Slashdot Mirror
Concert Ticket Retailer AXS Collects Personally Identifiable Data Through Its App, Which is Mandatory To Download, and Sells It To 3rd Party Without Anonymizing (theoutline.com)
AXS, a digital marketplace operated by Anschutz Entertainment Group (AEG), is the second largest presenter of live events in the world after Live Nation Entertainment (i.e. Ticketmaster). Paris Martineau of The Outline reports that the company forces customers to download a predatory app which goes on to snatch up a range of personally identifiable data and sells it to a range of companies, including Facebook and Google, without ever anonymizing or aggregating them. From the report: The company requires users to download an app to use any ticket for a concert, game, or show bought through AXS, and it doesn't come cheap. AXS uses a system called Flash Seats, which relies on a dynamically generated barcode system (read: screenshotting doesn't work) to fight off ticket scalping and reselling. [...] Here's a brief overview of all of the information that can be collected from just the mobile app alone, nearly all of which is shared with third parties without being anonymized or aggregated: first and last name, precise location (as determined by GPS, WiFi, and other means), how often the app is used, what content is viewed using the app, which ads are clicked, what purchases are made (and not made), a user's personal advertising identifier, IP address, operating system, device make and model, billing address, credit card number, security code, mailing address, phone number, and email address, among many others. [...] AXS also shares the personal data collected on its customers with event promoters and other clients, none of whom are bound even by this (extremely lax) privacy policy.
Who the hell would download an app to buy a ticket?
Someone who is told they must download an app to buy a ticket. But that isn't even what has happened here. They were told they have to download an app and create an account after already buying the ticket.
I recently went to a show, and while many people used apps to show bar codes, printed version that I presented worked just as well.
Their terms of purchase make no mention of the app, so this looks like AXS is breaking their contracts.
The real "Libtards" are the Libertarians!
most venues in seattle don't charge the ridiculous fees if you show up in person to box office hours. Also I've bought tickets from this company before and never downloaded the app. They did tell me I had to download the app though, which I ignored. The tickets were emailed to me like immediately.
This is the sort of thing that the EU's GDPR is supposed to address. Hopefully it will provide a model for other jurisdictions, I think that California's Privacy Bill is along the same lines.
The other thing that we badly need are devices that let us lie to apps; show them the profile that we want them to know. It should also be illegal for apps to refuse to work if they detect that they are being lied to.
https://www.gdpreu.org/complia... Actually, the GDPR sets fines to as high as 2-4% of the violating company's annual revenue or €10-20B (whichever is higher :)), not just one transaction. Basically it means that: "if you mess with our people's rights, we will bury you in the smoking ruins of your HQ"