When a Company Gets Sold, Your Data May Be Sold, Too

← Back to Stories (view on slashdot.org)

When a Company Gets Sold, Your Data May Be Sold, Too

Posted by Soulskill on Monday June 29, 2015 @05:11AM from the what's-yours-is-ours-and-what's-ours-is-somebody-else's dept.

An anonymous reader writes: A new report points out that many of the top internet sites have language in their privacy policies saying that your private data might be transferred in the event of an acquisition, bankruptcy sale, or other transaction. They effectively say, "We won't ever sell your information, unless things go bad for us." 85 of the top 100 websites in the U.S. (ranked by Alexa), had this sort of language, including Amazon, Apple, Facebook, Google, Hulu, and LinkedIn. (RadioShack did this recently.) "The potential ramifications of the fire sale provisions became clear two years ago when True.com, a dating site based in Plano, Tex., that was going through a bankruptcy proceeding, tried to sell its customer database on 43 million members to a dating site based in Canada. The profiles included consumers' names, birth dates, sexual orientation, race, religion, criminal convictions, photos, videos, contact information and more. Because the site's privacy policy had promised never to sell or share members' personal details without their permission, Texas was able to intervene to stop the sale of customer data, including intimate details on about two million Texans." But with this new language, users no longer enjoy that sort of protection. Only 17 of the top 100 sites even say they will notify customers of the data transfer. Only a handful allow users to opt out.

92 comments

Min score:

Reason:

Sort:

File this under "no big surprise:" by grimmjeeper · 2015-06-29 05:14 · Score: 4, Insightful

Reason #43385634 why I try to minimize my exposure by refusing to give as much personal information as I can as often as I can. Paying in cash for day-to-day transactions helps out a lot too.
1. Re:File this under "no big surprise:" by Shoten · 2015-06-29 05:26 · Score: 3, Interesting
  
  Reason #43385634 why I try to minimize my exposure by refusing to give as much personal information as I can as often as I can. Paying in cash for day-to-day transactions helps out a lot too.
  No kidding.
  With regard to True, I once used their service, very briefly. And then, a year later, I started getting all kinds of spam to the email address I had created just for that one account. Mind you, I literally had given this email address to only one entity, ever...the True website. I ended up just re-creating the email account and blackholing it.
  So either they had a breach (and didn't report it) or they sold the email address in violation of their own agreement. Since there are criminal legal consequences to not reporting a breach of PII and there have been many studies that indicate that companies (especially ones that are failing) violate their own privacy terms, I think the latter is more likely.
  
  --
  
  For your security, this post has been encrypted with ROT-13, twice.
2. Re:File this under "no big surprise:" by i.r.id10t · 2015-06-29 05:36 · Score: 1
  
  Cue the "Why not both" girl...
  
  --
  Don't blame me, I voted for Kodos
3. Re:File this under "no big surprise:" by turbidostato · 2015-06-29 05:41 · Score: 1
  
  Exactly that.
  It seems slashdot editors are short of news if this comes to first page.
  In other news, water is wet. News at 11.
4. Re:File this under "no big surprise:" by Carewolf · 2015-06-29 05:49 · Score: 2
  
  Yeah, there a laws specifically forbidding this in the EU for a reason.
5. Re:File this under "no big surprise:" by Anonymous Coward · 2015-06-29 06:02 · Score: 0
  
  You do know that any agreement can be changed by the company with or without notifying a consumer. This happens enough that is is not unusual.
  Scott McNeally, the CEO of Sun Microsystems, said that "Privacy is dead" when the Internet hit mainstream. He was correct and anyone who thinks differently really is living in an unreal world.
  POTUS Obama has proposed (and is going about to accomplished) placing all the USA health records "online" or "in the Cloud". This will make everyone's HIPPA and PII available to the entire world. This goes beyond USA companies contracting the paperwork to foreign companies. POTUS Obama has simplified the process for pirates to have your data. And no one complains.
6. Re:File this under "no big surprise:" by grimmjeeper · 2015-06-29 06:10 · Score: 1
  
  I heard the Pope is about to announce he's Catholic too.
7. Re:File this under "no big surprise:" by grimmjeeper · 2015-06-29 06:39 · Score: 1
  
  Given that many corporations are multinational and span continents, I bet your privacy isn't nearly as guaranteed as you might think.
8. Re:File this under "no big surprise:" by Z00L00K · 2015-06-29 07:14 · Score: 1
  
  I agree, and I more or less expect surprises.
  
  --
  If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
9. Re:File this under "no big surprise:" by reboot246 · 2015-06-29 07:19 · Score: 1
  
  Don't get used to paying with cash. The government and the financial industry want to do away with cash.
  
  My guess is that most slashdotters would happily go along with doing away with cash.
10. Re:File this under "no big surprise:" by grimmjeeper · 2015-06-29 07:38 · Score: 1
  
  It will take a lot for cash to go away. While the underground economy is driving a lot of the cash use, the privacy advocates will surely fight to keep it as well.
11. Re:File this under "no big surprise:" by Bob+the+Super+Hamste · 2015-06-29 08:09 · Score: 1
  
  I thought the Pope was going to announce that bears shit in the woods.
  
  --
  Time to offend someone
12. Re:File this under "no big surprise:" by grimmjeeper · 2015-06-29 08:24 · Score: 1
  
  Or was it that bears are Catholic and the Pope shits in the woods?
13. Re:File this under "no big surprise:" by Shoten · 2015-06-29 08:48 · Score: 1
  
  You do know that any agreement can be changed by the company with or without notifying a consumer. This happens enough that is is not unusual.
  Scott McNeally, the CEO of Sun Microsystems, said that "Privacy is dead" when the Internet hit mainstream. He was correct and anyone who thinks differently really is living in an unreal world.
  POTUS Obama has proposed (and is going about to accomplished) placing all the USA health records "online" or "in the Cloud". This will make everyone's HIPPA and PII available to the entire world. This goes beyond USA companies contracting the paperwork to foreign companies. POTUS Obama has simplified the process for pirates to have your data. And no one complains.
  Your point has one problem; as of the time when True went out of business, the "we don't share information" part of their terms of service as still in effect.
  Oh, and you misspelled HIPAA, in your quest to make this about the ACA. And also used it correctly...there is no "HIPAA and PII", it's just PII, which happens to be governed by a law called HIPAA. You'll do a lot better trying to convince others of your conspiracy theory if you can get the basic terms straight. Just sayin'.
  
  --
  
  For your security, this post has been encrypted with ROT-13, twice.
14. Re:File this under "no big surprise:" by Fnord666 · 2015-06-29 09:21 · Score: 1
  
  My guess is that most slashdotters would happily go along with doing away with cash.
  Your guess would be dead wrong, at least for this slashdotter.
  
  --
  'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
15. Re:File this under "no big surprise:" by Anonymous Coward · 2015-06-29 09:48 · Score: 0
  
  Circuit City did the exact same thing to me.
16. Re:File this under "no big surprise:" by Anonymous Coward · 2015-06-29 10:38 · Score: 0
  
  There is no "HIPAA and PII". If there isn't both PHI and PII, then HIPAA doesn't care.
17. Re:File this under "no big surprise:" by Anonymous Coward · 2015-06-29 16:39 · Score: 0
  
  Oh, sure, everyone wants to be an AC now!
18. Re:File this under "no big surprise:" by Carewolf · 2015-06-29 20:01 · Score: 1
  
  This is why private data about EU citizens must be stored in the EU, or the company storing it outside needs to sign a special contract with the EU (which has some extra US law to back it, so it isn't just a normal contract).
19. Re:File this under "no big surprise:" by Maritz · 2015-06-29 20:25 · Score: 1
  
  It's a hell of a lot better than nothing. Which is what you peeps have over there.
  
  --
  I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
20. Re:File this under "no big surprise:" by Errol+backfiring · 2015-06-29 21:54 · Score: 1
  
  That is exactly the reason you should use cash. The financial industry tries to shoehorn itself into every transaction you make. Society is by far better off without banks than without cash.
  
  --
  Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
21. Re: File this under "no big surprise:" by Anonymous Coward · 2015-06-29 23:47 · Score: 0
  
  I own the copyright of my data. If they want to sell it, they'd better pay me damn good money. I could make a fortune by licensing it to others.
22. Re:File this under "no big surprise:" by Bob+the+Super+Hamste · 2015-06-30 01:04 · Score: 1
  
  That really would be news but then who wears the funny hat?
  
  --
  Time to offend someone
23. Re:File this under "no big surprise:" by Anonymous Coward · 2015-06-30 04:11 · Score: 0
  
  The Pope is shit
  And catholics bear wood?
24. Re: File this under "no big surprise:" by Anonymous Coward · 2015-06-30 04:17 · Score: 0
  
  Should have read the T's and C's.
  You gave them a non-revoke-able, transferable license to use it however they wish.
Help me I'm a blindly trusting Millenial! by faway · 2015-06-29 05:14 · Score: 1, Funny

Everybody everybody! I need help! I trust the bad CORPORATIONS with all my personal details, and some of them went broke and sold me details to the big bad governments.
Oh why why why did I trust crappy companies? Because all my peers were doing it? Is the Internet a gateway drug??
1. Re:Help me I'm a blindly trusting Millenial! by bondsbw · 2015-06-29 05:22 · Score: 1
  
  The obvious solution is to just make sure they never go out of business. Too big to fail.
  The company gets to keep profiting off of you, and you get to keep providing them with data that will help further their profiting off of you. Win-win!
  
  --
  All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
2. Re:Help me I'm a blindly trusting Millenial! by Qzukk · 2015-06-29 05:52 · Score: 4, Insightful
  
  Or require that the entity purchasing an asset out of bankruptcy also inherits the contracts binding that asset. If my landlord goes bankrupt I don't get to say "Woo! Free house!" and ignore the terms of my contract with the landlord, why should whoever takes over after the landlord not be bound by the terms of the contract either?
  
  --
  If I have been able to see further than others, it is because I bought a pair of binoculars.
3. Re:Help me I'm a blindly trusting Millenial! by Anonymous Coward · 2015-06-29 05:59 · Score: 0
  
  Oh, there's your confusion. A privacy policy is not a contract.
4. Re:Help me I'm a blindly trusting Millenial! by Hognoxious · 2015-06-29 07:20 · Score: 1
  
  Then perhaps it should be.
  
  --
  Confucius say, "Find worm in apple - bad. Find half a worm - worse."
How is this new? by gstoddart · 2015-06-29 05:19 · Score: 5, Insightful

This has been known for years. Those privacy promises do not survive bankruptcy, and your personal information they promised never to sell becomes another asset to be disposed of.
This has been happening for years. Don't want your personal information sold, don't provide it to them.
Even their privacy policies which say they'll never sell it will have legal language which says "unless we change our mind".
The promises by corporations to play nicely aren't legally binding and can be changed on a whim. I'm pretty sure we've seen other examples of this over the last decade.
Unless there are actual laws preventing this, any promises are pretty much worthless.
Some countries have enacted privacy laws, but I'm pretty sure the US never would -- because that would limit corporations.
This might finally becoming plain to everybody else, but the vast majority of people here should already know this.

--
Lost at C:>. Found at C.
1. Re:How is this new? by UnknownSoldier · 2015-06-29 05:28 · Score: 1
  
  Agreed. Can we file this under:
  No Shit, Sherlock
2. Re:How is this new? by Mishra100 · 2015-06-29 05:38 · Score: 1
  
  This article is valid and delivers more data to the subject.
  It's always a great thing to remind individuals of language within these site's terms of service. Due to the fact that I don't have time to find to comb through terms of service, this particular language was new to me. In general, most of us know that data on the internet isn't safe is a good assumption.
  I give a thumbs up to the author.
3. Re:How is this new? by Anonymous Coward · 2015-06-29 06:03 · Score: 0
  
  This has only been known (for years) by clue-having geeks. So, it is news to quite a lot of people. Including most of the latest generation of slashdot readers.
4. Re:How is this new? by Anonymous Coward · 2015-06-29 06:50 · Score: 0
  
  Other "news"...
  THEY DONT HONOR THEIR PRIVACY POLICIES EVEN BEFORE THEY'RE SOLD.
  You know, like when you're using them, right now, today.
  You think privacy policies are good because they sound good to you and make you feel good.
  But if you EVER BOTHERED TO READ THEM, you'd see they've got more holes designed into them than a gigantic block of swiss cheese.
5. Re:How is this new? by Anonymous Coward · 2015-06-29 06:53 · Score: 0
  
  >The promises by corporations to play nicely aren't legally binding
  Depending on what country they would like to operate in.
6. Re:How is this new? by Anonymous Coward · 2015-06-29 08:21 · Score: 0
  
  Other "news"...
  THEY DONT HONOR THEIR PRIVACY POLICIES EVEN BEFORE THEY'RE SOLD.
  Pretty much this.
  The privacy agreement is between you and the company and it can't legally be transferred without your consent. That doesn't prevent it from being sold and misused.
  Unless you are willing to fight billion dollar companies in court for your rights they can do whatever they pleases.
7. Re:How is this new? by Fnord666 · 2015-06-29 09:24 · Score: 1
  
  Agreed. Can we file this under:
  No Shit, Sherlock
  
  Given that the editors can't even manage to file stories with "Ask Slashdot" in the title under the "Ask Slashdot" section (I'm looking at you Timothy!), I would have to say probably not.
  
  --
  'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
8. Re:How is this new? by Anonymous Coward · 2015-06-29 09:31 · Score: 0
  
  Most of the time you have to buy the rest of the assets of a company (or a product line like when Ford sold Jaguar - the new company would get the customer list for that product line) where the customer list can be said to be a required supplemental bit of a information require to properly support the assets that were bought.
  I think in the case of RadioShack things were a bit different because they were selling the user data as a separate item, which is what brought things like this to the attention of people. Of course in the case of RadioShack they didn't really have any other assets of value.
9. Re:How is this new? by Khashishi · 2015-06-30 07:00 · Score: 1
  
  The question is not, does it happen (we all know it does), but should it happen, and should we be quiet about it.
Well... duh. by mlts · 2015-06-29 05:21 · Score: 3, Insightful

This has been an issue with any Internet business, be it a cloud provider, dating service, or someone who services vend-a-goat machines. When they go bankrupt, no contracts are honored, and the data falls to the buyer of the company or the physical servers, and can be used, without restriction, by the new party. For example, if a cloud computing service goes bankrupt, the next owner of the physical servers can make a multi-terabyte torrent of the contents, there is nothing the former clients can do about the data legally.
The only real solution to this is having part of the bankruptcy law changed to mandate supervised destruction of all data as part of the handover of servers.
1. Re:Well... duh. by ZombieBraintrust · 2015-06-29 05:41 · Score: 2
  
  It has been true prior to the invention of the internet. Businesses have been keeping personal data on customers for thousands of years. That data is always part of the sale of the company. Companies buy each other to get the other companies customers. You can't purchase customers without transferring customer data. Management of a company can change at any time. So even if the name on the site doesn't change your data may wind up in the hands of new people.
2. Re:Well... duh. by Anonymous Coward · 2015-06-29 05:42 · Score: 0
  
  Um, this was an issue many years before the internet or even computers existed. Your details have ALWAYS had the chance to be for sale at EVERY company you've ever done business with regardless of what their policy states. Nearly every company that has ever sold since the dawn of time has sold what ever details they have on their customers to the new owners.
Useless by Anonymous Coward · 2015-06-29 05:22 · Score: 0

Anyone who gives a shit already knows this.
In other news... by xxxJonBoyxxx · 2015-06-29 05:22 · Score: 3, Funny

* A clear sky is blue
* The sun will rise tomorrow
* A bear...
1. Re:In other news... by Anonymous Coward · 2015-06-29 11:01 · Score: 0
  
  * A bear...
  becomes pope?
That's normal business transaction by SpaghettiPattern · 2015-06-29 05:23 · Score: 4, Insightful

When you sell a business as a whole, you sell its inventory, credits, debits and running contracts. If you want to do that differently than you have to stipulate. But then the business's value will be different. Private customer information is as much inventory as is the fish tank in the hall.

--

I hadn't the slightest objection to his spending his time planning massacres for the bourgeoisie... (P.G. Wodehouse)
1. Re:That's normal business transaction by Anonymous Coward · 2015-06-29 08:27 · Score: 0
  
  Private customer information is as much inventory as is the fish tank in the hall.
  Not in communannystatist countries like the EU with their anti-market homo Data Protection Act.
  --
  roman_mir
2. Re:That's normal business transaction by Chris+Mattern · 2015-06-29 08:40 · Score: 2
  
  Private customer information is as much inventory as is the fish tank in the hall.
  Except that the company never told people nobody else would ever have the fish tank in the hall.
If we only set a string precedent... by argStyopa · 2015-06-29 05:28 · Score: 2

"..Because the site's privacy policy had promised never to sell or share members' personal details without their permission,..."
Sounds like we could charge the corporate officers with 2 million counts of fraud at least.
If we actually set a strong precedent of punishing site owners for their cavalier disregard for the promises made, I suspect this wouldn't be something we'd have much worry about.

--
-Styopa
1. Re:If we only set a string precedent... by mlts · 2015-06-29 05:42 · Score: 1
  
  They can easily change the agreement by updating the TOS and have a statement in said link that continued use of the site constitutes acceptance of the new terms. For a bankrupt company, that would be enough legal CYA to prevent any judge from ever piercing the corporate veil.
2. Re:If we only set a string precedent... by grimmjeeper · 2015-06-29 06:37 · Score: 1
  
  "..Because the site's privacy policy had promised never to sell or share members' personal details without their permission,..."
  Sounds like we could charge the corporate officers with 2 million counts of fraud at least.
  If we actually set a strong precedent of punishing site owners for their cavalier disregard for the promises made, I suspect this wouldn't be something we'd have much worry about.
  Who are you going to charge when the business has closed its doors and a bankruptcy court is discharging its assets to creditors?
3. Re:If we only set a string precedent... by Jason+Levine · 2015-06-29 06:40 · Score: 1
  
  They can easily change the agreement by updating the TOS and have a statement in said link that continued use of the site constitutes acceptance of the new terms.
  
  This led me to wonder about the following scenario:
  - You sign up with SomeCompany.com and enter some personal information. They promise never to sell your information.
  - You stop using SomeCompany.com.
  - SomeCompany.com updates their TOS saying "We can now sell your info. Your continued use of this site is acceptance of this new TOS."
  - You still don't go to SomeCompany.com
  - SomeCompany.com sells your information.
  Has SomeCompany.com violated any laws? My guess is that even if the answer is "yes", the chances of getting any meaningful judgement from them is nearly zero. Even if you sue them and even if they don't drag it on and even if you win, chances are the penalty for their actions will be less than what they get for selling the data.
  
  --
  My sci-fi novel, Ghost Thief, is now available from Amazon.com.
4. Re:If we only set a string precedent... by Anonymous Coward · 2015-06-29 09:46 · Score: 0
  
  You really think TOS survives bankruptcy?
5. Re:If we only set a string precedent... by argStyopa · 2015-07-01 01:16 · Score: 1
  
  If the corporate officers aren't DEAD, then they should still be culpable.
  In the particular context of data, it's their choice whether or not they retain that data in a way that it could be sold. If at the end of the day the site fails, the business fails, and they go into bankruptcy, it's entirely their choice to preserve that data and sell it to mitigate their losses OR to destroy it based on their previous commitment to do so.
  Now, I recognize that a bankruptcy court might frown on that as destruction of an asset of value, but IMO when you're dealing with such data businesses, it should be explicitly laid out in loan agreements that "the company's private data is NOT a secureable asset and is contractually required to be destroyed at the closure of the corporation" thus making it clear in advance that it's not an asset to be borrowed against.
  
  --
  -Styopa
Duh. by SecurityGuy · 2015-06-29 05:31 · Score: 2

Most also say they can chance the agreement at any time. An agreement that one party can change at any time doesn't really mean anything anyway.
Going downhill for Dice by Anonymous Coward · 2015-06-29 05:31 · Score: 0

It's no wonder I remain an AC on every site I can.
Like when comparnies change their Privacy Policy.. by Boss,+Pointy+Haired · 2015-06-29 05:37 · Score: 2

...and make no mention as to what happens to your data that they captured under their previous privacy policy.
Business Asset by Virtucon · 2015-06-29 05:39 · Score: 0, Flamebait

It's a business asset and as such can be transferred and despite the terms of service and policies set forth, a bankruptcy judge can pretty much throw that away if it means getting revenue for creditors and bond holders. In a lot of cases, the value of customer data can be considered significant, why do you think WhatsApp was so valuable to Facetard?
It's also boggling that people still think that terms and conditions actually protect them in any way, shape or form. They don't, they describe your "permitted access" and protect the provider; if you had good legal council they'd probably say "don't agree."

--
Harrison's Postulate - "For every action there is an equal and opposite criticism"
There is no privacy when you don't control data by sinij · 2015-06-29 05:43 · Score: 1, Insightful

Surprise! There is no guarantee to privacy when you don't control your data.

The same goes for any cloud application.
Sale of a company by jklovanc · 2015-06-29 05:46 · Score: 3, Insightful

Clauses like this allow data to be transferred to the new company running the business. Many of these agreements state that the company the purchases the data will be bound by the privacy provision of the rest of the privacy policy. For example many privacy agreement state that personal data will not be used for marketing. The new owner would also be bound by that policy. Here is Google's policy;

If Google is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy.
Without this provision it would be much more difficult to sell a company or merge with another company. I am sure that the value of Google with it's user base is much more than the value of Google with no users.
It's a lot simpler than that by Anonymous Coward · 2015-06-29 05:49 · Score: 0

The promises by corporations to play nicely aren't legally binding
More like: anycontract is legally breakable in bankruptcy court.
Bankruptcy courts are more reluctant to break some contracts (student loans, CxO personal services) than others, but ultimately any contract can be undone by a bankruptcy court.
Duh by fahrbot-bot · 2015-06-29 05:54 · Score: 1

When a Company Gets Sold, Your Data May Be Sold, Too
Duh. Are poster and editor new - to like everything?

--
It must have been something you assimilated. . . .
Please don't confuse by NotInHere · 2015-06-29 05:55 · Score: 3, Interesting

Your data = "data which you fully control", usually a part of the data on your HDD. Its getting less and less year after year.
Data about you = "data you use as payment for 'free' services"
1. Re:Please don't confuse by Anonymous Coward · 2015-06-29 06:11 · Score: 0
  
  mod up. not enough people realize this
2. Re:Please don't confuse by Anonymous Coward · 2015-06-29 07:11 · Score: 0
  
  It's getting more and more difficult to even ensure the data on your hd is under your full control anymore =/
Duh. by pubwvj · 2015-06-29 06:05 · Score: 1

And why did you _every_ think it was otherwise.
If you care, code your data. This is easy to do with small spelling variations. Some address correction systems get rid of them but you can get it through if you're creative. Then you can track the flow of your data. It's fun. But there is no privacy. Welcome to 1984 all over again.
ANOTHER reason. by Anonymous Coward · 2015-06-29 06:06 · Score: 0

That's ANOTHER reason why I NEVER give personal information.
1. Re:ANOTHER reason. by Anonymous Coward · 2015-06-29 21:57 · Score: 0
  
  http://www.performancemagazine.org/wp-content/uploads/Calvin_Hobbes_Data_Quality.gif
Your data is their value by Anonymous Coward · 2015-06-29 06:12 · Score: 0

All these companies have almost no other valuable assets than your data to begin with!
1. Re:Your data is their value by 0123456 · 2015-06-29 06:23 · Score: 2
  
  All these companies have almost no other valuable assets than your data to begin with!
  Bingo. These companies make money collecting your data. It's their biggest asset, and that asset will be sold if the company is sold.
Assets by darkain · 2015-06-29 06:21 · Score: 1

When buying a company, part of what you're buying are their assets, both tangible and intangible. This is NOT exclusive to just modern internet companies. Go anywhere as far back in history as you'd like. When one company buys another, why would they NOT transfer over customer account records?
Just imagine the inverse for a second... The company you're doing business with gets bought out, but are not allowed to transfer over their records. You walk into that business the next day, and before you can even do anything, you are greeted with "SORRY, new ownership, you have to start over your account with us from scratch"
Now take that example, and apply it to:
ISP merger. "SORRY you have to re-sign up for your internet access"
Bank: "SORRY, you need to sign up for a new checking/savings/credit account"
Clubs: "SORRY, you're not a member anymore!"
Mortgage: "SORRY, you don't own your house anymore"
1. Re:Assets by Anonymous Coward · 2015-06-29 07:43 · Score: 1
  
  You expect them to pass along the customer records if they transfer a business unit to another company, for the reason you stated. You don't expect those records to be separately sold as an asset in-and-of-themselves.
2. Re:Assets by Maritz · 2015-06-29 20:39 · Score: 1
  
  And of course, this is precisely the same thing as selling data to the highest bidder for any purpose they choose.
  
  --
  I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
The cat is out of the bag by daq+man · 2015-06-29 06:22 · Score: 3, Informative

It's already too late for us early adopters. Our information is out there and can't be claimed back now.
For example, up to a year ago I used a cloud storage service to store some files (fortunately encrypted) that I didn't want to lose, tax records and statements in PDF format. I found a better alternative so copied all of the files before deleting them and then asking the company to close the account. Fast forward a year and my "better alternative" announced that they were going out of business so I contacted the first company. I couldn't create a new account because it was keyed to my email address which was already in the system so they offered to reopen the old account. When I closed the account I still had several months left on the subscription and they kindly credited those to the reopened account. When I first logged in I was shocked to find that not only had they restored my physical address in the account info but also my credit card info. They also had helpfully restored all of the files that I had stored in the account. Remember, I deleted them before closing but they pulled them out of the backup from the day before I closed. That now has me thinking about both companies. The one that is still in business but doesn't delete backup copies and personal information of deleted accounts, and the one that went out of business that, presumably, had the same sort of info. Who now owns the databases with my credit card info and the backup tapes with my data?
The only two things to learn from this story are, encrypt whatever and wherever you can, and chose companies that you think (hope) are in there for the long haul.
1. Re:The cat is out of the bag by PPH · 2015-06-29 07:34 · Score: 1
  
  It's already too late for us early adopters.
  
  I don't know about that. Google, Facebook and other services 'real names' policies are a relatively recent feature of on-line services. Back when I began setting acounts up, I used throw-away e-mail addresses, pseudonyms and other tactics which are increasingly discouraged. Having put my files and other info. out there encrypted, I feel relatively secure in knowing that all a service provider will have to sell is unintelligable binary blobs.
  
  --
  Have gnu, will travel.
2. Re:The cat is out of the bag by CastrTroy · 2015-06-29 08:41 · Score: 1
  
  While you obviously see it as a privacy issue, and I agree it is, many people would probably see what you experienced as great service. The fact that you could close your account and then re-open it and not have to go through the trouble of re-uploading all the data and reconfiguring all your payment information would probably be seen as a great feature by many people.
  My cousin lost her phone, and upon getting a new one was very thankful that all her contacts got restored onto the new phone. She didn't care that somebody else has access to her list of contacts. She only saw the plus side. Before the advent of cloud services, losing a cell phone or PDA (when they were still a thing) mean that you would loose your contact list. Being diligent about backing up the list to your desktop was very important so that you didn't lose data. Now all data is instantly synced, making our lives a lot easier.
  
  --
  
  Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
3. Re:The cat is out of the bag by daq+man · 2015-06-29 09:13 · Score: 1
  
  I agree with you. It was actually very useful to me too that they did such a diligent job of restoring everything. My point, and warning, was that, even though I deleted my files myself and then closed the account the files were still "out there" on backup tapes etc. I wasn't too concerned for myself because everything was encrypted twice (encrypted files on encrypted disk images, yes I'm paranoid but it was tax data). What occurred to me after reading this Slashdot article is that someone could store unencrypted files with what, at the time, is a reputable company. That company goes bust and sells their assets including the backup tapes, databases etc. So, don't trust the reputation of the company that exists now unless you know that the files are encrypted on your machine before they are transferred to their servers or you encrypt them yourself (or if you are paranoid both!).
whhooooooaaaaa!!! by Anonymous Coward · 2015-06-29 06:27 · Score: 0

reeaaaalllllyyyy?
Isn't this just common sense? by Anonymous Coward · 2015-06-29 06:27 · Score: 0

Seriously dude. If you're fronting millions of dollars out more wouldn't you expect all of the business assets?
Everything has a value whether it's scrap or data like the last douche you bought at Walgreens because your whining makes your breath stink!
"Too much personal data to fail" by tlambert · 2015-06-29 07:04 · Score: 1

The obvious solution is to just make sure they never go out of business. Too big to fail.
I think you maybe mean "Too much personal data to fail"... which is an incredibly disturbing thought.
Just remember who decides... by Roger+W+Moore · 2015-06-29 07:14 · Score: 1

I think you maybe mean "Too much personal data to fail"... which is an incredibly disturbing thought.
Not really - remember that it is your government who decides which companies are too important to fail. So just make sure that you use websites that your politicians use and you should be fine!
I want lavabit back by Anonymous Coward · 2015-06-29 08:46 · Score: 0

There was a simple and fast email service called lavabit. It had a strong commitment to privacy. In 2013, rather than hand information over to the Feds, it shut down.
I want lavabit to reopen, and give feds whatever access they want. I want Lavabit to be a protector of private email against big business. Maybe even add a cheazy, text only, very limited facebook like social network. They can learn some lessons from mailinator, on how to operate on a budget.
Lavabit can be a haven of privacy from corporations like Facebook, AOLs, and MSN.
Well... by Anonymous Coward · 2015-06-29 08:56 · Score: 0

Since the company data MUST get sold when the company goes bankrupt (judge sees more of a responsibility to creditors than customers at this point), even if the policy didn't say this, it would still be true.
At least this way you get a warning... on page 7 of legalese.
Just sue them by Anonymous Coward · 2015-06-29 09:08 · Score: 0

Just sue the company that buys the data for copyright infringement. If Oracle can claim copyright on a functional spec (Java API), there is no reason that you cannot claim copyright on data about you. They both make the same amount of nonsense.
And the 15%? by CurryCamel · 2015-06-29 09:25 · Score: 1

85 of the top 100 websites
So the 15 out of a 100 websites:
-destroy your data upon merger/bankrupsy/...
-don't collect any data about you
-lie
These people vote. by Anonymous Coward · 2015-06-29 09:32 · Score: 0

Isn't that frightening?
Such a simple, obvious concept is "shocking" "news" to them. And they vote.
Non-Tech Companies have done this for 50+ Years. by Anonymous Coward · 2015-07-01 16:49 · Score: 0

One of the primary reasons for companies being bought, isn't always the intellectual property, or distribution networks, but for it's customer base. This has been in the nature of business for at least 50 years, as the consumerist economy of America was just learning about computers and personal data.