Reddit, Sears, Grills That Cook Babies... And The Streisand Effect

from the have-at-it dept

Adam sends in a link to a Reddit story where it comes out that someone (not entirely sure who) decided to push Reddit to take down an earlier story. Apparently Sears.com had some oddity in how content on its e-commerce site was displayed, and with a little URL-hacking some folks were able to create a Sears.com e-commerce page for a barbecue grill designed to cook babies:

Pretty amusing, and obviously something that Sears wasn't all that happy about. Sears's explanation for what happened doesn't quite make much sense, but what would you expect?

We discovered earlier today that someone visiting our site had defaced a limited number of product pages

It wasn't so much "defacing" from the sound of it, as it was a bug in the way the site was set up, but, what doesn't make much sense is that someone then forced Reddit to remove its original thread discussing Sears' URL hackability. It's not at all clear who specifically got Reddit to take down the thread, though an admin admits that he was told to take it down. The obvious list of culprits, of course, would be Sears and Conde Nast (owners of Reddit).

Still, it should come as no surprise that the Reddit community doesn't take kindly to the idea that someone (whoever it might be) can dictate that a Reddit thread get deleted when it's not spam. So, now they've been pumping up this particular story about Reddit pulling down the thread, giving the whole story much more attention. Wouldn't it just have been better to fix the URL-hackability and let things be?

38 Comments | Leave a Comment..

Sears Settles With FTC For Putting Spyware On Customers' Computers

from the customers-aren't-lawyers dept

You may recall a couple years back, a controversy over the fact that Sears appeared to be installing spyware on the computers of online customers who had agreed to join a "community." Sears insisted this wasn't true, and that it really was software to help create a community of shoppers -- but the evidence suggested otherwise. The FTC eventually got involved, and now Sears has settled the charges that it was unfairly spying on users without clearly indicating this to users. Sears insisted that because the fine print of the terms of service for joining the community said that it would track your online browsing, it was in the clear, but the FTC noted, accurately, that most users would not have gotten that impression from signing up. As Thomas O'Toole notes about this ruling:

I'm pretty sure that attorneys would understand the breadth of the consent covered by the phrase "online browsing." It means everything. The position taken by the FTC signals the agency's belief that consumers should not be treated like lawyers when it comes to privacy-related disclosures. The FTC also appeared to be concerned about the fact that the disclosure was buried in a lengthy privacy statement, which was displayed to the consumer rather late in the consent-collecting process.

This is a good thing. Customers shouldn't need to be lawyers to understand what it is they're agreeing to, and it's nice to see the FTC recognize that fact.

14 Comments | Leave a Comment..

What's Wrong With Competition?

from the can-someone-explain dept

A reader named EmJay wrote in with a snide comment about how we wouldn't write about the following story because it's a case where "copyright and patents made sense." I never understand these sorts of comments. We write about all kinds of cases, and if there were one where an intellectual property lawsuit made sense, we'd be thrilled. It would be an example of the system working as planned: encouraging innovation. That would be fantastic. Unfortunately, EmJay's example is no such thing. It's not an example of the system making sense, but of the system being used to slow down innovation and block competition.

The story involves a guy who started making plastic turkey wishbones for Thanksgiving/Christmas celebrations, so that families wouldn't have to fight over the actual turkey wishbone in the traditional "breaking" of the wishbone. Of course, maybe it was just my family, but I don't recall ever "fighting" over the wishbone. Anyway, the agency Young & Rubicam, which represents Sears, had asked for a sample for possible inclusion at Sears. A year later, Sears was selling a similar plastic wishbone, made by a different company, so this guy sued and won. From the article, the guy says they won on both patent and copyright infringement claims, but that's not true. The lawsuit was over copyright infringement claims only, and Sears made two good points that should have prevailed, in our opinion. First, you can't copyright something occurring in nature -- such as a wishbone. Second, the wishbones that Sears ordered were in different colors and sizes than the ones supplied by the original company.

And, in fact, that's exactly how competition should work. Sears pushed another manufacturer to innovate, designing different (and, in their opinion, better) wishbones. That's competition and that's how innovation works. In fact, the guy from the original company now admits that his company didn't do any updating of their design for years while fighting this lawsuit, and are just now starting to update the design. In other words, all copyright did was get these companies locked in a silly legal battle, rather than focusing on providing better solutions to customers. It's too bad this guy was afraid to compete in the marketplace.

60 Comments | Leave a Comment..

That Didn't Take Long At All: Sears Sued For Data Breach

from the $5-million,-please dept

Well that didn't take very long at all. Late last week, it was revealed that Sears.com was revealing past purchases to anyone who knew your name, address and phone number -- a violation of Sears' own privacy policy. And, by Monday, we have a $5 million class action lawsuit against Sears. While I do think Sears made a huge mistake here, the class action lawsuit seems a bit extreme. There's no evidence that anyone was actually hurt by this -- and while it was a dumb move by Sears, it's not difficult to understand how it likely came about. Chances are Sears will settle this quickly just to get it out of the news, but really the only winners will be (as per usual) the lawyers.

25 Comments | Leave a Comment..

On Top Of Spying On Its Users, Sears Reveals Your Shopping Data To Anyone Who Wants It

from the well,-that's-useful dept

Weren't we just discussing the idea of criminal liability for egregious security problems with data? And... weren't we also just discussing Sears' offering to install spyware on your computer without much notice and all in the name of community? Well, let's combine those two stories. Ben Edelman has been doing some more digging on the Sears website and discovered a rather massive security hole allowing you to look up the purchases at Sears of just about anyone so long as you know their name, address and telephone number. As Edelman notes, this appears to be in direct violation of Sears' own privacy policy (and, well, common sense, but that's a different story...). So, now, Sears.com is spying on users without making it all that clear and revealing all customer purchase data with poorly implemented security. It's not a particularly comforting picture.

22 Comments | Leave a Comment..

Sears Online 'Community' Still Looks More Like Spyware Than A Community

from the let's-try-that-again dept

Last month we wrote about how Sears and K-mart's websites both were urging people to join a "community," but that community didn't seem like much of a community at all. Instead, it involved quietly installing Comscore's tracking software without telling the user, and then tracking all of their web usage. Following all of this, a VP from Sears responded to CA's original post on the subject trying to refute the claims. However, well-known spyware researcher Ben Edelman has now weighed in on the subject, checking out this "community" and finding plenty to dislike. As the initial report noted, it's not clear at all to users that they're installing Comscore's tracking app, and even the few notifications that mention it are somewhat unclear. Given that both Edelman and CA have pretty clearly documented what's happening, it's hard to see how Sears can claim that the company "goes to great lengths to describe the tracking aspect."

15 Comments | Leave a Comment..

Sears.com: Join Our Community... So We Can Spy On Your Every Online Move

from the ouch dept

Rich Kulawiec writes in to let us know that Sears.com and Kmart.com (owned by Sears) have been inviting visitors to those sites to "join our community." However, rather than joining any actual community, what you appear to be doing is installing spyware that reports on your every move online. It's actually a trick to get you to install Comscore's tracking app. Comscore has been accused in the past of distributing spyware surreptitiously, which the company vehemently denies -- but it's hard to see how this is above board. It's certainly worse than Facebook's Beacon fiasco. What happens is that you are asked if you want to "join the community," and then, without clearly explaining what the software does, Comscore's tracking software is installed. After that, all of your online activities -- including to "secure" sites like banking sites -- is sent directly to Comscore, despite Sears' website insisting that none of the data you share will go to anyone but Sears. As for the "community," it doesn't seem like there is one. The security researcher who signed up for the community says that once the software is installed, there's no obvious indicator that it's installed or running -- and he received no "communications" from the so-called community whatsoever. Basically, it sounds like it's just a trick to get you to install this tracking software while hoping you'll forget about it.

19 Comments | Leave a Comment..