California Attorney General Uses Twitter To Threaten United Airlines With Possible Legal Action

from the pointless-privacy-policies dept

Can we just admit that laws requiring privacy policies are a dumb idea? They make almost no sense. No one reads them. And the laws requiring them don't require that you actually keep info private... just that you have one of those privacy policies that no one reads and no one cares about. The only ways you get in trouble are (a) if you don't have a privacy policy or (b) if you don't abide by your privacy policy. Thus, the basic incentive is to write a privacy policy that is opaque and which no one will read -- and which says "you have no privacy at all, we can do whatever we want with your data" so you could never violate it.

But grandstanding politicians see this as an easy and cheap way to be seen as "protecting the little guy" even though it does nothing along those lines. It appears that California Attorney General Kamala Harris may be jumping into the fray -- and bizarrely using Twitter to passive aggressively threaten United Airlines. In a tweet, she asks the company where its privacy policy is on its mobile app:
That link is to California's law that requires privacy policies. But, once again, we're at a loss to see what this does for actual privacy, if anything. If the app doesn't have a privacy policy, does that change how United Airlines uses people's data? Doubtful. Is anyone who uses the app actually reading the privacy policy? Doubtful. If they do, will they understand it? Unlikely. So, what does this kind of thing do? You'd think that there were, perhaps, more pressing things for the state to focus on rather than harassing companies on Twitter.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    identicon
    Anonymous Coward, Oct 12th, 2012 @ 3:50pm

    " If the app doesn't have a privacy policy, does that change how United Airlines uses people's data? Doubtful"

    I question that. If a company is forced to come up with a public privacy policy, they will be more likely to follow those rules internally, and they are less likely to put something public that says "we'll do whatever we please."

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Oct 12th, 2012 @ 4:10pm

      Re:

      Except that the vast majority of privacy policies that I've seen simply say "we'll do whatever we please," except in thick legalistic jargon.

      Privacy policies really are worthless. Companies who care about treating their customers right will do so with or without such a policy. Companies who don't will just write the policy to let them do whatever they want anyway.

      The idea was that at least people could know what the site will be doing -- but as with contract, click-through agreements, and etc., all you have to do is make it long and impenetrable enough and the few people who bother reading it won't understand it anyway.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Oct 12th, 2012 @ 5:22pm

        Re: Re:

        They usually go something like this: We promise,cross our hearts and hope to die, to never, ever, ever share your information with anyone ever, except as permitted by law.

         

        reply to this | link to this | view in chronology ]

      •  
        identicon
        MHab, Oct 13th, 2012 @ 4:29pm

        Re: Re:

        Sounds a lot like facebook (we'll do what ever we damn well please with your dataz!!!)... seems like every other day they are in the news for something related to customer data/privacy

         

        reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Oct 15th, 2012 @ 2:06pm

        Re: Re:

        Your experience differs from mine, I guess.

        You seem to assume that everyone within a "company" feels the same way about things. I don't think that's true, especially within a large company like United Airlines.

        But if the policy-makers have to confront an issue and create a formal policy, I think you're a lot more likely to get compliance with that policy from the middle management and others that might otherwise do whatever they feel like individually.

         

        reply to this | link to this | view in chronology ]

        •  
          icon
          John Fenderson (profile), Oct 16th, 2012 @ 8:38am

          Re: Re: Re:

          You seem to assume that everyone within a "company" feels the same way about things


          I assume no such thing. I'm not sure why you think that I do.

          But if the policy-makers have to confront an issue and create a formal policy, I think you're a lot more likely to get compliance


          I agree. My point is simply that most privacy policies specify that you have little, if any, privacy, so "compliance" is meaningless.

           

          reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 12th, 2012 @ 7:12pm

    I'm pretty sure the privacy policy is here: http://www.united.com/web/en-US/content/legal.aspx

    Seems like she just fails at looking.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Oct 13th, 2012 @ 9:48pm

      Re:

      I haven't seen the mobile app, but I assume it doesn't have that link in it.

      This is Californian law. Does that mean all US companies need to adhere to every law for every state? Hypothetically, what would happen if a state had a law banning privacy policies?

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Oct 15th, 2012 @ 2:07pm

        Re: Re:

        Every state you're doing business in, anyway. In your hypo, you have to adjust your actions depending on what state you're targeting.

         

        reply to this | link to this | view in chronology ]

  •  
    icon
    Bob Webster (profile), Oct 13th, 2012 @ 8:33pm

    All you need is a policy. Any policy.

    This privacy policy has been in effect for several years now, and has served me faithfully.

    http://xpda.com/junkmail/privacy.htm

    (In case the link doesn't go through, the privacy policy consists of someone headed to an outhouse in the deep snow, with the caption "Close the Door Before You Go.")

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 14th, 2012 @ 6:48am

    These agreements and policies are just a bunch of legal mumbo jumbo voodoo and I have never read an entire document.
    So you put it up on the web with a Checkbox waiting to say 'I read that' but you have no real proof. How about making them shorter and making me prove I read it. How about a short quiz at the end of it? Yea right!!
    I want a universal ID system for the web. Then I won't have have to agree any more. I am logged in and if I use your stuff I agree.
    One log in for each person. I am so sick of logging in, that I want to stay permanently logged out.
    I don't want to log in with Facebook (takes longer) or register for an account. I simply want to pick my web name from the cloud and if no one else is using it I get it. I can then maintain my log in account on my own. I would gladly pay for this annually, do you hear me entrepreneurs? Then all I would have to do is start my computing device and log in once. No expiration, no you waited too long.
    Because of the log in nightmare I as a developer have to maintain a text file that is currently 350 lines of user names and passwords. I have to keep it encrypted and make daily backups of it because if I lost it or got it stolen I could never recover it, never.
    Let's use some intelligence in the software development please. It's very simple to see if I have rebooted or changed users on my computer. If so then ask me for the ONE password for my ONE log in.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 14th, 2012 @ 9:41pm

    The purpose of these laws is to enrich plaintiffs' attorneys.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Lennart Regebro, Oct 19th, 2012 @ 11:32pm

    You get in trouble if you don't abide by the policy?

    Really? In what way? Because if you do, then that means privacy policies are actually kinda useful. I always thought the problem was that you can have a policy and then ignore it.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    sam, Oct 31st, 2012 @ 9:07am

    Enter your zip code here

    Donít forget to blow your nose gently each time after you finish the procedure. This way you will speed up the cleaning process. Usually patients with neti pot deviated septum , who use neti pots, notice improvement from the first day of their treatment.

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This