Five Common Privacy Violations On The Web

Collecting user data without any concern for privacy or users’ wishes has become commonplace on the web.
It’s wrong, and we should start to act against it by avoiding the sites that don’t respect users’ privacy.

And if you are a designer of such a system: Do the Right Thing. Let your users control their data.


There’s a plague going around the tubes that are the internets in recent times: Companies think they own our data.

The problem has existed to some extent as long as the internet has been used for business, but recent “web 2.0”-ish developments seem to have been interpreted by many companies as a blank cheque to our information.

Here is a short list of some techniques that I have come across in the past few weeks that really suck:

1. Forcing you to create an account

I had a buy a specialised cable recently that was hard to find in local shops. No problem: online, there is always someone who’s got what you need. I found an obscure little company in Germany that had just the right cable for a reasonable price. I wanted to buy it.

To do so, they want me to create an account, permanently storing my information (including credit card details). I don’t want no freaking account! I just want one cable.

I’d like to give them my information (credit card and address) then I’d like them to process the sale, and after a couple of months or so when the transaction is well and truly completed, I want that information to be deleted from their servers. I know that I will never deal with this company again. Why should I create yet another account, have my credit card details stored indefinitely in yet another database that I have no control over, and risk more identity theft?

According to them, it’s all in the name of “customer service”. No, people, it is not “service” if I am forced to do this against my will just to buy something.

2. No option to delete

The second half of the create-an-account scam is that you can never delete it. This is an annoyingly common problem nowadays. I have seen many sites that allow you to create an account, edit it, extend it, but include no easily accessible option to delete it. Facebook is such a site. Just go and try to delete your Facebook account. When you look for the option, the closest you will find is a function named “Deactivate account”. Choose it, and you will see this:

First of all, if you want to delete your Facebook account, maybe because you don’t want them to store your data anymore, the first thing they do is to collect more data from you: You have to tell them why (“required”).

Next note the “You can reactivate your account at any time…” statement. If you do reactivate your account a year later, everything is still there as you left it. You wanted to delete it permanently because you don’t like Facebook’s new privacy policy? Tough luck. You need to take it up with them personally. No function for that in their interface. And it’s not even really deactivated: other people can still see your “deactivated” account. And, of course, your Facebook cookies don’t get removed either, so that you are still being identified to their advertising sites.

It’s Hotel California come to life: “You can check out anytime you like, but you can never leave…”

3. Collecting too much data

Consider this account creation screen from YouTube:

Email address, user name and password – fair enough. I can understand that. But why the hell do they have to know (“required field”) my country, post code, gender, and date of birth just to let me comment on a video? That is really none of their business. Why do they collect this? Because they make money from it. It allows them to target advertising, and charge their customers more for placing the advertising. It is in the sole interest of the company, not of me as a user, but I get neither told why this is collected, nor offered the option to opt out. (Short of just lying to them, but that’s another story.)

And then there’s the helpfully pre-selected choice to be subscribed to a spam list… Let’s leave that for another day.

This also is common now. YouTube is, in fact, not the worst example by far. Just a high profile one.

4. Changing agreements

One of the absolutely worst things a company can do is to promise to handle your data in one way, and then to do something different. Google, for example, state quite clearly in their terms of service, that they reserve the right to change their terms at any time, and that just by continuing to use their system, you agree to any change that they may come up with later.

And they have just made such a change: Someone at Google obviously thought that it is suddenly a good idea to take all your private RSS feeds (which were part of your private profile until recently), and share them with everyone in your address book. Friends, family, your boos, clients. No question asked.

Again, you have signed way any rights to complain, the company is in full control. They did a similar thing at first when Google Mail was introduced: The first EULA stated that the personalised information collected through Google Mail would not be linked with Google search information (since otherwise all your search information would become personal data). Well, what happened than? This clause disappeared from the Google Mail EULA pretty quickly and quietly. No such separation anymore. Now, log in to Google Mail, and Google will record any following search queries under your personal name.

5. Linking unrelated information

That brings us straight into the last category: linking separate systems to create extensive user profiles. Google, again, is the most prominent example here: I log in to Google Analytics, for example (which is a fantastic service), and afterwards all my Google searches or accesses to Google Groups are done under my identified account, unless I explicitly log out again. The user profile Google creates about us is vast and scary. To do this, they use a service where identifying yourself is reasonable (Mail, Analytics), and then just continue to use the knowledge of who you are for unrelated services where it’s none of their business who you are (web search, group browsing).

This is, again, all sold under the name of “service”. But again, I get no option to opt out, and the one that really profits from it is Google, not you.

Don’t Do It

I have chosen these sites and companies as examples because they are high profile cases. However, these practices are annoyingly common on the web today – there are countless examples. I have had many cases where I searched for the option to have my account data deleted without any success.

If you are designing a web site, bear this in mind: If you force me to create an account, I will go away and buy elsewhere. You immediately lose a customer.

If you’re someone like Google, you can force this through. With Google Analytics, for example, I grind my teeth and use it, because it’s such a great piece of software. But as soon as they have real competition that does the same without keeping a Big Brother eye on me, I’ll switch.

And Facebook, well, I won’t go near it. They are just way too creepy and arrogant in how they treat your data.

I hope that more people on the net will start to vote with their feet based on how people treat their data.

18 thoughts on “Five Common Privacy Violations On The Web

  1. WRT YouTube collecting demographic information so they can use it for advertising: isn’t this how YouTube makes the bulk of its money? Many sites offer services (for some definition of services) for free in the hope that they will support themselves with advert revenue. I agree that there should be a privacy statement indicating explicitly how your personal information will be used, and I agree that having to register for seemingly simple tasks is annoying as hell, but there is a reason.

  2. I agree with most of these, but I have to take slight issue with one: Account deletion. I do so not because the issues you bring up are not real, because they most certainly are both real and significant, but because the alternative–to allow immediate account deletion with a simple request–can be extremely ripe for abuse should someone gain access to your private details. Simply put, it’s a form of damage control.

    That being said I’m not convinced that’s really the purpose in this case, but that’s only on account of a generally suspicious attitude towards Facebook. Furthermore I can think of a few ways to get around this problem, so the current way of doing things isn’t all that motivated after all. It’s just a point that I missed while reading the post.

  3. The reason they have to ask for your date of birth is COPA – the Child Online Protection Act. If you collect “personally identifiable information”, aka email, you are required to ensure that those using your service are over 13. Hence, asking for a birthday. This is not optional.

    Now, YouTube might ask for it even if it wasn’t required, but they’re legally obligated to in this case.

    But honestly, if you don’t want them to know this stuff about you, just lie on the form. Who cares?

    The Facebook “you can’t delete your account” thing, on the other hand…

  4. _”Someone at Google obviously thought that it is suddenly a good idea to take all your private RSS feeds and share them with everyone in your address book.”_

    WTF!? Google doesn’t make public what feeds you subscribe to. They make public the *posts* that you decided to ‘share’.

    Your argument isn’t affected. You’re right, they *could* legally make your RSS feeds public. But it’s a distracting factual error.

  5. @ Kartik Agaram:

    Yes, I did mean “items” rather than “feeds” – that’s an error. And the sentence you quote is certainly not well formulated. The point I was trying to make is: Google took the items you had declared to share with your friends, and published them to everyone in your address book (without an opt-in).

    While badly worded in the post, the point still stands.

    Thanks for the correction.

  6. The real solution is to stop relying on “services” who are only gatekeepers. These “services” should instead be open source programs you can install and configure however you like, providing as much or as little information as you desire, transmitted with encryption, and only fields you flag are provided to a second party. Of course, you can’t “monetize” this kind of freedom and utility, so companies provide “software as a service” which means that THEY control it and THEY get paid for it. Kill the gatekeepers! Smash their gates! More here: http://chaosmotor.wordpress.com/2008/01/08/services-middlemen-and-gatekeepers/

  7. You are paying for these free services with your privacy (I’ll whole-heartedly agree on non-free services!). I can appreciate the issues these companies are facing, and I’m in the same anti-Facebook crowd because of privacy concerns.

    Question: would you be willing to pay for FILL_IN_YOUR_SERVICE to access it and not have to give up your privacy? The VAST majority of people would rather give up their privacy (most don’t understand the issues anyway).

    I honestly believe that this will never change, either. It doesn’t matter how many credit cards are stolen, how much evil get done, or anything else. People think free is just a little too neat, perhaps even neater than a digital watch.

  8. “Question: would you be willing to pay for FILL_IN_YOUR_SERVICE to access it and not have to give up your privacy?”

    But that’s a false dilemma, it’s not natively either-or; the only reason to frame it like that is if you believe that everything has to be for-profit. It would be pretty damned straightforward to code up an open-source, stand-alone, installable program that sits on your own machine and is under your own control. Think – like an IM program, but for social networking; like an extension of Trillian or Pidgin (gAIM). The idea that everything has to be done for profit is a dangerous mind-virus that has resulted in the destruction of our environment, of our economy, and of our democracy. We have to move away from for-profit thinking and start thinking about VALUE, not profit.

  9. Well, information about your country, postal code etc that one has to provide in order to post a comment on youTube *might be* useful in case he/she breaks the law (eg defamation). Site administrators are obliged to help track him/her down. So it *might be* partially justified. Of course that is seldom the case, I think.

    However, most of the issues pointed out here indicate many services break the (EU) law.

    – service provider has to delete user data when asked by him to do so, unconditionally
    – service provider has to delete user data when the service is completed (you bought it, you got it, they must delete you data from dbs! unless you state that you want them to store it! but this is not the deafult!!!)
    – service provider can not gather information that is not needed to complete the service (they can’t require you to fill in your gender when you buy a phone via inet)
    – the statement that the user agrees automatically for any further policy/EULA/etc changes has no effect. service provider has to
    1. inform you about any changes explicitly
    2. get your acceptance

    heh it’s what the EU law says (perhaps US too). with theese bad practices we’re building applications/services that can be easily sued by users

  10. cool subject, I never try to close any of my web account all around the web.. Maybe I have than 5 youtube account and more than 20 adobe account. He request a account for any try download…

  11. Pingback: Tagz | "Five Common Privacy Violations On The Web" | Comments

  12. THANK YOU! I used your article as my new CV on a job search site where I couldn’t delete my profile… In fact, they only let you “hibernate” for a maximum of 3 months!!! After you’ve forgotten all about it, your most private info is visible to the world again…

Leave a Reply

Your email address will not be published. Required fields are marked *