going belly up, I loved to spend a few hours on Saturday afternoons looking around.

If people like you actually BOUGHT stuff instead of just looking around, they wouldn't go "belly up" would they?

Re:R.I.P. Borders

You should have spent those few hours making some purchases, too. Maybe then, Borders would still be in business and you'd have a place to sit around looking hip, frowning through your black-rimmed glasses at a book of obscure poetry whilst sipping your skinny half-caf mocha chai soy latte with artisanal fair trade sugar.

You want a place with books to hang out and browse, go to a fucking library. This trend of candy ass hipsters turning a bookstore into a goddamned youth hostel is obnoxious. Your patchouli and flannel stink up the place when people with real jobs are trying to find the book they want, make a purchase, and get on with their business.

And for fucks' sake, lose the dreadlocks - you're a white middle class suburban kid, not Bob Marley. You look ridiculous.

I mean - Yeah, you're right, I'm totally gonna miss brick 'n mortar bookstores, too.

Re:R.I.P. Borders

Yeah, right. B&N bent over backwards to get me an out-of-print book. I never have a problem finding what I want online, and usually those online books are in the store too - and if they're not, they'll get them for you or tell you a store where you can get them

Their membership is $25 and you get 10% off (plus more on some items) and I am constantly getting 10-30% off coupons in email, most of which can be used *twice* once online and once in store. I have the B&N mastercard which gets me 5% back on purchases at B&N in addition to also including the membership. Oh, and when I use it elsewhere I get 1% back in the form of B&N giftcards. Borders offered *nothing* like that for people who actually purchase books.

Re:R.I.P. Borders

[dyingtolive]

Damn, wish I had mod points. This made me chuckle.

Re:R.I.P. Borders

[Lehk228]

You must have been going to a different borders than I did, around here there was one big one and the layout was confusing and disorganized and the selection was worse than the BN of about the same size. They also had several horribly overpriced mall stores with big displays of guiness book of records and ripley's believe it or not

my thought when they announced borders was closing was more bewilderment how they lasted this long than anything else

Re:R.I.P. Borders

[GiMP]

I always make purchases when I visit B&N... I browse the selection, scan the ISBN with my phone, and have the book shipped free via Amazon Prime!

This isn't strictly true anymore, but it used to be. Today, most of my book purchases are directly with the publishers that will sell me DRM-free digital copies or from used bookstores. B&N has done very badly with their online store in identifying the format of books and if they contain DRM or not. (They're not all epub)

Furthermore, as much as I really wanted to like the original Nook - I tried, really - it was a failure, especially for working with DRM-free content. This drove me to the Kindle and now I'm unfortunately stuck in that ecosystem.

Re:R.I.P. Borders

[cyberchondriac]

Nonsense. Every week, I got a coupon for anywhere from 25% to 40% and sometimes even 50% off 1 book. And that'd good for ANY book, not just best sellers. In addition, after so many purchases (and not that many) you got "Borders Bucks", usually $5 off. They also had a premium membership, where additionally you got an add'l 10% off every purchase; they gave you $10 back in coupons right off the cuff. How is that "nothing" for people who actually purchase books? And I did purchase the books, at least one a week.

Re:R.I.P. Borders

[cyberchondriac]

It's a troubling sign of the times, I don't like seeing brick 'n' mortar book stores going belly up, I loved to spend a few hours on Saturday afternoons looking around.

If people like you actually BOUGHT stuff instead of just looking around, they wouldn't go "belly up" would they?

Where did I say I didn't buy, AC? I stated I enjoyed looking around all afternoon. After that, I bought at least one book, if not more, every single Saturday. I had to devise new bookcases out of milk cartons when my bookcase got full just to accommodate all the books I bought from there.


PS to the modtard with the itchy trigger finger; how is this off-topic, exactly? Or is it some childish BN fanboism on your part?

Re:R.I.P. Borders

[cyberchondriac]

You should have spent those few hours making some purchases, too. Maybe then, Borders would still be in business and you'd have a place to sit around looking hip, frowning through your black-rimmed glasses at a book of obscure poetry whilst sipping your skinny half-caf mocha chai soy latte with artisanal fair trade sugar.

Wow, this thread is full of /.'ers who jump to conclusions based on logical fallacies. I *did* buy books, lots of them; I said I liked to spend time there on Saturday Afternoons- that doesn't automatically mean I didn't buy anything too. Too much is being read into that. I only meant to illustrate that I didn't just walk in, snatch a book and leave, I liked to look around and see what they had first.

NO I did not sit down and leisurely read their books (I'll never get why bookstores allow that, it seems a bad business model to give too much away); I did not go to the chick little built-in cafes either, I couldn't care less about them; I just walked around from section to section gathering things to buy or consider.

Re:R.I.P. Borders

And that'd good for ANY book, not just best sellers.

Just like the B&N coupons. Oh, sure, they ALSO have coupons for best sellers. But your implication that B&N is just a store for best sellers is absurd. Have you ever even been inside one?

How is that "nothing" for people who actually purchase books?

I didn't say it was nothing. I said it was nothing like the B&N deals you can get. It's not even close. It might surprise you to know that I had a membership at BOTH places so I know what the fuck I'm talking about.

Yes, rah rah Borders. They had such great deals and carried such great titles that no one was buying and they went out of business.

And I did purchase the books, at least one a week.

Yeah, wow. Way to conflate the point I was making with what other people were saying. We're all really just the same person, you know. Twit.

Re:R.I.P. Borders

[cyberchondriac]

And that'd good for ANY book, not just best sellers.
Just like the B&N coupons. Oh, sure, they ALSO have coupons for best sellers. But your implication that B&N is just a store for best sellers is absurd. Have you ever even been inside one?

Firstly, what does having been inside one have to do with membership perks when one could have a solely online experience, and still have access to the same offers?
By the same token one can go to the store all the time and not have a membership. One has little to do with the other.
But secondly, I've been in my local BN a hundred times -at least. AND I had a membership there.. for one year. Otherwise how could I possibly know about their offers and coupons?

How is that "nothing" for people who actually purchase books?I didn't say it was nothing. I said it was nothing like the B&N deals you can get. It's not even close. It might surprise you to know that I had a membership at BOTH places so I know what the fuck I'm talking about.

No, quite obviously you don't know what the fuck you're talking about. I had membership to both Borders and BN myself, , and you never saw a coupon for *any* book you wanted for 40% at BN. Never. Don't try to tell me you did because you didn't, I know what the offers were. I let the BN membership go after that one year.
Now, if you are the kind of person who buys several books, say once a month, and you like the current ones, then BN is a good deal insofar as discounts are concerned; if like me, you buy one a week that is older, Borders was a better deal. This was never about total inventory though.

Yes, rah rah Borders. They had such great deals and carried such great titles that no one was buying and they went out of business.

And I did purchase the books, at least one a week.

Yeah, wow. Way to conflate the point I was making with what other people were saying. We're all really just the same person, you know. Twit.

Nice try. You said, "for people who actually buy the books", so you damn well know you insinuated I didn't buy them, like the 2 or 3 other posters who thought that as well.
BN won out because they were bigger, simple as that. I don't hate BN by any stretch, but their deals didn't benefit me. That's all I was trying to say. It was nice to have a choice though.
Name calling .. there ya go. What a great debater.

Not have to comply?

[C_Kode]

Not have to comply? They should be legally bind to it.

Re:Not have to comply?

[silas_moeckel]

It's bankruptcy, judges can get rid of contract classes as they see fit. Want it fixed you need a federal law (or patchwork of state laws) precluding the sale, lease or otherwise transfer of all personally identifying information without the consent of that person at the time of transfer (aka no fine print you allow this forever BS). Might want to tack on a company must expunge that same info opon request, or after n years of inactivity.

Sue Them Anyway

Class action suit, with some shitty no-name firm representing.

Damn the legalities. Fuck it. I'll chip in a small amount for that. Waste their time and money too. Civil lawsuits are essentially silly and frivolous but definition. Why not?

So you get laughed out of court, anything to inflict misery of even one court date on those who would make us miserable.

This is why I don't sign up for things

I am a human being, not a monetized datapoint.

I wouldn't mind it for me, but I object anyway

[sandytaru]

If B&N made this an optional thing for consumers, I'd be okay with it. "Were you a Borders Rewards user? Like to have your personal preferences and history transferred over to our B&N card? Just let us know, and as a transferring bonus, we'll give you an extra 10% off any one item." Yeah, I might sign up if it was presented to me as a choice.

Re:I wouldn't mind it for me, but I object anyway

[idontgno]

But that's bad business. Giving away a 10% discount when you can just take with no further consideration than the actual bankruptcy purchase price of the IP and the small cost of lawyers to persuasively make your case to the bankruptcy court? Completely unnecessary.

You're paying the lawyers anyway, and you'd have to buy the IP to even have the chance to ask every Joe Bagodonuts "Mother may I", so you might as well just do it and save yourself some money. Even if you have to retain a few lawyers to fend off the trivial number of lawsuits from butt-hurt former Borders customers who think they have some say in the matter, it's a lot cheaper than playing nice.

Lets face it, nice guys finish last. Bad guys who get caught and punished still usually come out ahead of the nice guys.

Oh, right, "ethics." They've heard of them.

Bu...bu...bu...whaddabout da books?

[supaneko]

Believe it or not, some of us actually prefer the feel, texture, and overall appearance of a BOOK. eBooks are nice and all but even when they're printed, they're no where near the same.

I will admit: seeing all these Bargain Book stores around Ann Arbor and Lansing, MI selling Borders property for $.25 a piece really has quadrupled my book collection. I may die before I ever get a chance to read all of them. :)

Re:Bu...bu...bu...whaddabout da books?

[VGPowerlord]

er... so, what are some good bargain book stores in the Lansing area? It seems like most of the ones I knew about are gone now.

(Oh, and it's interesting to see someone else on Slashdot from the Lansing area.)

Re:Bu...bu...bu...whaddabout da books?

So you admit to helping kill the print industry by holding out until you get to eat off the corpse of the dead stores?

Re:Bu...bu...bu...whaddabout da books?

[rabidmuskrat]

Believe it or not, some of us actually prefer the feel, texture, and overall appearance of a BOOK. eBooks are nice and all but even when they're printed, they're no where near the same. I will admit: seeing all these Bargain Book stores around Ann Arbor and Lansing, MI selling Borders property for $.25 a piece really has quadrupled my book collection. I may die before I ever get a chance to read all of them. :)

It's a shame Amazon doesn't sell physical books then. Oh wait... http://www.amazon.com/gp/bestsellers/books

Re:Bu...bu...bu...whaddabout da books?

Awesome. Let's go hang out in their warehouse. The ambiance of that "cardboard box" smell has a certain ...je ne c'est quoi, that the stock room in the back of a Border's could never quite satisfy.

inb4: Starbucks (too snooty)

Re:Bu...bu...bu...whaddabout da books?

[ChinggisK]

Amazon sells both books and eBooks.

Re:Bu...bu...bu...whaddabout da books?

You know, the more I see this "but it can't compare to the actual physical item," the more I'm convinced it's perpetuated by self-impressed, socially-retarded hipsters who feel the need to show everybody around them that they're reading Infinite Jest, "and really find it to be just... mind-expanding, man."

It's the literary equivalent of buying a high-end MacBook Pro, and then sitting around in coffee shops with it on display, doing nothing but refreshing your Facebook profile on it, in the vain hopes that somebody will notice your exquisite taste, and offer you a "wow your cool consumer good totally makes up for your glaring lack of personality, wit, charm or social grace" lay.

It's the same mentality that suggests that the hissing and popping of vinyl makes for a "better" audio experience than a clean lossless digital reproduction, and it's the same mentality that suggests that Monster Cables offer "better audio" than the $5 alternative. It's conspicuous "contrary" consumption, which allows you to show off to the world, and all that really says to the world is that you use your purchases as a substitute for having any ability to interact on a social level.

99.99999% of the rest of the population doesn't give a shit if you're reading Infinite Jest. Nobody cares if you're reading David Sedaris' delightful new romp. If they care, and they're interested in talking to you, they'll come over and ask what you're reading on your iPad, or your Kindle, or your Galaxy Tab, or whatever other thing you're reading. If the only reason they'd talk to you is to say, "Hey, I read that book, pretty cool man," then you weren't gonna make a friend anyway, because if the only interesting thing about you is that you're reading a book that I read once... you're just not that interesting.

Re:Bu...bu...bu...whaddabout da books?

[ZombieBraintrust]

Amazon should come out with a Hipster tablet that has a screen on the back that shows the cover of the book your reading. When not reading it should show hipster tea shirt slogans.

Re:Bu...bu...bu...whaddabout da books?

You, sir, have just officially BLOWN MY FUCKING MIND. I think I love you, and want to have science fiction 2-father babies with you.

You know that this product would sell, because it's the only reason the neo-luddites are afraid of an eBook reader. "But how will anybody know how terribly clever I am by the title of the book I'm staring at and pretending to read?"

Re:Bu...bu...bu...whaddabout da books?

[Rogue+Haggis+Landing]

You know that this product would sell, because it's the only reason the neo-luddites are afraid of an eBook reader. "But how will anybody know how terribly clever I am by the title of the book I'm staring at and pretending to read?"

It might surprise you, but some of us even read physical books in our homes, without any witnesses.

Physical books don't break as easily as my Sony Reader did. You can flip through a physical book very easily, which you can't do with an ebook (which tend to work better for a straight-ahead, plowing-through reading style). You can annotate a physical book far more fluidly than you can annotate an ebook. I don't have to worry about my physical books becoming unreadable because some device no longer supports whatever format they came in. I can purchase physical books second-hand, and sell them, and loan them to people. I don't have to think about DRM when I buy a physical book. E-Ink is very good, but its contrast and sunlight readability still aren't equal to those of halfway decent paper. The formatting of poetry and plays is usually far better on paper than it is on a 7" e-reader. Then there's the fact that there are vastly more physical books available than there are ebooks. The last time I checked, Amazon had something like 800,000 titles in its Kindle store; the three physical libraries I have cards for (the Chicago Public Library, a large academic library, and an independent archive) have a total of 17.5 million volumes on their shelves. That's not 17.5 million separate titles, but whatever the number of titles is, it's a hell of a lot more than 800,000. (We'll ignore the redundancy in Amazon's store while we're doing this comparison.)

Of course, ebooks and e-readers have their advantages, and will become the dominant form of reading in the near future. But the codex is an awesome technology. Tech doesn't last for 2000 years if it's not really, really good at what it's supposed to do. It will be around for quite a while, maybe not as the go-to format for reading, but as a real alternative. To imagine that ebooks have entirely supplanted physical books and that people only read physical books because they're "hipsters" is at best willful ignorance and at worst a projection of your own insecurities.

Re:Bu...bu...bu...whaddabout da books?

It might surprise you, but some of us even read physical books in our homes, without any witnesses.

And I note that you're not one of the twats rushing in here to gush about the "SENSUAL DELIGHT" - the feel and "texture" and "overall look" of the book.

About the only *functionality* you mentioned that the "form factor" plays into is the ease of annotation. Your "flipping through a book fast" is easily countered by the "find any passage in the book easily with full text search capabilities." Note taking is admittedly harder to do in the e-book, but that's a fairly specialized use case, also, and I think in the next couple years you're going to see a lot better software taking shape in that space.

It's no surprise that there wouldn't be millions and millions of electronic books available at this point, since ebook readers have only really caught on with the Kindle in the past couple years. But there's going to be a point, and I think that point will be soon - if it hasn't already happened - where nearly any new publication of new material will be available in an electronic format. Give it a few years of services like Gutenberg & Google continuing to digitize old texts, and publishing houses discovering that if they reissue old books in a new format, they'll be able to make some coin, and new authors self-publishing, and I bet you'll be able to walk around with a few thousand individual titles in your pocket, and access to millions of books online through Amazon, the library, and other services.

From the privacy policy

You have to scroll way down to find this, but this is part of the Borders privacy policy:

Disclosures in connection with acquisitions or divestitures.
Circumstances may arise where for strategic or other business reasons Borders decides to sell, buy, merge or otherwise reorganize its own or other businesses. Such a transaction may involve the disclosure of personal and other information to prospective or actual purchasers, or receiving it from sellers. It is Borders' practice to seek appropriate protection for information in these types of transactions. In the event that Borders or all of its assets are acquired in such a transaction, customer information would be one of the transferred assets.

what this really could mean.

[Nadaka]

If the company buying the data at auction is not held to the same privacy standards as the original, this means that shell companies can be formed to gather information under strict nondisclosure, then intentionally fold and provide the information without restriction and in violation of the original disclosure agreement.

Re:what this really could mean.

[0123456]

If the company buying the data at auction is not held to the same privacy standards as the original, this means that shell companies can be formed to gather information under strict nondisclosure, then intentionally fold and provide the information without restriction and in violation of the original disclosure agreement.

And, uh, why were you handing personal information to fly-by-night shell companies?

Re:what this really could mean.

[Esgaroth]

Facebook? When it first started, by many accounts sounded a lot like a fly by night company and people were giving them all kinds of personal information.

Re:what this really could mean.

[0123456]

Facebook? When it first started, by many accounts sounded a lot like a fly by night company and people were giving them all kinds of personal information.

Yeah, and? A lot of them probably regret it t.

Even today I don't give them any information that I wouldn't want to see plastered all over the Internet.

Re:what this really could mean.

[black+soap]

And when big-box retailers form subsidiaries to manage all that precious data, and those subsidiaries mysteriously get mismanaged to the point they get reorganized regularly, voiding all privacy promises each time, where will you shop? If B&N gets away with it, I expect Wal-Mart and Best Buy to quickly farm out all customer data collection to a "separate" company, i.e. "Wal-Mart Consumer Interaction Contractor" and "Best Buy Communications, Inc."

Re:what this really could mean.

[Sentrion]

IANAL, but that depends on "how" the company folds and to whom the information is disclosed to. If the board of directors of Company A want to dissolve the corporation, they cannot sell or give away the information without violating the agreement. They can choose to sell the corporation to Company B, but as the new owner, Company B now has ownership not only of Company A's assets, but also their liabilities (in this case, the non-disclosure agreement). So if Company B sells or gives away the information then they will be violating the agreement.

Bankruptcy changes up the game, and probably why B&N decided to wait for Borders to go into bankruptcy rather than buy them out. Bankruptcy wipes out many liabilities, including debts, contracts, even prepaid orders and gift certificates. So if Company A is driven into insolvency by poor management or bad luck, all of the agreements and contracts can simply disappear. The assets that remain are typically sold at auction by the bankruptcy trustee who's job it is to collect and preserve any remaining assets and distribute the proceeds of the auction to the creditors. The information gathered from customers is an asset of Company A that can be auctioned off.

So, if I really wanted to protect the information I shared with another entity (human or corporation), then I would make sure that the NDA included a bankruptcy clause, such as
    "...Further, the obligation not to disclose shall not be affected by bankruptcy, receivership, assignment, attachment or seizure procedures, whether initiated by or against Recipient, nor by the rejection of any agreement between Owner and Recipient, by a trustee of Recipient in bankruptcy, or by the Recipient as a debtor-in-possession or the equivalent of any of the foregoing under local law..."

Even better would be an agreement to destroy records after a certain period of time, unless the records had to be retained to comply with specific government regulations. If I really cared about keeping the information private then I would consult a competent attorney to draft the NDA.

Re:what this really could mean.

By the time Borders finally kicked the bucket, they owed hundreds of millions of dollars to dozens of companies. ALL Borders assets should be sold to pay off as many debts as possible. Imagine if you owned a small publishing company that sold 10,000 paperbacks at Borders over the past two years and haven't been paid a dime of the $150,000 you are owed ... would you be in favor of selling Borders customer purchase histories to get your money? If you say no, you are lying.

Re:what this really could mean.

I think you miss the point. If it were legal, all companies that collect information will be such "fly by night" companies.

Sure, there will be a lot of marketing jazz to make it sound snappy "Moonbucks has partnered with TotallySecureNeverGonnaShareIt Inc to ensure the best customer experience!"

So, now the price of capitalism rears its ugly head: You can be a part of this shiny world of goods and services, all you have to do is sell us your soul.

Doesn't bother me

[danbuter]

Honestly, I don't care if Borders gives my purchase history to B&N. That should be the only thing they get, though. I shopped at both stores. It would be great if B&N would use this data to send me coupons for science fiction books!

"This feature is temporarily unavailable."

[whovian]

Just tried to poison my account info. The response was "We're sorry. This feature is temporarily unavailable. Please try again later." It may be too late :/

flooz again

[jank1887]

anyone remember Flooz? they did the same thing. and since people used it as a purchase buffer, i imagine t had juicier purchase history info.

Prepare for spam.

Happened before, will happen again, as long as _your_ information is a saleable asset.

I bought some VERY well-priced items on a website going out of business sale. Got great deals on them. They got my e-mail address. At least, they think they did -- they got store.10.username@spamgourmet.com. A couple weeks later, that address started receiving spam, and it does until this day.

Small stores, large stores, data breaches, in _every_ case, you're going to get spam in the end. The only viable solution that I can see is using a _unique_ disposable address for every single contact.

My work e-mail never received spam... until _one_ person added me on Linked In. Now I get viagra spam, penile enlargement spam, ...

Yawn - read the actual article, folks

As usual, /. makes the situation sound far more heinous and inflammatory than the actual article suggests. B&N just wants to handle the Borders data under the same privacy policies it uses for the similar information it keeps on its own customers, rather than maintain a separate set of rules for "Borders" data. I'd be surprised if the two companies had policies that were markedly different. (For that matter, I bet the data itself overlaps to a great extent - many of the Borders customers are also Barnes and Noble customers).

Jesus, how many times

... do I have to hear Stallman Was Right before I should just a tattoo on my forehead?

Unfortunately, ample precedent...

[sirwired]

This became a well-settled area of law when lawsuits by Scientology drove the Cult Awareness Network into bankruptcy. The Scientologists were able to get a hold of CAN's confidential files in the BK, despite strenuous objections by many parties.

If those files can't be protected, I don't see your book purchasing habits at Borders being particularly sarconsact.

Re:Unfortunately, ample precedent...

Storing confidential files in the Burger King is no way to go through life, son.

Even the chocolate balls...

[PinchDuck]

sold at the counter? They know how much I love them now?
I promised I'd never let Barnes and Noble know how much I love those chocolate balls. That was between me and Borders!

  I feel so violated.

Yes the book you bought is the valueable info

[TiggertheMad]

Just the list of valid e-mail addresses and credit card info is next to priceless in the wrong hands...

Re:Yes the book you bought is the valueable info

[Nom+du+Keyboard]

Just the list of valid e-mail addresses and credit card info is next to priceless in the wrong hands...

One is left to wonder how long until some large enough criminal organization buys up this information at the bankruptcy auction.

stay off the grid with cash

glad i always paid cash when I was buying issues of 2600 magazine.

Re:stay off the grid with cash

[danbuter]

And then you post about it here? I hope you are at a restaurant wifi. :)

Aren't there laws

[black+soap]

Aren't there laws or court rulings in the USA regarding people's library and video rental history privacy? Hopefully those extend to book and magazine-buying as well...

Re:Aren't there laws

[CCarrot]

Aren't there laws or court rulings in the USA regarding people's library and video rental history privacy? Hopefully those extend to book and magazine-buying as well...

What videos and magazines are you buying/renting? :)

Oh I See...

[Zamphatta]

if a company goes bankrupt, then a contract with its customers is no longer valid.

Delete

They could have simply deleted the data- but since they were already out of business, they probably didn't care too much about hacking off their clients anymore.

Eye-tracking Retailer???

Did Borders ever do eye-tracking and/or facial recognition? I swear I would always get spam from staffing firms after I browsed the technology section at Borders. They know my e-mail address, they know every book I looked at. So if I browsed an AJAX book, maybe I'd like a spam that says URGENT URGENT AJAX JOB IN PADOOKA IOWA!!!!!!

Every action has an equal and opposite reaction

[Troy+Baer]

Barnes & Noble, which paid almost $14 million for Borders' intellectual assets (including customer information) at auction last week, said it should not have to comply with certain customer-privacy standards recommended by a third-party ombudsman.

In unrelated news, I say customers should not buy anything from Barnes and Noble ever again.

Re:Every action has an equal and opposite reaction

[Anrego]

Boycotting every company that does something immoral or unethical doesn't leave you with much.

Unless one chooses to live as a hermit off the land out in the woods somewhere. For the rest of us, we just have to bend over and take it.

Re:Every action has an equal and opposite reaction

[ZombieBraintrust]

Meh B&N did you a favor by buying it. The other bidders was probably Zynga, eHarmony, Facebook, and Rupert Murdoch. Lessers of two evils and all that.

Sellective buying

[mwvdlee]

B&N: Hi, we'd like to buy some parts of Borders.
Executor: Sure, which parts would you like?
B&N: Everything except the legal obligations, please.

Specious Argument

[kidcharles]

Barnes and Noble's argument that the Borders customers whose data they bought will be protected by their own policy is specious. The very act of B&N purchasing the information is in and of itself a violation of the previous privacy agreement. That's like a bank robber saying, "Sure, I took the money, but don't worry, I won't share it with any other criminals."

I shopped at Border's frequently.

Always paid cash, never had their shopping card, never revealed any personal info.

The Elephant In The Room

[martin-boundary]

A 'privacy policy' is not a legally-binding agreement, and even if it was there's no guarantee that it would apply in bankruptcy.

If so, then let me point out the elephant in the room:

When are Google and Facebook going into bankruptcy and who's going to buy them?

Re:The Elephant In The Room

De guberment...they already did it with car manufacturers and banks. /satire off

A cautionary tale

[drinkypoo]

Remember this the next time you buy a game on Steam... or next time you think that when they finally go under someday, they're really going to release no-CD patches... sabotaging the value of the company and effectively stealing from the state, risking jail time? haha

No surprise.

This is why I pay in cash.

Buying a Parking Lot

[Muggins+the+Mad]

The fine print in Borders' privacy policy does seem to allow this.

But if it hadn't, I don't see how this'd be different from buying a bankrupt
parking lot and claiming ownership of all the cars still parked in it.

- MugginsM

I did, but...

[Paul1969]

I believe it was in the early 1990's. I bought a copy of Madonna's "Sex" (remember that?) from Borders, because B & N was all sold out. I sold it a year or two later, for more than I originally paid.
There. Now my deep, dark secret Borders buying history is public knowledge.

Just Desserts for Laissez-Faire

This is what you get with "voluntary" agreements.

Is this just an American Thing?

Where I live, I'm pretty certain this is not legal. Recently I heard a story about a company that went broke, and just put all employee records into the dumpster along with everything else when the company folded. The new tenants found the records in the dumpster and called a government agency who promptly sent someone out (on site in less than 1/2 hour), who then called police who sealed the area (the dumpster), and also called in a mobile shredding truck. Everyone stayed put while documents were shredded. Even bankrupt companies have to protect information. Agents for the bankrupt company are still legally on the hook. Where I live, information must either be protected from 3rd parties or destroyed. Its easy to start a bonfire or run a shredder (or hard disk wiper). Bankruptcy is no excuse. You might be broke, but its better than both broke and in jail. How is it that in the US, information collected in confidence can be sold? Why are privacy contracts so easily broken in the US? If a US state were to default on loans and have assets liquidated by (example:) China, would China get access to social security and military records of everyone within that state? I ask because the following US States and territories are officially bankrupt (in order of indebtedness): California, Michigan, New York, Pennsylvania, Ohio, Illinois, North Carolina, Indiana, New Jersey, Florida, Wisconsin, Texas, South Carolina, Kentucky, Missouri, Connecticut, Minnesota, Georgia, Nevada, Massachusetts, Virginia, Arkansas, Alabama, Colorado, Rhode Island, Idaho, Maryland, Kansas, Vermont, South Dakota, Tennessee, Virgin Islands, Delaware. If Barnes and Noble can do it, why not China?

Suhweet! After the class-action lawsuit...

[Mnemennth]

... I might get a buy one get one free coupon from B&N in the settlement. I wonder if it'll apply to Blu-Ray purchases as well?

mnem
A cynic? Isn't that where you wash the dishes?

One of many reasons

[Geminii]

This is just one of many reasons not to give personal information to business entities. It doesn't matter how many promises are made, or how good a relationship you have with them, or what contracts or legal cleverness you have going on, the fact remains that they have your information and they can be compromised even if they themselves take every possible action to prevent this.

The only way to not have this happen is to not supply the information in the first place.