When internet users visit Walgreens.com, a software company may record every keystroke, mouse movement, and scroll, potentially exposing medical conditions such as alcohol dependence, or the names of drugs a user has been prescribed, according to Princeton researchers.
Companies like Walgreens deploy these analytics software providers to see how people use their website or to identify broken or confusing web pages. The analytics companies place “scripts” on their clients’ websites that record individual browsing sessions for later viewing or a “replay session.”
In effect, the researchers say, software companies are “looking over your shoulder” as you navigate certain websites. The extent of the data collected “far exceeds user expectations,” including recording what you type into a text box before you submit it, “all without any visual indication to the user,” according to a study released Wednesday.
In response to questions from WIRED, Walgreens said Wednesday it would stop sharing data with the software company FullStory. “We take the protection of our customers’ data very seriously and are investigating the claims made in the article that was published earlier today,” Walgreens said in a statement. “As we look into the concerns that were raised, and out of an abundance of caution, we have stopped sharing data with FullStory.” A Walgreens spokesperson said FullStory’s software “essentially has an ‘on/off’ switch,” which the retailer has now turned off.
On Thursday a second retailer said that it, too, had stopped working with FullStory in light of the study's findings. Bonobos, a men's clothing retailer owned by Walmart, said in a statement, "We eliminated data sharing with FullStory in order to evaluate our protocols and operations with respect to their service. We are continually assessing and strengthening systems and processes in order to protect our customers’ data." The Princeton researchers had found that FullStory captured credit-card details, including the cardholder’s name and billing address, the card’s number, expiration, and security code on Bonobos' website.
Just seen this and I thought there may be other people here on FIO that may have been targeted with spam when providing their own, main email address.
My recommendations:
Before giving out your real email address to internet entities (such as trading vendors, brokers but also anything else unrelated to trading) make sure they are reputable. In today's world many shady companies will just sell your email address to marketers and you end up in limitless spam lists.
Check what their privacy policy is. Usually the shorter the better, but they do need to have one.
If you are not sure if the people who you are thinking of giving your email address to, are trustworthy, there are great free services such as Mailinator or 10minutemail where you give them an email address from a temporary mailbox. This way you are not endlessy spammed on your mailbox.
The following 5 users say Thank You to xplorer for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,359 since Dec 2013
Thanks: 3,696 given,
8,761
received
Excellent idea. I have very mixed thoughts on this. Use of data makes our lives better in so many ways but at the same time we all hate the ways its miss-used. Unfortunately I'm not sure there is an easy answer for non-anonymous data.
The following 3 users say Thank You to SMCJB for this post:
We're at a point where we can do things with data and data accumulation that were unheard-of and unthought-of just a few years ago. It's opening up entirely new and not well-understood vistas, just as everything in the computer and data-access/data-sharing world is doing.
They may not all be great, but some may be.
There will be rules, laws, practices and understandings that will bring order into all this chaos; it's just that we don't yet know what they will be. But like everything else, eventually what makes sense is what wins out. The only problem is that "eventually" can take a long time to get here.
I think the issue is real, and that bringing it up will be a part of the solution(s), and that, right now, it is hard to see what those solutions will be.
These are part of the broader concerns regarding communication and connectivity in a digital age. For instance, who would have said that something like Twitter or other social media would be important, or even possible, 20 years ago? Back then (not really a long time ago) news and opinion were always filtered though professional journalism. Whether that was better or worse is beside the point, because it's gone now.
This is not unlike the onset of the printing press, which very suddenly allowed almost anyone to put out a printed pamphlet expressing a point of view, without needing scribes or monks in monasteries. The social upset was remarkable. And good, ultimately. But "ultimately" can take a long time, too.
This is not exactly the original issue, but they are part of the same thing, I would say. Essentially, where is the control, and where are the limits? Too much control is bad, but so is too little.
Not offering solutions, just a comment on the relevancy of the questions.
Bob.
The following 5 users say Thank You to bobwest for this post:
Hi S - no question about how data is helping us make our lives better - there's a great documentary called "The Human Face of Big Data" from PBS which talks quite extensively about it.
As for answers, first of all I second the very thoughtful post Bob wrote - the problem with legislation is, it tends to lag behind in technology areas and, worse, people who make law about it tend to do so not understanding the very technology they are meant to regulate. They get advisers who are ill-advised themselves and prefer generally a political solution to a common sense one. My 2 cents.
There's a lot of companies today that say they do anonymize data. Having seen this first hand, I know that the current system is prone to human error, which means on occasion batches of data meant to be anonymized are not, and so an honest mistake can turn your or my data over to unintended people, for unintended consumption.
I'm not proposing a solution either, but I do know that, thanks to social media, we are more interconnected than ever which means our collective voice matters. So many cases of corporate policy breakdowns that have been reported by the public and have been corrected thanks to the global outrage of social media which I bet would have not been addressed otherwise, or not as quickly.
So my point is, we can take action when we see wrongdoing. We can make our voice heard by taking our business elsewhere when we see data malpractice. And we can get others to do the same. The speed of response by which certain companies address the problem is unprecedented too, thanks to social media.
EDIT:
The following 5 users say Thank You to xplorer for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,359 since Dec 2013
Thanks: 3,696 given,
8,761
received
Great points @bobwest and @xplorer. I'm not sure that the "global outrage of social media " has actually fixed anything, but it has in some cases gotten people fired and at least in theory 'policies changed'.
The following 4 users say Thank You to SMCJB for this post:
Well to me policy changes means the corporate machine, which is very sensible to shareholders' opinion, is listening more to its client base. Why wouldn't they? The public perception, which in today's world can be strengthened via YouTube/FB/Twitter etc., is a huge incentive not to leave problems unaddressed. After all showing that I care about my customers tends to pay off.
Some cases that come to mind: United Airlines incidents (chiefly the David Dao one for which UA CEO's had to apologize), Apple's batterygate situation and the Weinstein sexual assault saga are all recent examples where public opinion has steered corporate policy, hopefully in the right direction, that may have otherwise been treated as isolated incidents (and thus forrgotten by each corporation) without the amplification of social media.
The following 4 users say Thank You to xplorer for this post:
This showed the CIA
1. Turned Smart TV into listening devices
2. Backdoors built into Windows and Apple OS
3. Backdoors built into iPhones
4. Computer chips built with backdoors.
This information showed that these …
and it includes a post on twitter's invasion.
Vault 7 showed a huge storehouse of spying software to be used on the general public. They not only built-in backdoors to monitor everything on your machine and control it they even make chip makers put backdoors in their chips.
These tools are now out in cybercrime's hands. So it isn't the CIA - it's all the criminals as well, including large companies with less than moral uprightness and anyone who wants to download the tools.
Recently Equifax had a breach of its extensive databases which cover not only at least 130 million Americans but many individuals in other countries. Though they are required to report a breach immediately they waited months.
Identity theft strikes millions of Americans each year (30 m?)
Equifax gathers the info without your consent. It did not encrypt the databases. It does not use file separation.
Most companies don't care about the harm they cause you - just their profits.
..........
peace, love and joy to you
.........
The following 3 users say Thank You to aquarian1 for this post:
