Slashdot Mirror

← Back to Stories (view on slashdot.org)

Borders Bust Means B&N May Get Your Shopping History

Posted by timothy on from the you-probably-should-have-anticipated-this dept.

coondoggie writes "To perhaps no one's surprise, Borders bookstore collected a ton of consumer information — such as personal data, including records of particular book and video sales — during its normal course of business. Such personal information Borders promised never to share without consumer consent. But now that the company is being sold off as part of its bankruptcy filing, all privacy promises are off. Reuters wrote this week that Barnes & Noble, which paid almost $14 million for Borders' intellectual assets (including customer information) at auction last week, said it should not have to comply with certain customer-privacy standards recommended by a third-party ombudsman."

8 of 230 comments (clear)

  1. bankruptcy creditors by Skapare · · Score: 4, Interesting

    This kind of decision would turn every (former) Border's customer into a potential creditor in the bankruptcy proceeding, since it becomes a cost and damage to that customer if the privacy terms already agreed to are changed. Imagine if even 1 person of Border's (former) customer were to file a petition with the bankruptcy court to enter as a creditor.

    --
    now we need to go OSS in diesel cars
  2. That's awesome! by Ardeaem · · Score: 4, Informative

    So, if I buy a harddrive from someone, and it has some software installed on it, that means that I can do whatever I want with it because I didn't agree to the ToS! Right...?

  3. Re:how is this legal? by 0123456 · · Score: 5, Insightful

    If the privacy policy said only Borders would access the data then when Borders ceases to exist than so should the data.

    Data doesn't disappear just because the company does. This is why anyone who's interested in privacy should be ensuring that no-one else has their data in the first place.

    A 'privacy policy' is not a legally-binding agreement, and even if it was there's no guarantee that it would apply in bankruptcy.

  4. Re:how is this legal? by TemporalBeing · · Score: 4, Insightful

    I think part of this is legal - B&N doesn't want to find itself ensnared by legal complications resulting from deficiencies in Borders' data collection or handling practices.

    While IANAL, From my limited understanding of Bankruptcy law, the courts can basically dissolve nearly any contract in place. So as far as the Bankruptcy court is concerned the Private Policy doesn't exist, and they can sell the information off regardless of what the Private Policy said. The Privacy Policy only protects against what Borders itself can do with the data in the course of their own business, but once you get to Bankruptcy court then all bets are off. That is the problem with Privacy Policies.

    Now, if another company simply bought Borders then the Privacy Policy would still be in effect. The issue only comes into play when a company goes through Bankruptcy. Privacy Policies might even survive restructuring under Chapter 11 Bankruptcy; but it won't likely survive Chapter 7 Bankruptcy.

    That said, I think this is one area that Congress should address and fix - so the Bankruptcy courts are not so free to break the Privacy Policies, however restrictive the company may have made them.

    --
    Truth is like the sun. You can shut it out for a time, but it ain't goin' away. - Elvis Presley (source: imdb.com)
  5. From the privacy policy by Anonymous Coward · · Score: 5, Informative

    You have to scroll way down to find this, but this is part of the Borders privacy policy:

    Disclosures in connection with acquisitions or divestitures.
    Circumstances may arise where for strategic or other business reasons Borders decides to sell, buy, merge or otherwise reorganize its own or other businesses. Such a transaction may involve the disclosure of personal and other information to prospective or actual purchasers, or receiving it from sellers. It is Borders' practice to seek appropriate protection for information in these types of transactions. In the event that Borders or all of its assets are acquired in such a transaction, customer information would be one of the transferred assets.

  6. what this really could mean. by Nadaka · · Score: 4, Interesting

    If the company buying the data at auction is not held to the same privacy standards as the original, this means that shell companies can be formed to gather information under strict nondisclosure, then intentionally fold and provide the information without restriction and in violation of the original disclosure agreement.

  7. Re:how is this legal? by sabt-pestnu · · Score: 5, Interesting

    I wonder if you could use the theory that the information isn't Borders', it's yours - and by breaking the contract under which it was provided, Borders no longer has a right to it.

  8. Re:how is this legal? by icebike · · Score: 4, Informative

    While IANAL, From my limited understanding of Bankruptcy law, the courts can basically dissolve nearly any contract in place.

    I don' think bankruptcy can dissolve anything other than money contracts. (IANAL either).

    Physical property, like land and houses are often accompanied with "contracts" such as covenants, easements, etc.
    Yet even when these assets get sold thru bankruptcy you can't then claim that the easement or covenant is no longer in force.
    These are public contracts that bind all future owners.

    Similarly a publicly stated privacy policy, and explicitly restrictions on revealing consumer's credit card information, are public contracts.
    The policy was in place at the time B&N bid on the Borders asset.

    Borders explicitly stated (since 2008) in their Privacy Policy:

    Disclosures in connection with acquisitions or divestitures. Circumstances may arise where for strategic or other business reasons Borders decides to sell, buy, merge or otherwise reorganize its own or other businesses. Such a transaction may involve the disclosure of personal and other information to prospective or actual purchasers, or receiving it from sellers. It is Borders' practice to seek appropriate protection for information in these types of transactions. In the event that Borders or all of its assets are acquired in such a transaction, customer information would be one of the transferred assets.

    Similarly, B&N explicitly states (at least since April) in its privacy policy:

    Sales, mergers, and acquisitions. If Barnes & Noble becomes involved in a merger, acquisition, or any form of sale of some or all of its assets, personal information may be provided to the entities and advisors involved subject to a confidentiality agreement, and we will provide notice before any personal information is finally transferred and becomes subject to a different privacy policy.

    So this seems to me to have been in the policy statements of Borders for a long time, most customers knew or should have known about this provision, and Borders provided an opt out link in the page referenced above. Therefore think B&N is well within their rights to use this information.

    --
    Sig Battery depleted. Reverting to safe mode.