If you can’t trust a respected nonprofit that has been defending consumer rights since 1936, then who can you trust?
I think so as I dive into the pool of comments criticizing Consumer Reports, which recently initiated Permission Slips by CR.
The free app was made publicly available earlier this month to help people see how much personal data companies collect and police it on behalf of consumers.
“What we’re trying to do from a mission perspective is shed light on how every app and every service collects data and for what purposes, and exercise these new opt-out rights. It’s about giving people the tools they need to do it,” Ben said. Moskowitz, vice president of Consumer Reports Innovation Lab, said by phone.
I love it. This is the first Sasquatch-scale step in educating people about the types of information that companies routinely collect, share, and sell for their own benefit. We also provide a robust service that helps us advocate for companies to improve our practices, giving us control over how they treat our personal digital data. Oh, and it’s free.
But digital privacy is complex. The same goes for publishing new apps. Combining the two should raise concerns about how much personal data apps require to protect your privacy.
Is the permission slip app legal?
Permission Slip by CR only has 2 stars on the Play Store and 3 stars on the App Store. I hesitated to download it after seeing such bad reviews.
Additionally, a quick search online turns up several Reddit threads and online communities criticizing Permission Slips’ privacy policy and accusing it of being a veiled data-mining operation.
In the YCombinator Hacker thread, “nerponx” writes, “Not only do they use all the usual sneaky electronic storage tactics, but they also share aggregated data with other companies. It’s a data mining exercise to interlink and identify people’s user accounts and devices, which has become somewhat difficult.”
Gulp. When you start looking into this app, you wonder if it’s true. Did Consumer Reports fail this?
After speaking with the team that created this and some of the top legal digital privacy people in the country, the answer is no.
Why is digital privacy so complicated?
In order for Permission Slip to do its job of protecting your privacy, it must collect data, which for some people is a red flag of privacy risk.
What is the conclusion?
“Highly trusted organizations have built mechanisms that allow people to take control of their data,” says Chris Hoefnagle, a law professor and faculty director at the Berkeley Law and Technology Center. “Permission slips need to perform this function, scale up, and collect data that is relevant to the average consumer. This process requires collective trust,” he added.
Why is Permission Slip so poorly rated on the App Store?
Permission Slip by CR went live in early October, and many people tried to use it right away, causing the app to crash and cause serious glitches.
I saw it happening and waited a week to try it, and my experience was very smooth, 5 stars. It was in beta testing before full release, and many comments reflected early glitches that no longer exist.
Does the Permission Slip app have “dangerous” privacy practices?
I skimmed through the app’s 14-page privacy policy, and sure enough, it was full of brain-numbing legalese that made me want to kick someone in the shins. Case in point? This section is flagged by many app reviewers as a major red flag.
“We do not sell your personal information in ways that most people would consider sales. However, we do participate in targeted advertising online and when technology companies use our services. Instead, we use analytics that make our users’ personal information available to them.” Information collected from our apps to improve our products and the services we provide to others. Under some laws, this is considered a “sale” of your data by us to a third party. You can also opt out of this. See the “How to Submit a Request” section below. ”
That is, do they protect your personal data unless otherwise?
Not exactly.
To use the service, the app asks you to verify your phone number and email address. The App acts as your “authorized agent” and uses this information to make privacy requests on your behalf.
Although the app is available nationwide, Consumer Reports is subject to California privacy laws that severely limit what companies can do with this data.
CR states that it shares general information about your use of the app with its partners for certain narrow purposes, such as understanding how users can improve the app or promote it on social media sites. ing. CR does not accept advertising on its Services.
When asked for comment on this section of the privacy policy, CR explained that this language is necessary because of how Colorado privacy law defines the “sale” of data. For those who are uncomfortable with this type of sharing, CR offers an opt-out.
Hofnagl said it may still be off-putting to some people, especially “people who are big on privacy.”
“If you ask such people how this works, they will say something like: You can compile it on your own computer (GNU/Linux, of course) and send requests using Tor. , there should be free open source software.”
That probably won’t work for many of the rest of us.
You are being tracked:Grocery stores like Kroger and Walmart collect shopping data. What I found when I requested it.
Identifying AI deepfakes:Don’t be fooled by artificial intelligence deepfakes: Here’s how to tell
Can we really regain our privacy?
The issue here is that everything we do online and IRL (in real life) leaves a trail of behavior and personal insights, making it a huge target for marketers, data brokers, scammers, etc. It is the fact that it is centered.
It’s true that trying to erase data from social networks, stores, search engines, and everything else can cost you a lot of money and time. But the truth is, it’s like trying to clean up glitter in a rainstorm.
A new law finally allows you to take back some privacy online. Still, the amount of work you have to do to get companies to delete your information or stop selling your information is daunting.
My permission slip app results so far:
In 10 minutes, ask companies like CVS, Lowes, Airbnb, OpenTable, Yahoo, and even dodgy data brokers like Spokeo not to sell my personal information, including email, home address, and location data. Approximately 55 emails were sent. . That alone saved me about 70 hours compared to doing everything myself.
So far, CVS is the only company that has denied my request not to sell my data. reason? I live in Washington state, which does not have digital privacy laws.
Thirteen states currently have laws protecting consumer privacy rights. California leads the nation in consumer privacy protection, while Idaho ranks last.
Typically, many reputable companies will still honor data privacy requests, even if the state does not enforce compliance. Especially if Consumer Reports is behind the request. CVS doesn’t seem to have gotten the memo.
Should I use a permission slip app?
It’s a great tool, but it’s not perfect, especially since nothing is perfect to begin with. However, the permit slip is a great starting point. The more control you have over your digital footprint, the more power you have over your privacy. Also, the less information a company has about you, the less likely a data breach is to affect you.
“Data rights can be confusing and time-consuming. [We want] It’s about making it easier for people to take advantage of their right to privacy,” Fass added. “we [sic] We believe that privacy is a right within the reach of all consumers. By working with companies to proactively manage your data, you can gain better control over what information exists about you and how that information is used. This is key to regaining some agency in a market where every click is carefully tracked. ”
jennifer jolie He is an Emmy Award-winning consumer technology columnist and on-air correspondent. The views and opinions expressed in this column are those of the author and do not necessarily reflect his views and opinions at USA TODAY. To contact her,JJ@Techish.com.