AT&T Rewrites Privacy Policy 316
VikingThunder writes "The San Francisco Chronicle reports that AT&T has revamped its privacy policy, in an effort to head off future consumer lawsuits, with changes taking effect this Friday. AT&T is introducing a new policy that gives it more 'latitude' when it comes to sharing your browsing history with government agencies. Notable changes include notification that AT&T will track viewing habits of customers of its new video services Homezone and U-Verse, which is forbidden for cable and satellite companies, as well as explicitly stating that the customer's data belongs to the company: 'While your account information may be personal to you, these records constitute business records that are owned by AT&T. As such, AT&T may disclose such records to protect its legitimate business interests, safeguard others, or respond to legal process.'"
It's time to take action. (Score:5, Interesting)
This is exactly the treachery that leads to companies going under...You f*ck the consumer, you get f*cked right back.
I say call up your local congressman/woman and tell them that you want the Cable Communications Policy Act of 1984 to include provisions for all methods of distributing content, including IPTV. Also explain to them that your privacy is important to you and that you want them to support as many privacy bills as they can.
Of course, if that doesn't work, just ditch AT&T. I know there is enough competition out there to cripple them. Alas, you might end up paying a bit more, but think of it as the price you pay for privacy, and consumer-friendliness.
Well, I would not be surprised... (Score:5, Interesting)
*Sigh of relief* (Score:3, Interesting)
How is this legal? (Score:4, Interesting)
So, does this mean we can get out of our contracts (Score:4, Interesting)
Perfect opportunity for me to get off my duff. (Score:5, Interesting)
For those in the US, 1-800-222-0300 option 6 gets you where you need to go. Expect a 30 minute (or more) wait time.
Fuckers...
Contract Violation (Score:4, Interesting)
If I used AT&T for anything covered by that privacy "policy", I'd sue them for unilaterally changing the terms of the contract without my consent. If I were a lawyer, I'd construct a class of everyone whose contract they're breaching.
Unless the old privacy policy says "AT&T can unilaterally change any terms of this policy without notice at any time", in which case I'd be a fool to think it was anything but an invitation to screw me whenever they want.
wait... the cable co isn't tracking what I watch?! (Score:2, Interesting)
Did anybody else find that the most shocking/suprising part of the article? I had just always assumed that the primary purpose of the digital boxes the cable company gives you was so that they could have more control over tracking what you're watching and when, but apparently my secret American Idol fetish is safe (at least from the cable company's datawharehouse).
Re:How is this legal? (Score:2, Interesting)
Best Buy is allowed to keep all your credit card purchases on file, and use those records however they see fit in the course of business - including selling your purchasing habits to a marketing firm for analysis.
If you don't like it, tough titties. Move to a developing nation that doesn't have technology yet.
Re:Time for the Privacy Act (Score:5, Interesting)
That's not all. The wording in the old privacy policy said:
the company "may disclose your information in response to subpoenas, court orders, or other legal process to the extent required and/or permitted by law"
New policy:
the company "may disclose your information in response to subpoenas, court orders, or other legal process"
Looks like the law isn't important to them anymore.
Re:How is this legal? (Score:5, Interesting)
While your account information may be personal to you, these records constitute business records that are owned by AT&T.
This really summarizes the legal problems with privacy here in the US. Although the data that people collect on you is "personal to you", it almost always, legally, belongs to whoever collected it. The hodgepodge of Federal and state laws doesn't help. For example, here in Virginia, my medical records are the property of my doctor. It was only relatively recently that legislation was passed that gives me the statutory right to see my own medical records.
This also relates directly to the more-or-less careless approach many firms take to protecting personal data. If the data belongs to them, they are that much more insulated from any legal consquences of losing it.
Bruce Schneier [schneier.com] has discussed this in a number of his blog posts and essays.
Read between the lines... (Score:0, Interesting)
Charter Communicationsbasically does this also (Score:3, Interesting)
Neither Charter nor any of its affiliates, suppliers, or agents have any obligation to monitor transmissions or postings (including, but not limited to, e-mail, newsgroup, and instant message transmission as well as materials available on the personal web pages and online storage features) made on the Service. However, Charter and its affiliates, suppliers, and agents have the right to monitor these transmissions and postings from time to time for violations of this Policy and to disclose, block, or remove them in accordance with the Subscriber Agreement and any other applicable agreements and policies.
Charter laid this out about 15 months ago, basically stating that they have the right to watch and record anything you are doing under the guise of "protecting" itself
Re:It's time to take action. (Score:3, Interesting)
Better to trial and fail then not try at all, I'd say. At least if you actively work to avoid them, eventually you will at least hurt them financially - which can eventually (hopefully?) lead to someone else with bigger pockets that we can trust finally buying out the backbone.
It's not so easy in more rural areas, but I suspect this will give Vonage a hefty boost if enough people get disenfranchised by AT&T over this to make the switch. That's assuming that Vonage can avoid more lawsuits [eweek.com].
Corporate Espionage (Score:5, Interesting)
So lets see:
If I work at AT&T and a headhunter calls me at work or at home the corporation to check my phone records to "protect its legitimate business interests".
If I am a competitor of AT&T's, AT&T can find out what VC's I've been calling to "protect its legitimate business interests".
If I am sueing AT&T, AT&T can check my phone records to find out when I called my lawyer to "protect its legitimate business interests".
If I sign a contract with AT&T to provide me with my competitors phone records AT&T can do it to "protect its legitimate business interests".
You know if I were in charge of secruity for a major corporation I would be extremely worried about this.
Small Business and Corporations? (Score:5, Interesting)
Every concerned citizen and individual should rail against these changes in their policy - even if you don't use their service now. Write to them and explain, calmly and rationally, why you would never use their service and how you will do everything in your power to explain to family and friends why THEY should not use their service either. Dissatisfied people talk to loads of other people. Pissed off people talk to loads of other people. ANYTHING negative gets spread, on average, 10 times more than positive things do. When was the last time someone you know went to the doctor and said they had a great visit? Probably can't remember that, but I can guarantee that _someone_ you know has been to the doctor/dentist/etc. in the past 2 weeks and has vented a complaint about "I had to wait FOREVER to even see the doctor and he was only in there for 5 minutes" or something along those lines. Will a write-in campaign from both people who are on their service as well as those who aren't work? MAYBE. Yes, capital maybe since is always an If. Corporations tend to be a little more responsive to loads of negative press and negative write-ins than the goverment of the USA seems to be. If a good many small businesses and larger businesses/corporations jump on the write-in bandwagon too (especially those affected by HIPAA, Sa-Ox and other "privacy" concerns) then I'd give it a good chance.
Not to mention who did NOT see this coming? Any company that uses the frigging DEATH STAR as a corporate logo has to be aiming for world domination somehow
WTF? (Score:4, Interesting)
As many erudite posters have pointed out this is nothing more than an astroturfing campaign by big telcos.. why is slashdot giving these people ad space?
Re:How is this legal? (Score:3, Interesting)
Or....you could just use cash.
Re:It's time to take action. (Score:1, Interesting)
Re:It's time to take action. (Score:2, Interesting)
Yours. If it affects Canadian citizens, it's the job of the Canadian elected officials to be concerned about it. In fact, it's probably much easier to convince your MPs and prime minister this is a problem than to convince our congressmen and president. Your government has some ability to influence America's foreign policy through diplomacy. In other words, I'd say you have as much of a chance of fixing this as I do...
For that matter, you can complain to Rogers as well. If somehow you succeed in getting a big company to listen to consumers, one big company will certainly listen to another if they think their business relationship is at stake.
Re:It's time to take action. (Score:5, Interesting)
I also operate my own mail server/domain, which most of my friends and family have accounts on. I allow ONLY SSL-protected connections, so no plaintext POP3 passwords flying about. As far as they're concerned it's only 1 extra checkbox to click so it's no big deal. SMTP+AUTH+SSL for sending.
Granted, that won't help for sending messages to the outside as they transit unencrypted at some point, but at least we can email each other in relative security. If the NSA wastes a few weeks of processor time just to find out what my lunch plans were last Friday, serves 'em right.
Grant it....it will slow you up a bit
Unless you're talking about initial setup, at the bandwidth levels that most consumer accounts have, I have never seen an appreciable slowdown due to encryption. My modest 266-Mhz router can saturate a 3Mb link with VPN traffic.
Even on my laptop where I do full-disk encryption (GELI on FreeBSD -- built in and it was cake to set up), I can still get upwards of 20MB/s disk I/O, which isn't significantly worse than the el-cheapo drive that's in there can manage without it.
Re:Why does contract law allow this? (Score:2, Interesting)
To further complicate matters, the original contract was printed on a thermal receipt-type printer, and my copy has since faded to illegibility. It didn't have the complete language anyway, to the extent that where I signed, it referred to my agreement to a copy of the "current" terms, as available on the website. These have obviously changed over the last two years, so what did I agree to?
Is it even an option to take someone like this to small claims court?
I guess AT+T is no longer a "Common Carrier" (Score:3, Interesting)
AT+T will now be a lightning rod for lawsuits, frivolous or not.
Re:It's time to take action. (Score:3, Interesting)
Well, one way to maybe at least get around having to 'have keys' for email. You could set up a nym server, that instead of mailing the mail to you...sent it to a newsgroup like alt.anonymous. Only you would know the subject for your messages, and have the encryption key to decrypt it.
I'd think the govt. in order to prove you needed to turn a key over to them...would need evidence of something you have that is encrypted?
At the very least...they could get all your keys, but, would never know where to get your messages...
Re:WTF? (Score:3, Interesting)
Why not? It sure is better than running the advert in front of people who will take it at face value. At least on slashdot it gets a firm rebuttal and helps pay for the place.
Re:It's time to take action. (Score:1, Interesting)
In short, the current American Administration has successfully made it illegal for US companies to do business with the Canadian Government. The civil service has largely chosen to disregard this however the issue is gaining traction slowly. Frankly, I think we need to throw a couple of these weasels in jail to speed this along but unfortunately CUPE's membership appears to be above the law.
Re:It's time to take action. (Score:5, Interesting)
Seriously though, the reason these apps haven't taken-off is because they face a chicken-and-egg problem: they aren't standards de facto or de jure.
I've tried getting my friends to use encrypted AIM, via GAIM, Trillian, etc.. Of course they don't use it, (except for another Slashdotter friend of mine): it's "too hard" and (so they say) if you have nothing to hide, then what's the concern over privacy about? (and then I sigh: "He who does not learn from the past, is doomed to repeat it...")
I have relatives who are privacy nuts, and one close to me is even somewhat technically-competent and very well-educated. Yet, mention "PGP", and his eyes glaze over.
If even the privacy-concerned intelligentsia don't want to put forth the effort to protect their privacy, then isn't the battle, as a defacto matter, basically lost?
I think privacy is, has, and will always be, a lost cause. It takes:
Few people outside of many computer scientists, and some in the hard sciences and math, and maybe a few lawyers, are competent to fully-grasp the implications of privacy loss. Most people are not so intelligent, nor nearly patient enough to understand the subject -- and so, most people don't give a rat's ass.
The reality of privacy around the world is that Scott McNeely was right some 10 years ago, when he proclaimed that "privacy is dead." I cannot think of a single period in time in which the U.S. or Britain have undergone periods in which privacy could be said to have generally *increased*. [1] Germany arguably improved after the fall of East German socialism, having eliminated the Stasi in the process, but that's like switching from a Yugo to a GM-made econocar for one's personal transportation -- it's a big improvement, but still very far from what is wanted.
Those of us who care about privacy can and do use such applications. The rest of the unwashed masses will be tracked and eventually hunted-down by governments, corporations, and sophisticated black-market criminal organizations like the goddamn cattle they are (and, if East German, Iraqi, Chinese, North Korean, and American communist history -- as well as the history of various black market businesses (drug cartels, the Mafia, etc.) -- is any indicator, murdered much the same).
It doesn't help either that privacy apps have typically not worked particularly-well. Freenet is a great example: it hogs RAM and CPU and in the end, content-retrieval is painfully-slow. Not to mention that Freenet, like PGP, is basically a big red flashing neon sign to law-enforcement suggesting a high probability of illegal activity (and I think those of us who genuinely run/ran it for the political purpose of keeping free-speech and privacy alive really are/were in the minority -- just as those with whom you can talk intelligently to on USENET, or anywhere else on the Internet or in real life, are in the minority)...
[1] Then again, how does one measure privacy? By the number of surveillance cameras, public and private? By the number of records per individual being analyzed out of databases? By the number of doors kicked-down on the basis of information obtained via a breach of privacy? By th
Obligatory Car Analogy (Score:2, Interesting)
Soultron: your bandwidth stream is not your property
Soultron: it's their property on their network
Kattana: Is your car on a road not your property because you dont own the road?
Quaoar: eh, analogies between information and tangible objects tend to break down
Kattana: Is your mail not your mail when it leaves your mailbox?
Quaoar: better
Kattana: much better, since its illegal to open mail in most cases.
Quaoar: of course, the argument there is that mail is handled by a public entity.
Soultron: is a cop allowed to stop your car and inspect it? is the post office allowed to inspect mail?
Kattana: and it contains your information.
Soultron: tampering with mail is only a crime when a private citizen does it
Kattana: cops and post office workers are _goverment_ employees
Quaoar: but the total "privateness" of telcoms is up for debate. They're one of the more involved corporate sectors in government business.
Quaoar: Soul, only if they have probable cause or a warrant/court order/whathaveyou of that sort. On both questions.
Kattana: AT&T is a private entity, they should not be allowed to open your packets any more than your packages.
PS, anyone know what laws apply to private mail carriers such as FedEX? are they even "mail carriers"?
PPS, I am posting chat in a comment posted on