FTC Supposedly Getting Ready To Go After Google For Antitrust Violations

California Attorney General Uses Twitter To Threaten United Airlines With Possible Legal Action

from the pointless-privacy-policies dept

Fri, Oct 12th 2012 3:32pm — Mike Masnick

Can we just admit that laws requiring privacy policies are a dumb idea? They make almost no sense. No one reads them. And the laws requiring them don't require that you actually keep info private... just that you have one of those privacy policies that no one reads and no one cares about. The only ways you get in trouble are (a) if you don't have a privacy policy or (b) if you don't abide by your privacy policy. Thus, the basic incentive is to write a privacy policy that is opaque and which no one will read -- and which says "you have no privacy at all, we can do whatever we want with your data" so you could never violate it.

But grandstanding politicians see this as an easy and cheap way to be seen as "protecting the little guy" even though it does nothing along those lines. It appears that California Attorney General Kamala Harris may be jumping into the fray -- and bizarrely using Twitter to passive aggressively threaten United Airlines. In a tweet, she asks the company where its privacy policy is on its mobile app:

Fabulous app, @united Airlines, but where is your app’s #privacy policy? 1.usa.gov/SWGCTm
— Kamala Harris (@KamalaHarris) October 12, 2012

That link is to California's law that requires privacy policies. But, once again, we're at a loss to see what this does for actual privacy, if anything. If the app doesn't have a privacy policy, does that change how United Airlines uses people's data? Doubtful. Is anyone who uses the app actually reading the privacy policy? Doubtful. If they do, will they understand it? Unlikely. So, what does this kind of thing do? You'd think that there were, perhaps, more pressing things for the state to focus on rather than harassing companies on Twitter.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: apps, california, kamara harris, privacy policy
Companies: twitter, united airlines

15 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 12 Oct 2012 @ 3:50pm

" If the app doesn't have a privacy policy, does that change how United Airlines uses people's data? Doubtful"

I question that. If a company is forced to come up with a public privacy policy, they will be more likely to follow those rules internally, and they are less likely to put something public that says "we'll do whatever we please."
[ link to this | view in chronology ]
- John Fenderson (profile), 12 Oct 2012 @ 4:10pm
  
  Re:
  Except that the vast majority of privacy policies that I've seen simply say "we'll do whatever we please," except in thick legalistic jargon.
  
  Privacy policies really are worthless. Companies who care about treating their customers right will do so with or without such a policy. Companies who don't will just write the policy to let them do whatever they want anyway.
  
  The idea was that at least people could know what the site will be doing -- but as with contract, click-through agreements, and etc., all you have to do is make it long and impenetrable enough and the few people who bother reading it won't understand it anyway.
  [ link to this | view in chronology ]
  - Anonymous Coward, 12 Oct 2012 @ 5:22pm
    
    Re: Re:
    They usually go something like this: We promise,cross our hearts and hope to die, to never, ever, ever share your information with anyone ever, except as permitted by law.
    [ link to this | view in chronology ]
  - MHab, 13 Oct 2012 @ 4:29pm
    
    Re: Re:
    Sounds a lot like facebook (we'll do what ever we damn well please with your dataz!!!)... seems like every other day they are in the news for something related to customer data/privacy
    [ link to this | view in chronology ]
  - Anonymous Coward, 15 Oct 2012 @ 2:06pm
    
    Re: Re:
    Your experience differs from mine, I guess.
    
    You seem to assume that everyone within a "company" feels the same way about things. I don't think that's true, especially within a large company like United Airlines.
    
    But if the policy-makers have to confront an issue and create a formal policy, I think you're a lot more likely to get compliance with that policy from the middle management and others that might otherwise do whatever they feel like individually.
    [ link to this | view in chronology ]
    - John Fenderson (profile), 16 Oct 2012 @ 8:38am
      
      Re: Re: Re:
      You seem to assume that everyone within a "company" feels the same way about things
      
      I assume no such thing. I'm not sure why you think that I do.
      
      But if the policy-makers have to confront an issue and create a formal policy, I think you're a lot more likely to get compliance
      
      I agree. My point is simply that most privacy policies specify that you have little, if any, privacy, so "compliance" is meaningless.
      [ link to this | view in chronology ]
Anonymous Coward, 12 Oct 2012 @ 7:12pm

I'm pretty sure the privacy policy is here: http://www.united.com/web/en-US/content/legal.aspx

Seems like she just fails at looking.
[ link to this | view in chronology ]
- Anonymous Coward, 13 Oct 2012 @ 9:48pm
  
  Re:
  I haven't seen the mobile app, but I assume it doesn't have that link in it.
  
  This is Californian law. Does that mean all US companies need to adhere to every law for every state? Hypothetically, what would happen if a state had a law banning privacy policies?
  [ link to this | view in chronology ]
  - Anonymous Coward, 15 Oct 2012 @ 2:07pm
    
    Re: Re:
    Every state you're doing business in, anyway. In your hypo, you have to adjust your actions depending on what state you're targeting.
    [ link to this | view in chronology ]
Bob Webster (profile), 13 Oct 2012 @ 8:33pm

All you need is a policy. Any policy.
This privacy policy has been in effect for several years now, and has served me faithfully.

http://xpda.com/junkmail/privacy.htm

(In case the link doesn't go through, the privacy policy consists of someone headed to an outhouse in the deep snow, with the caption "Close the Door Before You Go.")
[ link to this | view in chronology ]
Anonymous Coward, 14 Oct 2012 @ 6:48am

These agreements and policies are just a bunch of legal mumbo jumbo voodoo and I have never read an entire document.
So you put it up on the web with a Checkbox waiting to say 'I read that' but you have no real proof. How about making them shorter and making me prove I read it. How about a short quiz at the end of it? Yea right!!
I want a universal ID system for the web. Then I won't have have to agree any more. I am logged in and if I use your stuff I agree.
One log in for each person. I am so sick of logging in, that I want to stay permanently logged out.
I don't want to log in with Facebook (takes longer) or register for an account. I simply want to pick my web name from the cloud and if no one else is using it I get it. I can then maintain my log in account on my own. I would gladly pay for this annually, do you hear me entrepreneurs? Then all I would have to do is start my computing device and log in once. No expiration, no you waited too long.
Because of the log in nightmare I as a developer have to maintain a text file that is currently 350 lines of user names and passwords. I have to keep it encrypted and make daily backups of it because if I lost it or got it stolen I could never recover it, never.
Let's use some intelligence in the software development please. It's very simple to see if I have rebooted or changed users on my computer. If so then ask me for the ONE password for my ONE log in.
[ link to this | view in chronology ]
Anonymous Coward, 14 Oct 2012 @ 9:41pm

The purpose of these laws is to enrich plaintiffs' attorneys.
[ link to this | view in chronology ]
- Anonymous Coward, 15 Oct 2012 @ 9:02am
  
  Re:
  There has to be a private right of action. Do you know that there is one?
  [ link to this | view in chronology ]
Lennart Regebro, 19 Oct 2012 @ 11:32pm

You get in trouble if you don't abide by the policy?
Really? In what way? Because if you do, then that means privacy policies are actually kinda useful. I always thought the problem was that you can have a policy and then ignore it.
[ link to this | view in chronology ]
sam, 31 Oct 2012 @ 9:07am

Enter your zip code here
Don�t forget to blow your nose gently each time after you finish the procedure. This way you will speed up the cleaning process. Usually patients with neti pot deviated septum , who use neti pots, notice improvement from the first day of their treatment.
[ link to this | view in chronology ]