Privacy policy?

Dachannien
Posts: 14
Joined: Fri Aug 17, 2007 2:42 am

Privacy policy?

Post by Dachannien »

Has there been any progress on the privacy policy? The promise not to sell our info to unrelated third parties is good, but my main concern is whether our personally-identifiable info will be sold/given to TMS or not, and if so, whether they are bound (such as by contract with SD) as to how they're allowed to use that info. We didn't have to provide any such info to TMS when signing up for Zap2It.

danielk
SD Board Member
Posts: 62
Joined: Tue Aug 14, 2007 2:40 pm

Re: Privacy policy?

Post by danielk »

Has there been any progress on the privacy policy?
Yes, we have a first draft from the lawyers that we're reviewing now.
The promise not to sell our info to unrelated third parties is good, but my main concern is whether our personally-identifiable info will be sold/given to TMS or not, and if so, whether they are bound (such as by contract with SD) as to how they're allowed to use that info. We didn't have to provide any such info to TMS when signing up for Zap2It.
Unfortunately the lawyers just instructed us today that having official Schedules Direct voices like mine involved in the Privacy Policy discussion is a terrible frightful appalling dire horrendous thing to do. So we will just have to present the policy as is. We're not even supposed to ask the members what they think. But we will of course try to address every issue that we can imagine in the policy itself.

ayourk
Posts: 3
Joined: Sat Sep 08, 2007 10:37 pm

Re: Privacy policy?

Post by ayourk »

There seems to be a few gramatical errors in the just released privacy policy:
Company may use cookies to store ??? on Your Computer basic information relevant to Your account and to Your visit to the Site.
(i) Company may retain certain of Your PII for recordkeeping purposes;
Those are just 2 instances of what I see as gramatical problems. There are others, but I can't find them at the moment.

xris
SD Board Member
Posts: 127
Joined: Fri Aug 17, 2007 10:22 am
Contact:

Re: Privacy policy?

Post by xris »

Welcome to legalese....

DaveAK
Posts: 4
Joined: Fri Aug 17, 2007 1:51 pm

Re: Privacy policy?

Post by DaveAK »

Can the lawyers answer our questions, and if so would one of them care to join the forums for discussions?

I don't actually have any questions myself, but I'm just curious as to whether that's a possibility for those that do have questions. You're soon going to get tired of saying, "Sorry, I can't answer that." :)

dsr
Posts: 2
Joined: Fri Aug 17, 2007 10:32 am

Re: Privacy policy?

Post by dsr »

I have issues with the privacy policy, and I believe that SD might want to fix some or all of them.


3. Disclosure of Collected Information.

...

* Assignment. Company reserves the right to transfer any and all information that Company collects from the Site's users to a third party in the event of a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of Company's business, assets or stock (including, without limitation, in connection with any bankruptcy or similar proceedings).


In the event of the Company doing any of those things, subscribers should be notified and given a chance to remove
all of their PII prior to the transfer. 30 days notice is reasonable.

* Law enforcement; emergencies; compliance. Notwithstanding any other provision of this Policy to the contrary, Company reserves the right to disclose Your PII to other parties when Company reasonably believes such action (a) is appropriate under applicable law; (b) to comply with legal process; (c) to respond to governmental requests; (d) to enforce Company's Subscription Agreement or Terms of Use; (e) to protect Company's operations or Supplier's operations; (f) to protect the rights, privacy, safety or property of Company, Supplier, You or others; and (g) to permit Company to pursue available remedies or limit the damages that Company may sustain in the event of a dispute. For example, Company may, to the fullest extent permitted by the law, disclose Your PII to law enforcement agencies to assist such agencies in identifying individuals who have been or may be engaged in unlawful activities.

a is worded badly; it ought to be "is required under applicable law". c is extremely bad; if the government wants subscriber information, they should get a subpoena. SD should not be handing out addresses to any cop who calls them up.

xris
SD Board Member
Posts: 127
Joined: Fri Aug 17, 2007 10:22 am
Contact:

Re: Privacy policy?

Post by xris »

DaveAK wrote:Can the lawyers answer our questions, and if so would one of them care to join the forums for discussions?
Probably not. They're extremely busy, and since we're getting their services for free, we don't really have the right to ask them for more than they originally offered. If they were being paid, then we'd probably have to pay for the time they spend answering questions, and that could add up pretty quickly.
DaveAK wrote:You're soon going to get tired of saying, "Sorry, I can't answer that." :)
Already happened. The most annoying thing (to me) is that the 2 or 3 most common concerns people have are because they misread/misunderstand certain sections of the document (I had the same problems the first time I read this document), and it would be very easy to clarify why the PP says what it does. I'm trying to see if we can get some lawyer-approved FAQ entries to answer those questions, though.

Torg
Posts: 3
Joined: Mon Aug 20, 2007 11:48 am

Re: Privacy policy?

Post by Torg »

Law enforcement; emergencies; compliance. Notwithstanding any other provision of this Policy to the contrary, Company reserves the right to disclose Your PII to other parties when Company reasonably believes such action (a) is appropriate under applicable law; (b) to comply with legal process; (c) to respond to governmental requests; (d) to enforce Company's Subscription Agreement or Terms of Use; (e) to protect Company's operations or Supplier's operations; (f) to protect the rights, privacy, safety or property of Company, Supplier, You or others; and (g) to permit Company to pursue available remedies or limit the damages that Company may sustain in the event of a dispute. For example, Company may, to the fullest extent permitted by the law, disclose Your PII to law enforcement agencies to assist such agencies in identifying individuals who have been or may be engaged in unlawful activities.
This is an EXAMPLE, not a real situation.

Does this mean that if I am a Comcast customer and I pay for X channel, they can ask for all people who use Comcast to see if someone is using a list of channels they do not receive. They could potentially use this information in a malicious way to prosecute users (ala RIAA) to hold people from not using there DVR, or claiming they are stealing cable (as a pretext) and instead using somehting like Myth? What if this company was DirecTV and they so change for a DVR (in which they do) and instead of allowing others to use the boxes as tuners to record go after users saying they are trying to get away without paying a DVR fee?

There already is a case of DirectTV using pretexting to get data on Echostar. What is to say they will not use data mining from SD to "locate" pirates.

And no I do not have a Cable or DirectTV lineup or receive their signal. This is simply a question of can you give the information to third parties just because they ask?

DaveAK
Posts: 4
Joined: Fri Aug 17, 2007 1:51 pm

Re: Privacy policy?

Post by DaveAK »

xris wrote:I'm trying to see if we can get some lawyer-approved FAQ entries to answer those questions, though.
That sounds like a good idea.

I only have one question really. Should I have read the policy? :D

wyatt
Posts: 4
Joined: Sat Sep 01, 2007 11:32 pm

Lack of privacy policy?

Post by wyatt »

Section 1 Collection of Information gives an example of non-PII as
...or Internet Protocol address...
. This is not true in my case. I have a .ca domain and a static IP that I use to access my account. That IP can be used with whois to obtain real name, real address, real phone number. That's personal!

Section 2.b goes on to say
Because Non-PII does not personally identify You, Company may use such information for any purpose.
.

In order to prevent this from happening I have to give up almost two months of data that I've already paid for because my account will be deactivated if I don't agree to this policy? Did I agree to this when I paid for the data?

Post Reply