While I understand why these things tend to be opt-out by default, I'm surprised there was no email from Verizon updating users about these new settings with a link to opt-out if they wanted to.
I used to think that the telecom industry is a lot more regulated than social network companies like Facebook, but I guess that's not really true!
I received an email a while back from them basically saying they were going to start taking privileges with my data if I didn't go to a page and opt-out. I don't remember the text, but that was the gist.
[Edit]
Did some digging and the email subject was: Important Update Regarding Your Privacy
It has various sections on what will be used and how with a call to action at the bottom listing your options.
Opening text: Why am I getting this notice?
Your privacy is an important priority at Verizon Wireless. Our Privacy Policy (available at www.vzw.com/myprivacy) informs you about information we collect and how we use it. Today we want to tell you about some important updates relating to two new uses of information. Verizon Wireless will begin using the information described below for (1) certain business and marketing reports and (2) making mobile ads you see more relevant. If you do not want us to use this information for these purposes, you can let us know by using one of the options described in the "Your Choices" section of this notice. This supplements our Privacy Policy.
Your choices section:
If you do not want us to use your information for any of the purposes described above, please let us know at any time by:
I received the same kind of email from AT&T awhile ago. I immediately called them up, and asked to opt-out. After 30 minutes on the phone, the representative told me that the "feature" hasn't been rolled out yet, and I should call back a month later.
Guess what? I completely forgot about it. That was probably the intention all along....
Thanks for the reminder, though!
I had a similar experience with Clear (wireless) and the binding arbitration clause in their ToS. When I called to opt out (because one cannot do so online, of course :-/ ) I was transferred 6 times and in the end the drone finally gave up and just asked if putting a note in "my file" would be sufficient. At that point, I think we were equally frustrated with one another and I settled.
But I can easily imagine some lawyer-type dreamed up such a clause but failed to tell anyone else in the business about it.
They are definitely more regulated than social network companies, fortunately though they've captured the regulator as predicted by economics so they get to seek rent instead of worrying about regulators.
The telecom industry has so effectively captured their regulator that when they are caught tapping phones without warrant they are exempted from lawsuits instead of prosecuted vigorously.
If you offered a non-compliant unlimited data/voice/voicemail plan for $20 a month you'd have people lined up around the block, no one would care your phone won't work with CALEA and no one would care that your address wasn't in the 911 database. You'd also be extremely profitable using off the shelf hardware like software radios, and non-compliant open source telephony software.
http://www.forbes.com/sites/andygreenberg/2012/04/03/these-a...
"Wiretaps cost hundreds of dollars per target every month, generally paid at daily or monthly rates. To wiretap a customer’s phone, T-Mobile charges law enforcement a flat fee of $500 per target"
I'd be happy my phone wasn't compatible with CALEA, I might care about 911 (else I'd have another tool/app to serve me) and as long as I can communicate, I'm not to concerned about scary "open source" stuff.
Having multiple people report a claim is good. Also, capturing screenshots etc. of everything you find,since they have a tendency to change and disappear quickly :)
Unlikely. They know all about this already. I'd recommend contacting your member of congress. Also, it's the FCC, not the FTC, who regulates phone companies.
I'm familiar with the targeting technology that's being rolled out and the people/companies involved with the project. They've extensively briefed both FCC and FTC plus key members of congress, and have received a tacit blessing to proceed because of a double-blind hardware technology involved to limit the identification of individuals, and the measures taken so far to alert consumers.
Not to say that it's good or bad to do this. But a company like verizon isn't going to proceed without covering their ass from a regulatory perspective.
I'm Canadian so obviously our privacy laws will be different but when I worked at a Telecomm we were told that in order to be compliant with the law we could only use customer data for what they has explicitly agreed to. Any changes to what we want we need to have them approve it again.
Well, yeah, but for the obvious reason - tweets are meant to be short and consumed in large numbers, but aren't generally meaty enough for a discussion, while some people are using Google+ as essentially a blogging platform. 140 (or 256) characters is rarely enough for an entire HN discussion, but that doesn't mean I don't enjoy reading dozens of tweets at a time to get a sense of what's going on.
Actually, many of those tweets have links, so in some sense Twitter competes with HN as a link aggregator, not with Google+ as a primary source.
Comprehending why the Twitter limit exists should let you comprehend why there's no point for App.net to follow it.
The service won't actually be used for "micro-blogging" unless users are constrained by some limit, but 144 is too damn small. Nobody would ever have picked it if they weren't forced to, and these days they aren't.
What infinitesimal fraction of modern Twitter users in App.net's target market do you imagine use the service via SMS? The limit a legacy of an irrelevant use case.
I'd probably have gone a bit higher than 256 myself (disregarding attachment to powers of two), but it's an improvement.
> The service won't actually be used for "micro-blogging" unless users are constrained by some limit, but 144 is too damn small.
The funny thing is that in languages like Japanese and Chinese, where one "character" contains a lot more info than one Latin letter, Twitter is used in quite a different way.
I've been using Tent (https://tent.io) which also adopted 256 characters, and I think it's actually quite generous for statuses. Maybe too much; the nature of microblogging changes when you don't have to be concise. I bet the sweet spot is probably somewhere in 160-200.
Sticking to 140 would be a good standard for a microblogging standard since it would allow you to syndicate out to Twitter and you could emulate the API and automatically have other apps support that character limit.
If you go beyond 140 it is then no longer a microblog post, but rather just an ordinary blog post.
I'm not sure how many Twitter users actually use SMS any more. I tried to use it to send in an update a few weeks ago and it took ~4 hours for the tweet to appear in my timeline. I'm in the UK so maybe they have better response times in other countries.
Just so everyone knows, AT&T does the same thing. You have 30 days from the date of your contract before they start passing it out, but I believe you can opt out of future transactions on the site. Try going to http://att.com/ecpnioptout (if you got a new contract with your iPhone 5, do it this week!)
Edit: I should say, AT&T does something similar. I do not know if it is the same thing, since their opt-out page makes it sound rather innocuous compared to the vague language used in the mailed letter. CPNI = Customer Proprietary Network Information
AT&T's is much more invasive -- it is across all of their telecom platforms (DSL, TV, wireless, wifi, etc). They also will log location information for advertising: http://www.att.com/gen/privacy-policy?pid=2506
If they were to begin network sniffing, they could potentially build powerful user profiles that would be more valuable than Facebook's data (and truly "frictionless"). Your passive internet browsing would start influencing the commercials you see on TV.
Further update, because I can no longer edit my post...
If you're trying to opt out and it isn't working for any reason, attempt it again during normal business hours (9-5, EST or PST) and see if it does work. As ridiculous as it seems, many functions cannot be performed outside of this window including registering my billing account. Try again tomorrow around midday and those mysterious "timeouts", "unknown errors", etc may magically disappear. If not, your provider should have a phone number you can call (oh, goody) to take care of the same thing.
These are the steps to opt out of Verizon “selling your personal data”, as far as I can tell:
Visit http://www.vzw.com/myprivacy. If you are not already signed in to My Verizon, you will be prompted to sign in – after doing so, return to that myprivacy page.
You should now be at “Location Management” > “Location Privacy Settings”. I’m guessing that this is where you actually opt-out. I’m not sure because there’s nothing for me to do here – I see “There are no services available. A location service must be downloaded on the handset to be listed here.”.
No, I had several options on the page linked by OP. When I went to the locationmanagement.vzw.com page, it says, "There are no services available. A location service must be downloaded on the handset to be listed here."
A related story: I was recently shopping around for a new ISP. One I considered was Verizon FiOS. In order to see the prices in my area, I had to enter my address.
Two weeks later, I got a letter in the mail. Written outside on the envelope was something like: "We noticed you were checking out our website! Here's a special offer just for you..."
It's not the same as what OP posted, but it certainly left me creeped out.
Heh, that's why I always fake address details when I'm checking out cable or DSL options. Of course they're going to use the personal information you enter for marketing purposes, that's why they ask for specifics like apartment number and your mobile number that they don't need to determine service availability.
It is possible to enter completely fake information, rather than someone else's address. (For example, aside from the burden on the post office, I think entering a street address for an apartment complex without an apartment number harms no one.)
Why are you so creeped out that they sent you a piece of advertising by mail after you gave them your address? It'd hardly be surprising these days if you received spam after giving away your e-mail address.
I get pounds of mail every year advertising U-Verse when AT&T doesn't offer U-Verse at my address. The mail has been coming for years now. Big thick envelopes full of brochures, little letter-sized envelopes, oversized postcards. At least Verizon is advertising a service you can actually buy.
When I was last shopping for DSL internet service in the UK, every provider would require you to enter your phone number to see what speeds they could provision you with.
Most had a small box to uncheck to avoid a marketing follow up phone call.
But at least one company didn't have a box--they just had a message saying that if you entered your phone number to check for service, they would call you at some unspecified later date. There was no way to opt out.
given the increasing ubiquity of these kinds of deals and the quixotic whack-a-mole game they call opt outs, how dumb would it be to cut out the middle men and just say "hey, for the low price of whatever you're paying now we'll all just sell you our habits, cookies, weblogs, location data, brand preferences and shopping habits (via some up front mobile aggregator of said data). It seems likely that people spend enough collectively tracking and profiling me that it might pay for a night out a month if we cut out the middle men. And hell, it might even have an unexpected bonus - the law of the jungle say if it runs chase it and if it chases you, run. Maybe you'd stop being desired tracking target in the end :)
You're expecting the NSA-hats will get bored watching us check into the same restaurants and movie theaters after months and years? You're more optimistic than me.
"Verizon" and "Verizon Wireless" are separate companies. It looks like this refers to Verizon Wireless: e.g., if you have Verizon service for phone, FIOS, or whatever, you are unaffected.
Well, they're probably still selling your personal data, but not in this specific instance.
Will using https prevent them from doing this? I imagine it would stop data gathering and referrer gathering but the source URL request they would still be able to see?
A VPN would be the only option to keeping them completely blind? I can set up a VPN on an Amazon micro instance for free. The amount of data used should be nothing or mere pennies per month to Amazon.
The only trouble is keeping a VPN up. I find on an iPhone at least that while once working, it works reliably, but keeping it working is unreliable. It seems when you transition from one network to another, one wifi to another, one cell tower to smother, or from wifi to cell and vice versa, the connection can often drop.
I wish there was a setting like "auto connect VPN when any data request is made".
I've tried VPN's from Amazon of my own creation as well as the VPN included with my GigaNews account.
I'm sure running the VPN on your mobile is great for battery life.
I am already looking forward to the upcoming VPN witch hunt. When US provider are really going through with the six strikes "warning" system [1], VPNs will become more and more mainstream. It is going to be interesting which kind of CP/Terrorism yadayada they are going to pull this time.
As a VPN user for closed to ten years nw (yes, I am that paranoid/live in a tough-on-downloads region) I can honestly say, that its benefits outweigh the negatives by far. But it takes some time to find a stable VPN service, that fits to your expectations.
Correct me if I'm wrong, but I've always had the understanding that VPN providers would give you up to the feds in an instant if they came knocking on their door with a court order for suspected criminal activity.
I'm in the process of looking for a solid VPN provider myself, and this is the impression I'm getting after reading the terms & conditions for services like Private Internet Access and VyprVPN.
I think eventually the answer is to move away from centralized and for-profit providers and network architecture, both for the hardware side of the network and the software side.
Maybe opting out is not how to stop this abhorrent practice of selling personal information. There is much more at stake than sites just selling email address lists. There is much more detailed information involved.
Perhaps what would work better is flooding these marketers with false information. This is what hampers email lists. Most the addresses do not work.
As it stands the few (or many) people who fail to "opt-out" (or fail to use proxies) may make this sort of personal information sales market worthwhile because the information gathered is detailed and reasonably accurate. It's not just a list of disposable email addresses. It's higher quality.
Does anyone know if this applies to iPad-only customers? That's my only Verizon account, but the opt-out link requires a phone number to log in. (Ditto for the "forgot user id" form.)
I retrieved my iPad phone number as per the other comment and logged into the website. Their site says my info is being shared and when I try to switch this it says the settings can not be saved. Calling the 800 number says I am already opted out.
I tried speaking with a CS agent who had no idea what privacy settings I was talking about and then said it does not apply to pre-pay customers. I think she was just trying to get me off the line.
So I'm not sure if this applies to iPad customers or if it is possible to opt out.
I do like how it's illegal to sell a person video rental history, but totally fine to sell information that shows everywhere they are at anytime of the day.
Your privacy is an important priority at Verizon Wireless. Our Privacy Policy informs you about information we collect and how we use it. Read our Privacy Policy.
Location Based Services ("LBS") Privacy Settings
A location service is any service that provides access to location information, such as maps of places of interest and turn-by-turn directions, on your handset. These services may require Verizon Wireless to access the location of your handset. For location services you use that are supported by Verizon Wireless, you can Manage Location Privacy settings.
Customer Proprietary Network Information Settings
As a provider of certain telecommunications services, Verizon Wireless collects certain information that is made available to us solely by virtue of our relationship with you, such as quantity, technical configuration, type, destination, location and amount of use of the telecommunications services you purchase. This information and related billing information is known as Customer Proprietary Network Information (CPNI). The Federal Communications Commission and other regulators require the Verizon Companies to protect your CPNI.
Verizon Wireless shares information among our affiliates and parent companies (including Vodafone) and their subsidiaries unless you advise us not to. Sharing this information allows us to provide you with the latest information about our products and services and to offer you our latest promotions.
Settings Don't Share My CPNI OK to Share My CPNI
Business & Marketing Reports
Verizon Wireless may use mobile usage information and consumer Information for certain business and marketing reports. Mobile usage information includes the addresses or information in URLs (such as search terms) of websites you visit when you use our wireless service, the location of your device ("Location Information"), and your use of applications and features. Consumer information includes information about your use of Verizon products and services (such as data and calling features,device type, and amount of use) as well as demographic and interest categories provided to us by other companies (such as gender, age range, sports fan, frequent diner, or pet owner). We will combine this information in a manner that does not personally identify you. We will use this information to prepare business and marketing reports that we may use ourselves or share with others. We may also share Location Information with other companies in a way that does not personally identify you. We will allow these companies to produce limited business and marketing reports. See our Frequently Asked Questions for more information about these reports.
You have a choice about whether we use your information for these reports.
Settings Don't use my information
for aggregate reports OK to use my information
for aggregate reports
What is really strange to me is the page is different in firefox and chrome (3 options vs 2), the chrome page doesn't work, and if you turn off everything in firefox, then reload the page in chrome, chrome shows them still all being on.
Unrelated, but having had to log in, I'm now reminded of a VZW security issue:
Can someone explain the doubtless backward and sloppy thinking that would convince Verizon that they should forbid their users from including symbols in their passwords?
This is to prevent users from creating passwords they cannot remember. It could very well be true that having a streamlined password recovery system (weak to social engineering) is less secure than having easy-to-remember easy-to-guess passwords.
I don't think it even remotely adds to the discussion to pick some usability issue and harp on it. These kind of comments crop up for every story. Easy way to score points, not useful, buries better comments.
I think a good rule of thumb is that if you didn't need to read the article to make a comment, it's not a good comment.
You're way out of line flagging this, in my opinion. It's a security issue, and a big one at that. I also see no reason to believe that the user is attempting to "score points". Lastly, the comment is in fact quite useful.
I agree wholeheartedly with this. We're supposed to be the good guys--revealing security issues should be something that gets heavily rewarded with karma.
That's exactly what the down-vote is meant for. If you think a comment is off-topic, down vote the post and perhaps add a comment as to why you think it deserves to be down-voted.
Flagging is expensive, in that it requires mod (human) attention. It should be reserved for spam and other egregious posts. Let the mods spend their valuable time on more important tasks.
I wasn't aware that flags required moderator attention. I assumed that once an article was flagged enough times, a mod would be alerted, but not that each flag would trigger an alert.
I would very much like to get moderators' attention or feedback on this. I don't think these kind of comments should be banned, but I think they would be curbed if there was a community guideline.
Good point. I don't know how the HN software is written but my guess is that when it's time to take action (X number of flags), it's something a looks at.
There could be a level of automation built into this where X number of high reputation members flag something, it could automatically be banned.
Either way, I think flagging is more fitting to abuse than off-topic. I agree with you that it would be great to get a mod to weigh in on this.
Unfortunately, many of us don't have downvote rights yet. If this were the case, I definitely wouldn't flag unless community standards were flagrantly violated!
Do moderators actually go through all flagged items? If so, that would probably explain why I can't flag anymore. I assumed flagging was automated, so I basically used it as down-vote for articles.
I emailed info@yc about my lack of flagging ability a couple months back. They said nothing was wrong with my account. Now I feel bad that I wasted someone's time. :(
I should have been more clear that I was speculating that a flag ultimately required mod attention. I'm going based on personal experience with forums and software development.
Be very wary of flagging. I believe (corrections welcome) it can result in an entire account being invisi-banned without notice to the user. Should be reserved for the most egregious offenses, with downvoting used for the rest.
I called Verizon and they said this is a phishing scam... Has anyone else independently verified the original claim with Verizon, other than through their website/privacy TOS?
Wow. They claim that a page on the verizonwireless.com/vzw.com domain with a class 3 SSL certificate is a "phishing scam". This is probably some form of scummy damage control - convincing uninformed customers that it had nothing to do with them.
While I understand why these things tend to be opt-out by default, I'm surprised there was no email from Verizon updating users about these new settings with a link to opt-out if they wanted to.
I used to think that the telecom industry is a lot more regulated than social network companies like Facebook, but I guess that's not really true!