"In our world of customized online services, responsible use of data is critical to establishing and maintaining user trust," said Anne Toth, Yahoo!'s Vice President of Policy and Head of Privacy. "We know that our users expect relevant and compelling content and advertising when they visit Yahoo!, but they also want assurances that we are focused on protecting their privacy."
The new limit puts Yahoo well ahead of its competition. Earlier this year, Google reduced its data retention time frame from 18 months to nine months, and Microsoft vowed to cut its data retention policy to six months if its rivals did the same.
Yahoo will begin implementing the new policy next month and says it will be effective across all of the company's services by the middle of 2010.
Sony BMG has agreed to pay $1 million to the Federal Trade Commission to settle charges claiming Sony violated the Children's Online Privacy Protection Act (COPPA). While $1 million might seem a drop in the bucket to a company like Sony, the FTC points out the $1 million penalty matches the largest ever paid in a COPPA case.
The suit, which was filed just yesterday, alleged that Sony managed to collect personal information on roughly 30,000 users under the age of 13, including full names, gender, birth date, email addresses, mobile phone numbers, and in some cases, full mailing addresses. According to the FTC, the information was obtained through various Sony-owned websites designed to promote and advertise the company's music offerings, but didn't restrict visitors under the age of 13 from registering.
"Sites with social networking features, like any Web sites, need to get parental consent before collecting kids' personal information," FTC Chairman William Kovacic said in a statement. "Sony Music is paying the penalty for falling down on its COPPA obligations."
In addition to the $1 million penalty, Sony must also delete all personal information it had collected from those under 13 years old, and must also distribute the FTC's "How to Comply with the Children's Online Privacy Protection Rule" to all of its employees. In addition, Sony's also required to link to the children's privacy section of the FTC's website for five years.
In the end, it might be easier keeping a problematic IT administrator on board than to let him go. Top level execs take note - according to a new survey, which pinged 300 IT administrators still with a job, a staggering 88 percent admitted they would steal company secrets if they were laid off.
The information IT professionals not-yet-scorned said they'd take include the CEO's passwords, the customer database, R&D plans, financial reports, M&A plans, and the company's list of privileged passwords. And when it comes to that last one, administrators don't even need to be laid off in order to start poking around. More than a third of those surveyed claimed to have used privileged passwords to snoop on the network, look up salaries, and peek at other personnel details assumed to be private.
"Our advice is secure the most privileged data, and routinely change and manage them, so that if an employee's contract is terminated, whether sacked or made redundant, they can't maliciously play havoc inside the network or vindictively steal data for competitive or financial gain," said Udi Mokady, chief executive of security firm Cyber-Ark.
From smart displays capable of identifying its viewers to a recent push for more rich media ads, privacy seems to be taking a backseat to ad revenue. But while companies toy with ways to make more money through online ads, at least one person in Congress wants to make sure your rights aren't getting trampled in the process.
Rep. Edward Markey (D-Mass) has seen enough and believes online monitoring services working on behalf of the advertising community should make their intentions clear and be required to obtain approval before tracking your online activities. He's not talking about innocent cookies, but deep packet inspection (DPI) technologies.
"First, there is a distinction in the detail, type, and amount of data collected," Markey said. "As opposed to individual websites that know certain information about visitors to its websites and affiliates, deep packet inspection technologies can indicate every website a user visits and much more about a person's web use," he said.
Not everyone shares Markey's same concerns. Robert Dykes, CEO of NebuAd, claims his company doesn't run afoul of privacy rights and translates visitor's IP addresses it gathers into anonymous identifiers. Furthermore, Dykes claims an opt-in program would cause "major harm" to the current infrastructure of the internet, which thrives on advertising revenue.
Does Dkyes have a point, or is markey right on the money?
It seems that either Viacom came to their senses about making Google turn over user data on YouTube, or they didn’t like the bad press that their suit was generating. They have reached a deal to protect the privacy YouTube watchers everywhere and will allow Google to anonymize YouTube user data.
Previously Viacom succeeded in getting Judge Louis Stanton of the U.S. District Court for the Southern District of New York to order Google to turn over as evidence a database what videos users watch, the users' computer addresses, and their usernames. Many groups including the Electronic Frontier Foundation argued that the order "threatens to expose deeply private information" and violated the Video Privacy Protection Act. Whether the Act, created when VCRs were high tech, could be applied to YouTube was debatable. Viacom and Google’s deal avoids the legal snarl all together.
If you are into deciphering legalese (and we can assume you are into self flagellation too) you can read the details here.
Following up from a previous post, Google is asking Viacom to respect users’ privacy and let them to anonymize the logs before handling them over to Viacom under the court order. “We are disappointed the court granted Viacom’s overreaching demand for viewing history,” Google said.
Efluxmedia.com says that Viacom had said in a New York Times interview, “The information that is produced by Google is going to be limited to outside advisors who can use it solely for the purpose of enforcing our rights against YouTube.”
So the data is going to go to third parties. Somehow, that doesn’t make me feel any better about user privacy. We can hope that there will be a legal challenge mounted in the next few days against releasing user data unfiltered to Viacom.
Have you been uploading copyright protected content on YouTube? Have you even been looking at it? Viacom wants to know, and a Judge has ruled in the recent Viacom v. Google case that Google has to turn over “all data from the Logging database concerning each time a YouTube video has been viewed on the YouTube website or through embedding on a third-party website”.
Kurt Opsahl with the Electronic Frontier Foundation disagrees with the courts ruling arguing that the court, “erroneously ignores the protections of the federal Video Privacy Protection Act (VPPA), and threatens to expose deeply private information about what videos are watched by YouTube users”. The VPPA was passed in 1988 as a result of Supreme Court nominee Robert Bork's video rental history being published during his Supreme Court nomination.
I agree with Opsahl, someone’s YouTube history should be just as private as their video rental history. Privacy is harder and harder to maintain in a world where technology is outstripping existing laws, which often must be judged by people with little experience in technology. We certainly don’t need which version of Star Wars Kid we were watching to be available for anyone to look at, or for companies to go trolling for lawsuits in data. Where do you come down on the issue?