Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Yahoo Treading Carefully Before Exposing More Private Data

kdawson posted more than 4 years ago | from the can-you-say-buzz dept.

Privacy 107

crimeandpunishment writes "Yahoo hopes to turn on a new sharing option without turning off its users. The company is trying to avoid the privacy backlash that has befallen Facebook and Google. It's advising its email account holders, all 280M of them, to review their privacy settings in advance of Yahoo's new features that will share users' online activities and interests with people in their address books, unless they take steps to prevent it."

Sorry! There are no comments related to the filter you selected.

Why I Left OpenBSD (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#32447166)

I was a long-time OpenBSD user since the 3.1 days, and cut my teeth on Unix development there. I was attracted by its focus on security and conscientious coding practices. I was happy through the early 4.x days, but the more I got involved in developing for OpenBSD the more I was dissuaded from doing so.

Part of the issue was this focus on security. After I began to use OpenBSD at home and at work in earnest, I realized that it was limited in hardware support compared to other operating systems. I purchased a new workstation and portable within a year of each other, and both times came to some unhappy realizations about OpenBSD support.

I began to seriously look at Linux and FreeBSD at this point, knowing hardware support was much more robust. (I had also looked at NetBSD, but even though it booted on nearly everything, driver support was anemic.) I started to dual-boot FreeBSD on my workstation, and spent more and more time there. But it wasn't only hardware support that pushed me away from OpenBSD.

The FreeBSD development model is, to say the least, more sensible. Like I said, the more I got involved with OpenBSD development the more I was turned away, and that was mostly due to the project leader's attitude. During the run-up to OpenBSD 4.2, Theo de Raadt had been in a couple highly-publicized arguments with Linux developers, rubbing a ton of people the wrong way.

What many don't understand is that this was not an isolated incident. Try being an OpenBSD developer! These kind of scathing verbal assaults happened all of the time on the mailing lists. I wasand still am, actuallyunsure whether Theo doesn't give a shit due to some philosophical stance, or can't help it due to something like Asperger syndrome. In either case, he typically drags anyone he disagrees with over the coals, all while telling them to stop taking it personally.

I wish Theo had taken some of his own advice. I believe he has hurt the OpenBSD platform more than he has helped it, and I also firmly believe that hardware support in OpenBSD sucks not because of code auditing practices or security focus, but because Theo has either scared or purposefully chased away developers.

Long-time OpenBSD developers might migrate to FreeBSD or Darwin; newbies might try for Linux instead. Those who taste the de Raadt wrath, however, always run in the end. One time, a friend of mine incurred his ire by asking the wrong question at the wrong time, and Theo de Raadt hacked his router and remotely remapped his keyboard!

This is abuse, plain and simple, and Theo's relationship with his developers is abusive. I feel bad for anyone who has to engage him in real life, and fear something Reiser-like happening in the future. This controlling, manipulative attitude coupled with periodic violent outbursts indicates a deep-seated mental health issue that has gone unchecked for far too long. If you are an OpenBSD developer, watch your back!

After all this mess, I switched to FreeBSD 7.2 and never looked back. I upgraded to FreeBSD 7.3 and started using FreeBSD 8 as soon as it was in pre-release, and I am eagerly working on FreeBSD 8.1. I feel spoiled now, too, because of the throng of developers devoted to professionally working the FreeBSD platform into something spectacular instead of naggling over trivial matters or admonishing one another.

The thriving FreeBSD ecosystem contrasts sharply with the Jonestown-like atmosphere of OpenBSD. There is also the fact that no one person looms so largely over any other; ego is checked at the door in FreeBSD since the goal is to make a great operating system, not lord over others like David Karesh and a harem of 14-year-old girls.

Feel free to disagree with me or point out counter-examples; I would love to read them now that I have left OpenBSD. I will always have a soft spot in my heart for the little secure operating system even though it leaves me with chills. I sometimes fondly load www.openbsd.org [openbsd.org] and read the latest release notes and smile wistfully.

It's okay to smile, now that I'm free from OpenBSD.

GNAA 4 LIFE!!! (-1, Troll)

Anonymous Coward | more than 4 years ago | (#32447572)

I just jizzed in my own face. It was awesome!

-Gary Niger

Oh, FFS! (5, Insightful)

Em Emalb (452530) | more than 4 years ago | (#32447190)

STOP IT WITH THE GODDAMNED "WE'RE GONNA SHARE YOUR ONLINE LIFE" bullshit!

Seriously. DO NOT WANT.

Yeah, great, you can "opt out". How about just don't fucking do it in the first place, Yahoo!?

Christ riding a sheep, this is retarded.

Re:Oh, FFS! (4, Insightful)

0123456 (636235) | more than 4 years ago | (#32447274)

Indeed: I still have my psycho ex-girlfriend in my address book, and letting her know when I'm online is hardly high in my priority list.

Address books are for addresses, not for people I want to have access to all kinds of information about my life.

Re:Oh, FFS! (5, Funny)

Anonymous Coward | more than 4 years ago | (#32447848)

I know exactly where you are. Don't worry baby, we'll be together for ever soon.

Re:Oh, FFS! (3, Insightful)

spazdor (902907) | more than 4 years ago | (#32448760)

I have a really novel Idea, you guys.

What if they implemented this as a feature you can turn on?

Re:Oh, FFS! (0)

Anonymous Coward | more than 4 years ago | (#32450618)

That idea is flawed in so many ways that it doesn't even deserves to be contemplated.

Re:Oh, FFS! (0)

Anonymous Coward | more than 4 years ago | (#32450976)

Indeed: I still have my psycho ex-girlfriend in my address book, and letting her know when I'm online is hardly high in my priority list.

Can you let her know when I'm online? I like psycho women

Joren van der Sloot

Re:Oh, FFS! (3, Insightful)

asukasoryu (1804858) | more than 4 years ago | (#32447354)

I've never given Yahoo or Google a dime for the use of their services. They have worked quite well and I appreciate Yahoo notifying me before changing the privacy policy. Configuring my security setting does not seem like a big deal. If you don't like Yahoo's new policy, walk.

Re:Oh, FFS! (2, Funny)

0123456 (636235) | more than 4 years ago | (#32447404)

Configuring my security setting does not seem like a big deal. If you don't like Yahoo's new policy, walk.

I just checked my yahoo email account -- which I have paid a few bucks for over the years becasue I want the POP access -- and I can't see any sign of a way to turn this crap off. Turning it on for everyone is simply insane.

OTOH I have removed my psycho ex from the address book.

Re:Oh, FFS! (0)

Anonymous Coward | more than 4 years ago | (#32448214)

But not the hidden x10 cam. I knew you still loved me.
Don't worry, I know THEY are trying to keep us apart..

I won't let THEM win lover.....

Re:Oh, FFS! (0, Flamebait)

ae1294 (1547521) | more than 4 years ago | (#32448544)

I won't let THEM win lover.....

Pretty funny, but this is slasdot you know. Ex-girlfriend doesn't mean what you think it means.

He's never 'physically' meet this girl or for that matter even 'talked' to her on the phone or even seen her on a webcam. He's only chatted with her in IRC and email, probably for a few years, until he realized that he could never really leave his basement to meet her let alone have sex with another human being.

Plus everyone knows that she's are really he's on-line unless they are underage... There are no exceptions... NONE!

Re:Oh, FFS! (1)

StuartHankins (1020819) | more than 4 years ago | (#32448708)

Nah, he's the one who's been paying for her WOW account so they can run quests together. And so her Night Elf can dance for him when he gets the urge to "party".

Re:Oh, FFS! (1)

ae1294 (1547521) | more than 4 years ago | (#32449308)

so her Night Elf can dance for him when he gets the urge to "party".

You damn kids today with your pix-elated dancing elf's and party questing. Makes me sick... In my day, we didn't have massive-multi-player role playing games and we liked it that way. The smell of sweaty cheese-puff encrusted card board, the feeling of those cold hard dice in your own two hands, facing your opponent face to face like a real man, and the glory, the glory of crushing him with that perfect magic missile combo attack... You damn kids have no honor and no respect for the the rules of combat. You all are just a bunch of bloody peasant farming on my land with all that clicking on your damn mices... GET OFF MY LAWN damnit!

Re:Oh, FFS! (0, Flamebait)

hairyfeet (841228) | more than 4 years ago | (#32450308)

Oh course being /. nobody can be sure his "girlfriend" doesn't have a penis [youtube.com] either. Just saying.

Re:Oh, FFS! (1)

hairyfeet (841228) | more than 4 years ago | (#32449954)

While I haven't got the email yet, so I can't be 100% sure this is what they are talking about, look under options>>allow updates you'll see a little hyperlink that says "manage who sees my updates" and uncheck the box the hyperlink brings up. But from the looks of it they are only sharing when you add new flickr photos and comments on ratings and news, not exactly anything I would really give a shit about anybody knowing. I unchecked it just on GP anyway, but it isn't like they are gonna pass out your address book if you don't check it.

Compared to the amount of privacy you lose by using FB these days (boy I'm glad I didn't fall for THAT trap) letting my friends know when I add new flickr photos is pretty damned mild by comparison. It doesn't really matter much in my case since I can't stand the way Gmail is laid out and Live mail just bugs the shit out of me, so Yahoo mail is pretty much all there is left. But I've been using their mail and search exclusively (just use Gmail for a spam dump) for years and have to say they've been pretty good about stuff like this. Anything you don't want you can always uncheck like I did above, so I would have to say this is an overall...meh.

Re:Oh, FFS! (5, Insightful)

Em Emalb (452530) | more than 4 years ago | (#32447574)

I don't have a yahoo account.

The point remains the same. Opt IN not Opt OUT.

Re:Oh, FFS! (1)

iceborer (684929) | more than 4 years ago | (#32449532)

Nor do I - anymore. Delete Yahoo! Account [yahoo.com]

Re:Oh, FFS! (1)

lightversusdark (922292) | more than 4 years ago | (#32456748)

In & Out
In & Out
That's what the Internet
Is all about

Re:Oh, FFS! (3, Insightful)

grumbel (592662) | more than 4 years ago | (#32447638)

Configuring the security settings is a big deal, as it means the whole thing is opt-out, not opt-in, which in turn means that lots of people will end up sharing data that they don't want to share. What is especially stupid is sharing data with all people in your address book, that is not the place to look for trustworthy friends, that's just a place for people you have had contact with.

Re:Oh, FFS! (2, Insightful)

asukasoryu (1804858) | more than 4 years ago | (#32447896)

I understand what everyone is ranting about. But this is a free service. My opinion is that people can find an alternative if they don't like Yahoo's policies. Why does everyone feel entitled? If Yahoo tells you up front what you're signing up for when you use their service, they have the right to make the default opt-out. I don't like it but I won't fault Yahoo for it.

Re:Oh, FFS! (1)

ae1294 (1547521) | more than 4 years ago | (#32448248)

Some people pay yahoo money for email service... So they can remove the yahoo ad or have pop access...

Re:Oh, FFS! (1)

grumbel (592662) | more than 4 years ago | (#32448788)

If Yahoo tells you up front what you're signing up for when you use their service,

The whole point is that they didn't tell you upfront. It is a feature that they introduced to a service that has been running for years and now they take your data that was never ever meant to go public and publish it without your consent (and no, the ability to opt-out is not consent).

That aside I have yet to see a single service that actually makes it clear what data you automatically publish online, it might be explained somewhere in the TOS or in the preferences or in the help menu or whatever, but its never obvious as in "If you click Ok this will be visible to those people".

Re:Oh, FFS! (0)

Anonymous Coward | more than 4 years ago | (#32450364)

It is a feature that they introduced to a service that has been running for years and now they take your data that was never ever meant to go public and publish it without your consent (and no, the ability to opt-out is not consent).

This. "Opt-out" is NOT the same thing as consent. How many people are going to suddenly find that Yahoo has shared their private lives with their plumber, their priest and their psycho ex? I can see Yahoo getting hit with a big class-action over this. You can't change the rules mid-stream and then make it opt-out.

Re:Oh, FFS! (0)

Anonymous Coward | more than 4 years ago | (#32449830)

TANSTAAFL. This is a problem with all "free" E-mail services.

I do think that for "serious" E-mail, one needs to have a for-pay E-mail service these days. A lot of Web forums will outright deny access to people registering with a "free" E-mail address. Also, with a for-pay E-mail service, they tend to have a decent TOS that they are not going to go through mailboxes unless they are handed a search warrant by a judge (and not on a Post-It note). Since third party advertisers are not part of the equation, the E-mail users are the customers, and are treated as such, rather than a necessary evil.

Re:Oh, FFS! (1, Interesting)

Anonymous Coward | more than 4 years ago | (#32447808)

Configuring my security setting does not seem like a big deal.

Since it's apparently no big deal, can you please tell me what settings I'll need to change? I can't find any indication of any security settings in all of the various Yahoo options.

Re:Oh, FFS! (1)

asukasoryu (1804858) | more than 4 years ago | (#32448122)

A quick search [yahoo.com] shows you where to go [yahoo.com] . Look for "Notifications and Settings" on your "Account Information" page.

Re:Oh, FFS! (0)

Anonymous Coward | more than 4 years ago | (#32448204)

A quick search shows you where to go. Look for "Notifications and Settings" on your "Account Information" page.

Thanks for that, but none of those settings are in any way related to sharing your information with people in your address book, which is what this article is saying they intend to start doing. I'm trying to find how to opt out of that. Off the bat, the umpteen setting/option screens that Yahoo! has available make the whole Facebook privacy thing look like child's play.

Re:Oh, FFS! (1)

jimbolauski (882977) | more than 4 years ago | (#32448314)

The only problem I have with yahoo's policy is that they should be having current users opt-in, and giving those who choose to opt-in extra benefits to entice them. All new users would have to opt-in after they agreed to the no-privacy terms. A big question I have is once the user starts sharing his information, Yahoo is providing a service for their information, which is a contract because both parties get something, now since it is a contract would yahoo be able to change the terms at their will.

Re:Oh, FFS! (1)

js_sebastian (946118) | more than 4 years ago | (#32456100)

I've never given Yahoo or Google a dime for the use of their services. They have worked quite well and I appreciate Yahoo notifying me before changing the privacy policy.

Yahoo has worked quite well? Pah! their web interface is crap-infested, periodically stops working or pesters me to update to the latest IE version (I am using firefox on linux) and they don't give imap access! That's the very opposite of working well. I am phasing out all usage of yahoo mail, nowadays I check it maybe once a week for those few people who might still have that old address. Yahoo must rot in hell.

Why not opt in instead of opt out? (4, Insightful)

tomhudson (43916) | more than 4 years ago | (#32447410)

This is reminiscent of the "negative billing" scams, whee if you don't opt out, you're automatically going to be subscribed for $EXTRA_CRAP_SERVICE_I_DONT_WANT at $X_MORE_PER_MONTH.

Seriously, Yahoo, sharing is not always a 'Good Thing' [google.com] Some things are better kept private [google.com]

Re:Why not opt in instead of opt out? (1)

GNUALMAFUERTE (697061) | more than 4 years ago | (#32447546)

Some things are better kept private [google.com]

The goggles! they do nothing!

Re:Why not opt in instead of opt out? (0, Flamebait)

tomhudson (43916) | more than 4 years ago | (#32447892)

It could be worse

'Jennifer' Usher [google.com] , and Usher's journal [slashdot.org] . My own personal cyber-stalker :-)

Re:Why not opt in instead of opt out? (1)

jgagnon (1663075) | more than 4 years ago | (#32448030)

The Googles, they do something! :p

Re:Why not opt in instead of opt out? (0)

Anonymous Coward | more than 4 years ago | (#32448292)

Beer googles? That must be the term for drunken googling your ex.

Re:Why not opt in instead of opt out? (1)

just_another_sean (919159) | more than 4 years ago | (#32447548)

This is reminiscent of the "negative billing" scams, whee if you don't opt out, you're automatically going to be subscribed for $EXTRA_CRAP_SERVICE_I_DONT_WANT at $X_MORE_PER_MONTH.

I know it was a typo but all could think when I read that is of some marketdroid somewhere telling his boss, "And if they don't opt out then whee!!!, we get their data.
Beautiful isn't it?".

That aside, your absolutely right. The only way I could see Yahoo (or FB, Google, MS, anyone really) doing this right is to make the feature available and then make it
so people have to explicitly opt in.

Re:Oh, FFS! (1, Interesting)

Anonymous Coward | more than 4 years ago | (#32447494)

I wish I had mod points for the parent. I know it was an emotional rant, but, seriously, it was the first thing that popped into my mind, too.

Does every online company these days have to treat everyone like they're a 13-year-old girl? When did sharing everything with the entire world become the overriding priority for the Internet?

Re:Oh, FFS! (1)

sznupi (719324) | more than 4 years ago | (#32448482)

Well, that's what we get for everybody pretending now and then that they're a 13-year-old girl.

Re:Oh, FFS! (1)

David Gould (4938) | more than 4 years ago | (#32453552)

When did sharing everything with the entire world become the overriding priority for the Internet?

When Web 2.0 was released?

Re:Oh, FFS! (1)

cmiller173 (641510) | more than 4 years ago | (#32448296)

It looks to me like this is only a problem if either you are updating your status on your yahoo profile or have linked your facebook/twitter/other social media to your yahoo account. If you have doen either of these things then you probably intended to share it right?

Re:Oh, FFS! (1)

TyFoN (12980) | more than 4 years ago | (#32448468)

I'd prefer an opt-in rather than opt-out.
Their problem then is that nobody will use their new web 2.0 inter person linking contact fantastico..

Re:Oh, FFS! (1)

Mattsson (105422) | more than 4 years ago | (#32448880)

Or, at least, do it the sensible way... OPT IT! If I want it, I'll activate the damn feature!
I really hate every damned company, organization and software-installer that graciously let people opt out of stuff that really should be an opt in option.

Abandoned email - opt out (1)

LoverOfJoy (820058) | more than 4 years ago | (#32452860)

So I've long since abandoned my yahoo email address. I can't even remember my password. Does this mean that they will assume that whatever emails I still get there (all spam) are my "interests" and they will inform everyone in my address book of them?

I can't wait until my exgirlfriends try to contact me to discuss my interest in penis enlargement devices and nigerian princes.

The right way to do it (5, Insightful)

phantomfive (622387) | more than 4 years ago | (#32447226)

The right way to do it is to leave it off by default. Assuming your primary concern is to protect users' privacy. Which it isn't: they mainly want to bring this new feature (whatever it is) to the majority of people whom they think will like it, without upsetting a (vocal) minority of users who really care about privacy.

Re:The right way to do it (1)

Eglembor (598622) | more than 4 years ago | (#32447282)

primary concern is money making, leaving things off be default means that users have to take the time to enable it which most wont.

Re:The right way to do it (4, Insightful)

MrEricSir (398214) | more than 4 years ago | (#32447290)

I'm sure the reason for this feature has less to do with adding new functionality for users than it has to do with more advertising opportunities.

Re:The right way to do it (0)

Anonymous Coward | more than 4 years ago | (#32447532)

Nail, head, hit.

If Yahoo were genuinely concerned for privacy for its customers, just like most modern operating systems, it would "ship" with everything locked down. No sharing of *anything*, all connections over SSL, etc. Then let it up to the user to decide if they want to allow what data and to whom. If a user wants their account to interact with Twitter, have an option for it, as well as an option to "don't bother me with this again".

However, Yahoo's customers are the people who pay for their accounts, and the advertisers. To a marketing person, the people with free accounts are not customers; they are visitors.

The good thing is at least Yahoo is making an attempt to ensure that user data is protected after seeing the blowback from the mistakes other companies make.

Re:The right way to do it (1)

phantomfive (622387) | more than 4 years ago | (#32447914)

That's the knee-jerk assumption, isn't it. You hear 'less privacy' and automatically assume they are going to share things with advertisers.

In this case, though, they aren't sharing with advertisers (as far as I know, they've already been doing that for a long time). They are sharing with people on your contact list. Unless you have advertisers on your contact list, you're ok (at least, as ok as you were before this change).

Companies actually do want their customers to be happy enough to stick around, and sometimes they do add features to make people more likely to stick around. In this case it looks like a feature designed to make people 'stick' to the page more.

Re:The right way to do it (1)

MrEricSir (398214) | more than 4 years ago | (#32448034)

Assuming a company wants to increase their revenue is a "knee-jerk assumption"?

I'm guessing you're not a business major...

Re:The right way to do it (1)

phantomfive (622387) | more than 4 years ago | (#32448304)

You didn't say, "wants to increase revenue"

Re:The right way to do it (1)

natehoy (1608657) | more than 4 years ago | (#32448700)

For companies like Google and Yahoo!, who derive almost all of their money from advertising revenue, "increasing revenue" and "advertising opportunities" are exactly the same thing.

Don't forget, with Google and Yahoo!, the people who visit their web pages and use their nifty tools are not their customers. The people who buy advertising space from them are their customers. Yahoo! makes no (or almost no) money from you. They make nearly all their money from advertisers.

The people who visit their web pages and use all the cool stuff are the product being sold. Your eyeballs are worth some serious coin, amigo.

There's a vested interest in both learning as much about you as possible (so they can target ads and get more money per ad impression), getting you to recruit your friends (more product to sell), and keeping you on the site as long as possible (to increase the number of ad impressions). In fact, those are really the only things they ever really want to do.

So assuming a business wants to increase its revenue is a knee-jerk reaction, but only in the context that it's always true with almost no exceptions. Businesses are in business to make money. There's literally no other motivation to the majority of for-profit businesses. They do things that are good for you pretty much only when it benefits them in some way.

Yahoo! wants to do this for one of a few very simple reasons:

1. They are going to collect this information and sell it to advertisers.
2. They are offering you prettier cooler stuff so you'll stay on their site longer and see more ads.
3. They want you to tell your friends how cool all this stuff is so they'll sign up too.

Personally, I think it's 4. All of the above.

Re:The right way to do it (1)

gstoddart (321705) | more than 4 years ago | (#32448634)

Companies actually do want their customers to be happy enough to stick around

Ah, but who is the customer? The advertisers pay them, most people with a Yahoo account don't.

So, the user is not the customer. This is the same with Google.

All they're doing is managing the PR of this so they can say they told their users. I've gone into my Yahoo account and disabled this, but I'll be curious to see when I actually get the email.

Re:The right way to do it (1)

fast turtle (1118037) | more than 4 years ago | (#32449368)

Email? Yahoo doesn't Email nobody about new features like this. What they are doing is forcing you to visit the settings page the next time you're forced to log-in. Then they get you. Do you want to disable this? Yes uncheck 30 damn different boxes and change all the settings, otherwise skip that and leave it enabled as they want.

I don't know how long it'll be that they keep redirecting people to the settings page, probably 6 months or so before they figure everyone's had a chance to make their choice.

Re:The right way to do it (1)

gstoddart (321705) | more than 4 years ago | (#32449542)

Email? Yahoo doesn't Email nobody about new features like this.

Actually, you may be right. I just re-read TFA, and all it says it that Yahoo is "informing" people.

It's not saying where or how, and my Yahoo page doesn't mention anything about it. I wonder if they're going to gradually add it to various users, or if some just won't get a proper notification.

We have a winner! (1)

Overzeetop (214511) | more than 4 years ago | (#32447658)

Exactly. It's not like Facebook, where there are privacy setting which are getting shifted (and hence there will be a mapping, at least somewhat flawed in the best cases). This is new, so just start with everything turned off. If people want to be social, they can decide how "social" they want their information to be.

Me? I don't use Yahoo, and I no longer hire anyone who uses Yahoo. Yes, "What is your favorite search engine" is actually one of my hiring questions. Yahoo employees are batting zero.

Re:We have a winner! (1)

phantomfive (622387) | more than 4 years ago | (#32448006)

Me? I don't use Yahoo, and I no longer hire anyone who uses Yahoo. Yes, "What is your favorite search engine" is actually one of my hiring questions.

Based on this question, and your sig, I hope I never run into your company. I would quit. In fact it's almost enough to start making me use Yahoo every once in a while to help avoid arrogant pricks.

Re:We have a winner! (1)

tomhudson (43916) | more than 4 years ago | (#32448078)

What is your favorite search engine

[X] I mis-trust them all equally, you insensitive clod!

They're like Soviet Russia, while you're searching them, they're researching YOU!

Re:The right way to do it: off by default (1)

noidentity (188756) | more than 4 years ago | (#32447732)

Yes, just like with software upgrades; if you add new features, have the default to making the software as close as it was before they were added. All the current users of Yahoo are adjusted to the current settings they've made. If they add a new feature that shares more data, it should be off by default for current users, otherwise you'd break "compatibility" with them. But then the users might not "benefit" from the new feature, so marketing wants it on by default. I imagine that's the reason they default wrong.

Re:The right way to do it (1)

AltairDusk (1757788) | more than 4 years ago | (#32448058)

Since when did they care about user privacy? The only time they pretend to care is when it starts affecting their bottom line.

I'm Not Clear on What Will Be Shared (4, Insightful)

eldavojohn (898314) | more than 4 years ago | (#32447346)

Yahoo's new features that will share users' online activities and interests with people in their address books

So you can do a lot of things on Yahoo! like play chess, manage finances or e-mail. But what level of detail is going to be shared and for what possible reason?

Let's take the most basic possibility -- similar to XBox Live -- where it says eldavojohn is playing Futurama. You only ever get a few pieces of data: my name, I'm online and my activity. But it doesn't popup with "eldavojohn has died" or "eldavojohn has reached achievement X." The specifics are hidden resulting in this only facilitating friends noticing they're online and playing together. Might work with Yahoo! Chess but it I can't see it working for finances or e-mail. "Hey, eldavojohn's online, let's read up on some mutual funds together!" Or, "eldavojohn's e-mailing, I should e-mail with him!" Doesn't make a whole lot of sense. This only sense this makes is if you're one of those "microbloggers" that likes to inform everyone what you're eating and when you're urinating because you have some weird infatuation with yourself.

The most extreme possibility is far worse. What if you knew who I was playing chess with, what stocks I was buying and who I was e-mailing. If this is the case then Yahoo! could be poised to overtake Facebook as the number one source of evidence in divorce proceedings [cnn.com] . I think anyone would agree that this extreme is highly undesirable.

So I don't get it. Yahoo! is trying to build a better service by switching this on? How are they planning to do this? The cynic in me is defaulting to some sort of money related advertising scheme whereby you say surely whatever you share with your friends can be shared with an advertiser. There is some money in that [thestar.com] . Is that already baked into this privacy statement or will that be done behind your back or will that be a future "feature"?

I know what will be shared (1)

IANAAC (692242) | more than 4 years ago | (#32447492)

I've had the same yahoo account for, what, 15 years? I stopped using it for anything meaningful a long time ago. The reason? My address is a common last name with a first initial. Some stupid woman thought to register it without even checking to see if it was available.

She's interested in: hot black men and real estate. In Oakland, CA. I'm none of those things, so it's no skin off my nose. But it still provides me with some entertainment every now and again.

Why is this needed? (2, Insightful)

Darkness404 (1287218) | more than 4 years ago | (#32447376)

Why is this even needed? Seriously can anyone name a single benefit for the end user? No one cares what blogs you read, what sites you visit, etc. if someone really cared they'd just ask you.

This is a huge privacy risk and annoyance for no benefit

Re:Why is this needed? (2, Insightful)

alex-tokar (1727590) | more than 4 years ago | (#32447538)

Apparently it's more 'social'. I still don't get those 'social' networks like Facebook, Twitter, etc. They are also a huge annoyance for no benefit at all.

Re:Why is this needed? (2, Interesting)

Darkness404 (1287218) | more than 4 years ago | (#32447642)

I can see the point in them, you can talk to people who you haven't seen for a while. Rather than needing an MSN, AIM, etc account to IM your friends, just find them on Facebook. Its easy to find the people who you want to talk to on FB and people generally check it more often than sign into Instant Messengers.

Plus, you have a lot more control over it than a cell phone, if you need to negotiate a meeting, its a lot better to just message them over Facebook because you can block them or delete them if need be. Good luck convincing that annoying person who got your number to stop calling you, but its easy to just block them on Facebook.

Re:Why is this needed? (1)

Requiem18th (742389) | more than 4 years ago | (#32451804)

Rather than needing an MSN, AIM, etc account to IM your friends, just find them on Facebook.

So rather than needing an MSN, AIM, etc account you need a Facebook account. That doesn't provide any real advantage.

Re:Why is this needed? (4, Insightful)

DragonWriter (970822) | more than 4 years ago | (#32447612)

Why is this even needed?

Because Yahoo! shareholder's want their stock value to grow, and social networking is perceived as a way of acheiving that.

Social networking features promote stickiness (which helps advertising sales) and provide something that third party developers can leverage to provide additional social apps, which then further promote stickiness, and help sell more ads.

Seriously can anyone name a single benefit for the end user?

More competition in the social networking space means more consumer choice in that space. If you aren't interested in social networking features, that's not a benefit to you, but social networking is a big thing in the market specifically because lots of end users are interested in those features.

Re:Why is this needed? (0)

Anonymous Coward | more than 4 years ago | (#32448552)

More competition in the social networking space means more consumer choice in that space. If you aren't interested in social networking features, that's not a benefit to you, but social networking is a big thing in the market specifically because lots of end users are interested in those features.

Ya, well I know a lot of fucking people who are not interested in this opt-out social networking bullshit (à la Google Buzz) and who would already been considered sticky, but after having to face the risks of potentially illegal privacy failures by big Corps have already or seriously considered moving on to greener pastures. What does that translate into: a big fucking problem for shareholder value.

How about they do it the other way? (4, Interesting)

Todd Knarr (15451) | more than 4 years ago | (#32447528)

Instead of it being "Yahoo's new features that will share users' online activities and interests with people in their address books, unless they take steps to prevent it.", how about they make it "Yahoo's new features that will share users' online activities and interests with people in their address books, if they take steps to enable it."? Problem solved.

Unless, of course, the problem is that Yahoo wants to do something it knows the majority of it's users don't want done, in which case I still think it's "Problem solved.", it's just not a solution Yahoo likes. But it isn't Yahoo's information Yahoo wants to share, so I don't see why what Yahoo likes should figure into it.

Re:How about they do it the other way? (0)

Anonymous Coward | more than 4 years ago | (#32448348)

I actually have had a plus account for a while and use them to hold some domain names, basically just shot off an email to them telling them I will let it all lapse, cancel, and move my domains if they go through with the auto opt in approach. Also, yhat my address book had mixed contacts and it was none of their business at all, that any of my contacts should be aware of the other.

Also, if I read it properly, you can't HIDE your display name (I was just there). You can hide your "real" name, but not your display name (which is now a series of random keyboard hits). There is no way to mass deny connections or connection suggestions, but you can mass OK them. Really frigging annoying.

I know it will mean nothing, if they are going this route, monetizing their users this way brings them in more revenue than their other services. Has to be.

What they really are saying (1)

realmolo (574068) | more than 4 years ago | (#32447640)

"We're going to fuck all of our users in the ass. But we want to make sure OUR asses are covered, legally speaking. So we are going to warn our users that we are going to fuck them in the ass. But we aren't going to go out of our way to warn them, because then they might not let us fuck them in the ass. We're going to secretly warn them, and then our lawyers have informed us that we can fuck our users in the ass until they ask us to stop. And then confirm that they want to stop the ass-fucking by clicking on a link in an e-mail that they will receive within a few hours, during which they will still be getting fucking in the ass."

-Yahoo! is a leading online provider of ass-fucking. http://www.yahoo.com/ [yahoo.com]

Yahoo Buzz (1)

MrEricSir (398214) | more than 4 years ago | (#32447972)

Hey, they can call it Yahoo Buzz!

Oh wait... [yahoo.com]

A legal prohibition against implicit consent (4, Insightful)

Animats (122034) | more than 4 years ago | (#32447982)

We need a general legal prohibition against implicit consent. We need to legislate that any contract provision which allows one party to modify the terms of the contract without the explicit consent of the other party is null and void. Consent cannot be given merely by continuing to use the service or pay for it. If companies want to change terms, they should have to get explicit consent, given as a transaction separate from ordinary use of the product or service. This should be an FTC rule.

The effect is that when a company changes something, some of the customers are going to move to a competitor. That's in line with the basic principles of capitalism.

Re:A legal prohibition against implicit consent (1)

tomhudson (43916) | more than 4 years ago | (#32448238)

  1. Dear Yahoo. I have a new feature on my web site. If you crawl that page, you will have opted in to my new service, which basically is 'Yahoo owes me $10k a month personal charity';
  2. Yahoo crawls page ...
  3. Dear Yahoo: Thank you for opting in to the 'Yahoo owes me $10k a month personal charity. Should you wish to cancel this service, you may opt out at any time by crawling this page (link to 'Yahoo owes me $100k a month personal charity' page). In addition, we have added the Jennifer Usher [google.com] option. Unless you opt out, you agree to host feeding porkchop at least once a month,

See how having to opt out is the worst part?

Re:A legal prohibition against implicit consent (1)

nacturation (646836) | more than 4 years ago | (#32450316)

Your scenario, while a good demonstration of why opt-out is bad, has absolutely no legal standing. There was no contract between you and Yahoo, so trying to enforce your $10K a month provision would be a waste of your time and money.

What's really needed is consumer education that agreeing to a contract that states that the provider can change the terms of the contract at any time is a bad thing. The problem is that people are presented with an agreement which they're supposed to read, they check the "I agree" box, and they have now entered into a contract with the provider that has free reign to change the terms according to the contract's provisions.

Of course, approaching Yahoo and saying "I would like to use your free services, but I require custom terms and conditions" would get you laughed at, if you even get a response at all. And there's no way they would consider it unless you're the size of General Motors and you'll be paying them enough money to make it worth their while.

And perhaps a better way for companies to manage the fact that their service offerings will change is to use contract termination clauses. Effectively, something like this: "Service under the terms of the existing agreement will terminate in 30 days, as per provision 8(b) of our agreement. At that time, all features will be disabled and you will no longer be able to use our services. We are introducing a new agreement which you can view here [link]. If you agree to these new terms, they will take effect in 30 days and your service will be uninterrupted. If you do not agree to the new terms, any information associated with your current account will be destroyed after 90 days."

Of course, that's far too ethical to ever happen as it would eliminate dead accounts and get rid of people who don't like the new terms and conditions. That doesn't look good when you have to present the number of users you have to the board and it's half of what it was last quarter.

Re:A legal prohibition against implicit consent (1)

tomhudson (43916) | more than 4 years ago | (#32450608)

If they crawled the page without you first sending them the notification (step 1), you would be right - no contract.

However, sending them the notification is an offer to contract. They accept the terms under the contract by performing the specific actions laid out in the contract which can only be done on my site (so it's not like sending a contract that says 'if the sun rises tomorrow, you agree to pay me money.).

Would it hold up in court? If you took it to Delaware, probably. They side with trolls :-)

There's a reason "negative option" (aka opt-out) contracts have been banned for federally-regulated goods and services across Canada, and that the majority of Canadians also enjoy protection against it for all other goods and services - it's misleading to the point of fraud.

Under a consent agreement last year, Facebook only has 2 more months to get their act straight or get the plug pulled in Canada. People give a s*** about their privacy, and want it made simple. The default should be private.

Re:A legal prohibition against implicit consent (1)

nacturation (646836) | more than 4 years ago | (#32452892)

However, sending them the notification is an offer to contract. They accept the terms under the contract by performing the specific actions laid out in the contract which can only be done on my site (so it's not like sending a contract that says 'if the sun rises tomorrow, you agree to pay me money.).

To demonstrate there was a contract, you would need to show that there was consideration and acceptance on their part. You would be unable to demonstrate that (1) Yahoo's crawler is able to comprehend and consider what is being offered, (2) that the crawler's continued operation on your site constitutes acceptance of a contract, and (3) that Yahoo's crawler is an authorized agent of Yahoo Inc.

Under a consent agreement last year, Facebook only has 2 more months to get their act straight or get the plug pulled in Canada.

Irrelevant -- that was for violations of PIPEDA, not because of any T&C listed in a contract.

There's a reason "negative option" (aka opt-out) contracts have been banned for federally-regulated goods and services across Canada, and that the majority of Canadians also enjoy protection against it for all other goods and services - it's misleading to the point of fraud.

Bzzt... try again. http://your.rogers.com/about/legaldisclaimer/TOS_Eng.pdf [rogers.com]

"Unless otherwise specified in the Service Agreement, we may change, at any time, any charges, features, content, programming, structure or any other aspects of the Services, as well as any term or provision of the Service Agreement, upon notice to you. If you do not accept a change to the Services, your sole remedy is to terminate the Service Agreement and the Services provided under the Service Agreement, within 30 days of your receipt of our notice of change to the Services (unless we specify a different notice period), by providing us with advance notice of termination pursuant to Section 31. If you do not accept a change to these Terms, your sole remedy is to retain the existing Terms unchanged for the duration of the Commitment Period (as defined below), upon notice to us within 30 days of your receipt of our notice of change in the Terms."

Re:A legal prohibition against implicit consent (1)

tomhudson (43916) | more than 4 years ago | (#32454178)

Rogers hasn't changed my terms in 10 years. Same plan, same price. When it comes up for renewal, the pattern is always the same - they offer phone upgrades, service upgrades, free phones, whatever ... I already have unlimited incoming/outgoing between 6pm and 8am weekdays and all weekend, so last year they kept phoning me with different offers - I finally took free incoming calls 7 days a week.

This year? I already got the usual "get a free phone blah blah blah ..." Not really interested. Smartphone? If it's an Evo 4g, for $200 on a 3-year plan, I'm interested, but aside from that, so what?

You can ignore their disclaimer. I do. They give me good service, I give them money. Neither side is going to rock the boat.

Re:A legal prohibition against implicit consent (1)

nacturation (646836) | more than 4 years ago | (#32454584)

You can ignore their disclaimer. I do. They give me good service, I give them money. Neither side is going to rock the boat.

It's great you're satisfied with Rogers. My intent was only to demonstrate that your claims that such language was banned is false.

Re:A legal prohibition against implicit consent (1)

tomhudson (43916) | more than 4 years ago | (#32454952)

http://en.wikipedia.org/wiki/Rogers_Cable#Negative_option_billing [wikipedia.org]

Rogers was one of the guilty parties who started it.

There has been legislation at the provincial level in Quebec, Ontario, and now Manitoba that bans negative-option billing. In those provinces, Rogers has to do it differently. They can't just add the fee and let it ride. They have to get your explicit consent. Since they can't change the terms during the contract, they have to do it at renewal time. "Your contract is coming up for renewal. The new cost is an extra buck a month. If you wish to renew, blah blah blah".

That's a contract renewal, not a negative option billing. Your contract is over at that point. Renew it on the new terms or get cut off.

Even the very bottom of the fine print you posted pointed out that customers who refuse keep their existing contract terms until the contract is over. It's just boilerplate. Ignore it.

Re:A legal prohibition against implicit consent (0)

Anonymous Coward | more than 4 years ago | (#32448294)

For a FREE service, people should NOT expect explicit control or consent of that FREE service. Period.

Re:A legal prohibition against implicit consent (2, Insightful)

natehoy (1608657) | more than 4 years ago | (#32448840)

But it's not "free". I'm paying them, just not in money.

Yahoo! and Google both offer me services in return for my divulging information which is to be used for specific purposes, which are laid out in the user agreement.

If they want to change that agreement, the changes should be opt-in, and if I choose not to opt in it's acceptable to me that they disable or delete my account. It is NOT acceptable to me that inaction on my part will result in divulging information that was previously covered under a privacy policy, unless they actively inform me that the policy is changing, and present me with a choice to either accept the new terms, opt out of them (if they wish to offer that as an option), or delete my account.

I have a Yahoo! account. It's very old. I don't use it for email any more because the account is up to several thousand spams a day, but I do still use the account for other services. I'm not going to see any service change emails they send me. Until and unless they put a box in front of me telling me how they want to further profits from my use of my account, they do not have the right to change the terms of our agreement.

There... done. (1)

bmwEnthusiast (1384289) | more than 4 years ago | (#32447994)

I deleted my yahoo account after 12 years. That's just shady and dumb. I want to opt-in not forced to opt-out.

Why is it opt out? (1)

Dashiva Dan (1786136) | more than 4 years ago | (#32448724)

The one step easy solution to any of this "user backlash" is to make any new features "opt in" not "opt out".
The only reason to do it as they are (opt out) is to make data accessable that users don't want to keep private. I haven't logged into my yahoo account in months, due to having forgotten my password. This means that when this change comes around, information will be made available about me that I cannot prevent and that, when I signed up, was assured would be kept private.

I didn't get any notification about it. (2, Interesting)

kalirion (728907) | more than 4 years ago | (#32448846)

I got two yahoo accounts, and haven't received one of these "privacy minders" in either one. Maybe its because I insist on using their classic email interface instead of the web 2.0 mess?

Re:I didn't get any notification about it. (1)

Conspiracy_Of_Doves (236787) | more than 4 years ago | (#32449708)

I use the 2.0 email (which isn't that bad, actually) and I haven't received one either.

Re:I didn't get any notification about it. (0)

Anonymous Coward | more than 4 years ago | (#32449990)

I got two yahoo accounts, and haven't received one of these "privacy minders" in either one. Maybe its because I insist on using their classic email interface instead of the web 2.0 mess?

I use the classic interface as well. I went into my account settings from Mail Options and got the "privacy minder" alerts that way. You may want to try that.

Re:I didn't get any notification about it. (0)

Anonymous Coward | more than 4 years ago | (#32454624)

I agree, I have not seen any notifications on my account and i use the web 2.0 half decent interface.

Re:I didn't get any notification about it. (0)

Anonymous Coward | more than 4 years ago | (#32456518)

On the home screen, before you click through to the inbox, there should be on the right-hand column a button saying "Control what updates you're sharing". It should also appear in the list of posts under "Mail Blog" also shown in the home screen.

Still use Yahoo!?? (2, Interesting)

ATestR (1060586) | more than 4 years ago | (#32449064)

  • Yes, I still have a Yahoo address.
  • Yes, I do check it... every month or two, to dump the SPAM.
  • No, I don't use it for real mail
  • Why do I even keep it? It is a handy, last resort mail drop, assuming GMAIL and my private mail server both die.

Clearly a calculated risk. (1)

whovian (107062) | more than 4 years ago | (#32449780)

Alternatively, Yahoo could have advertised themselves as an alternative to the information-sharing sites like Facebook, Google, etc. However, since they didn't, they must have figured they still have a net gain even after the backlash.

That said, I have already deleted my contacts.

whole problem could be avoided easily (1)

JustNiz (692889) | more than 4 years ago | (#32450222)

They could easily avoid the whole issue by having the new feature default to "off" rather than forcing users to explicitly opt-out of sharing.

I hate the fact that opt-out is even legal, let alone has apparently become standard acceptable practice. Anyone entrusted with your private data should not be legally able to suddenly make it publicly available without your express permission.

Companies doing this should be deemed automatically liable for all damages and costs when they arbitrarily decide to leak private info, even if they do provide an opt-out.

Tell them how stupid this is... (0)

Anonymous Coward | more than 4 years ago | (#32450492)

I've taken the liberty of removing all my personal contact info from my yahoo account since reading about this. I also contacted them to leave privacy policy feedback, and explained why they have now earned my disdain.

Please don't forget you can give them feedback.
http://add.yahoo.com/fast/help/us/privacy/cgi_feedback?radio30=radio305

Re:Tell them how stupid this is... (0)

Anonymous Coward | more than 4 years ago | (#32456054)

I tried that link, filled in the form and submitted it. The result?

Yahoo gives a 999 error with word suggesting it is "temporary" but also suggesting virus infection on my PC and/or suspicious activity from my ISP.

What's your guess?

[ ] Slashdot effect
[ ] Refusal to hear bad news (and implied criticism of person raising it?)
[ ] Genuine error

FWIW I followed the reporting link and sent the following:

Action:
Tried raising privacy concern (text below) at URL
http://add.yahoo.com/fast/help/us/privacy/cgi_feedback?radio30=radio305 [yahoo.com]
Outcome:
received repeated '999' error

Desired result:
Please forward the text below to relevant departments

I am disappointed that Yahoo! is following a "me too" approach to its users' privacy with settings opted in by default.

I have long valued Yahoo! mail as a service. The latest moves to 'social features' are a step too far and I am seriously considering telling my contacts to reach me at another address.

I cannot see why you could not offer two services (or one service with two or more preconfigured set of options) -- one with all the social bells and whistles and a second, more basic, service which provides email *and nothing else*.

I would certainly value the second option - basic email with no "connections" no "followers" no "updates" -- I'd be happier to have the screen estate filled with more adverts if that were necessary to fund this. I don't see why anyone should need to have access to information on profiles (or even why I'd want to load up such data) -- those that know me already know the details; other people can be told when I feel the occasion demands it.

There's just one problem... (1)

mweather (1089505) | more than 4 years ago | (#32450808)

There is just one problem with this plan. It still ends with Yahoo exposing more private data.

I see singing up as opting in (1)

Rigrig (922033) | more than 4 years ago | (#32450994)

I wonder how many people bother reading privacy statements anyway, I know I don't.
Just assume fiddling with setting is futile, and whatever information you put online can never be removed and will eventually be shared with the rest of the world.

This especially goes for free sites, since they're making money from advertising, they'll make more money from better targeted advertising, and the main reason all your contacts get to see your info is because "we're sharing your information with everybody" sounds just a bit better than "we're only sharing your information with everybody willing to pay for it".

What now? (1)

qrv9412 (1758922) | more than 4 years ago | (#32452310)

I use yahoo to host my spam e-mail and my personal domain e-mail. This worries me, as i have many many customers on my address book but the last thing i need is joe bob from northern missouri knowing when im online. I was thinking of switching to gmail to use with my new evo i get tomorrow, but can they host my domain?

Very Disappointing (1)

zuperduperman (1206922) | more than 4 years ago | (#32452412)

Yahoo was the one company that I actually perceived as not raping my privacy at every turn. It's very disappointing to see them jump on this bandwagon.

They clearly simply *do not get it*. The number one problem with the changes that google and facebook made was that they opted you in. It wasn't about warnings, information, etc. People who were interested could always find out the information. They didn't actually hide what they were doing. The problem was that they opted you in. Or where they presented a UI for choosing the defaults were opted in. Now Yahoo decides to do exactly the same thing.

If they really do this then I may well delete my Yahoo mail account which I've kept now for 15 years.

mod Down (-1, Troll)

Anonymous Coward | more than 4 years ago | (#32453228)

Not a new concept: informed consent (1)

assertation (1255714) | more than 4 years ago | (#32457442)

Yahoo is actually informing their users of what will happen, before it happens and yahoo is giving their users the chance to opt out before it happens. Imagine that.

This is called common courtesy.

It isn't new.

From what I have read about Facebook CEO Mark Zuckerberg, he is literally an immature person, being unaware of the importance of such niceties. He is learning it now, in some stressful ways.

My intuition about Google Buzz was that the people who made the decision were similarly immature as Zuckerberg is, not understanding the effects their decision would have. To their credit, they did not make the same public statements Zuckerberg has made, making them look far less arrogant and immature than Zuckerberg. Google, once having learned how their decision was received smartly did a quick 180. Zuckerberg is still trying to push his agenda.

On the upside Zuckerberg is doing a public service by setting himself up as a lightening rod. His spectacle is giving people like him in the IT industry a free education.

Maybe the people at Yahoo are just as bad, but at a minimum it seems they are smart enough to have looked at his spectacle and learned from it.

Why people are NOT pissed at Twitter. (1)

assertation (1255714) | more than 4 years ago | (#32457494)

Anyone notice there isn't any anger at Twitter?

I think that is because Twitter STARTED of 100% open and everyone signed up for Twitter with that in mind.

People signed up for Gmail and Yahoo with the expectation of private communication. People signed up for Facebook with the expectation of semi-private and controlled information.

People don't like the rules having changed on them mid-game.

At least Yahoo is not starting off with a shoot first and ask if it hurts policy.

If I was Yahoo or a similar private service wanting to go public, I would make the social media features a completely separate service and release utilities for users to move their information, for themselves afterward, by their choice.

It creeps people out to have their private stuff moved around FOR THEM.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?