Techdirt. Stories filed under "stores" Easily digestible tech news... http://www.techdirt.com/ en-us Techdirt. Stories filed under "stores"http://www.techdirt.com/images/td-88x31.gifhttp://www.techdirt.com/ Wed, 13 Feb 2013 10:43:00 PST Google Play Flaw Gives App Developers Purchaser's Information Timothy Geigner http://www.techdirt.com/articles/20130213/09394921962/google-play-flaw-gives-app-developers-purchasers-information.shtml http://www.techdirt.com/articles/20130213/09394921962/google-play-flaw-gives-app-developers-purchasers-information.shtml privacy policy to the images on Google maps has been hurled at them, with most of the intelligent analysis of said concerns amounting to indifferent shoulder shrugs. Privacy is important, of course, but there's yet to be any sense of malicious intent or gross oversight in these cases. Rather, they tend to fall into the category of potentially yet unlikely dangers brought about by the very nature of expanded technology.

Perhaps that's why it feels so strange to learn that Google's Play store is so callous with user data, offering up names, street addresses, and email addresses to app developers when their products are purchased. This, according to developer Dan Nolan in Australia.
"Let me make this crystal clear, every App purchase you make on Google Play gives the developer your name, suburb and email address with no indication that this information is actually being transferred," Nolan wrote on his blog. "With the information I have available to me through the checkout portal I could track down and harass users who left negative reviews or refunded the app purchase."
If accurate, Google making that information available is at best stupid. As the selling platform, there's simply no reason to do it. Why does the guy or girl who created the Fat Booth app that so delights my friends need to know where I sleep at night? It might be a case where there's confusion about the roles each one is playing. If Google merely views itself as a platform for others to create a store, then you could kind of see where this made sense. App developers are then setting up their own "store" where there are advantages to them having a direct relationship with their customers. The problem, however, is that users don't view it this way. They think of Google as "the store" and this looks like them handing over their private info to the suppliers. And that certainly feels like a pretty massive privacy breach.

More importantly, as the article notes, the implications on how malware creators could exploit this are even more worrisome.
With Google customers' details just sitting in developers accounts, all it would take is a half decent piece of malware software for that information to be accessed. These personal details could then be used to access the users' bank details. That's also more than enough information to be able to access your other devices which could also be mined for more data - insurance information, other credit cards - which could then be used to access your banking credentials.
Due to these very concerns, Nolan expresses his displeasure and discomfort with having that information at all. Worse, if there's any way to opt out of receiving it, he can't seem to find it. Just as worrisome as the flaw is the fact that no one else bothered to report it. Whether this was laziness, ignorance, or the very real possibility that many developers were doing something underhanded with their customers' information is unclear, but all three possibilities are damning to Google, which certainly should have known better. Worse yet, Google is quite clear in their TOS that it can store this information once you provide it, but there's is no mention of their passing along that data to app developers in their privacy statement.

While there's yet to be any response from Google as of the time of this writing, the original article did note that Google had already requested an amendment to the story, meaning what remains of it is likely accurate. The speed with which Google needs to fix this would be mach-infinity.

Permalink | Comments | Email This Story
]]> uh,-why? http://www.techdirt.com/comment_rss.php?sid=20130213/09394921962 Tue, 16 Oct 2012 05:18:09 PDT Digital River Loses Patent Suit Despite Doing What Was In The Patent Two Years Before Patent Was Filed Mike Masnick http://www.techdirt.com/articles/20121013/01420420698/digital-river-loses-patent-suit-despite-doing-what-was-patent-two-years-before-patent-was-filed.shtml http://www.techdirt.com/articles/20121013/01420420698/digital-river-loses-patent-suit-despite-doing-what-was-patent-two-years-before-patent-was-filed.shtml quite a lot about the details and have firsthand knowledge that the patents are 100% bogus. The case involves a patent troll called DDR, which was built out of the ashes of a failed dotcom called Nexchange, which tried to build affiliate style stores that could be embedded in other websites, with their look and feel. DDR sued a few companies, including Expedia, Travelocity, Orbitz, Digital River and World Travel Holdings. Everyone but Digital River and World Travel Holdings settled. The main company here is Digital River -- and the key patent, 6,993,572 is ridiculous and never should have been granted. Even Nexchange admitted it wasn't doing anything new -- though it insists it was the first to do it "on the internet."

It wasn't.

Digital River pointed out that it had been doing the same thing since its founding more than two years before Nexchange filed for its patents. I can confirm this first hand. In June of 1998, I started working for a company called Release Software. Our main competitor? Digital River. We were always up against each other in trying to do deals to build exactly these kinds of stores. In fact, by the time I started (months before these patents were filed), Release was already supplying "store within a site" offerings to a number of sites, including Egghead (remember them?), Canadian electronics giant Futureshop, and had also done download "kiosk" sites for software companies like Adobe and Intuit -- all of which were designed to match the look and feel of the original site exactly.

DDR's response to the claims that Digital River was doing it first was that they did it badly, so it didn't count. Seriously. From the Joe Mullin article linked above:
When DDR lawyers got their chance to cross-examine Pichler, they flipped through many of the same webpages, then talked about differences between the host pages and the store pages that Digital River served up. For example, on the Digital Frontier website, the store page was missing the navigation bar present on the main Digital Frontier site.

Pichler admitted that some of the pages looked different. “Our goal was to replicate the look and feel of the website,” but each client had its own peculiarities, and some stores matched their hosts better than others.
To some extent, this is true. Digital River was bad at matching the look and feel of clients. But we weren't. In fact, I remember that was part of our sales pitch to beat Digital River on deals. When we built the stores, they really matched the look and feel. Shoppers on Egghead had no idea that they'd really left Egghead's main site to enter our site, for example. Even so, I'm not sure that any of this matters. Release clearly was doing what DDR now claims Nexchange "invented" (well after we had been doing it). And, even given all that, does anyone think it's reasonable to claim that the only reason Digital River couldn't "match the look and feel" was because of some great "invention" of "matching the look and feel" in the patent? That's insanity.

But, this is East Texas... where insanity rules. On Friday, the jury ruled in favor of DDR, saying that the patents were valid and infringed upon by Digital River (and WTH). It ordered both companies to pay $750,000 each, which is much less than what DDR was asking for but is still ridiculous. What the patent explains was not in any way "new" in September of 1998. I was already working on new deals to provide the same thing months prior, and the company I worked for already had numerous deals where we exactly matched look and feel.

Either way, just the idea that anyone could get a patent on the idea of integrating an e-commerce store into another site is pretty ridiculous. As far as I know, when we were at Release, we didn't even bother filing for such patents, because, seriously, who would patent something so damn obvious?

Finally, this once again highlights the difference between an idea and actually executing in the market. As Mullin highlights, even if it was true that Digital River didn't match the look and feel exactly, the company thrived and is still in business, making over $300 million last year. Nexchange completely flopped. So if matching look and feel exactly was so important... then shouldn't Nexchange have thrived? Hell, shouldn't the company I worked for have thrived as well? It didn't. It flopped, too. Digital River beat us silly, because while we were focused on silly things like matching the look and feel exactly, it was focused on what customers at the time actually wanted: more things to sell and better tools to manage the store. We couldn't keep up with their platform (or their ability to source products) and Release eventually shut down. As for Nexchange -- I never heard of them, and I was in charge of keeping our competitive matrix up to date with all of our competitors. If they were in the same market, they sure didn't make a splash.

Execution in the market is what matters. Digital River did it. Nexchange did not. The only thing this ruling has done is to punish the company that actually executed by making them give money to the guys who completely failed in the market. It goes against everything that we, as a society, should be encouraging. It's taking money from the successful companies to give it to the ones who failed.

Permalink | Comments | Email This Story
]]> broken-system http://www.techdirt.com/comment_rss.php?sid=20121013/01420420698 Fri, 5 Feb 2010 16:48:00 PST Online Comic Book Store Stands Up To Olivia Munn Lawyers Over Parody Comic Book Mike Masnick http://www.techdirt.com/articles/20100204/1914318059.shtml http://www.techdirt.com/articles/20100204/1914318059.shtml Boing Boing points us to the news that Heavy Ink, an online comic book shop, is pushing back against the lawyers for geeky TV personality Olivia Munn, after those lawyers demanded Heavy Ink destroy all copies of an Olivia Munn parody comic book called the Celebrity Showdown Olivia Munn One Shot #1. Of course, since Heavy Ink is just the retailer, it's not responsible for the content itself anyway, so the original letter was somewhat mistargeted, but even so, Heavy Ink makes the argument that the comic book itself is protected parody:
Nigel,

Re: your letter of 4 February 2010 regarding

http://heavyink.com/comic/13136-Celebrity-Showdown-Olivia-Munn-One-Shot-1

I write to clear up some misconceptions.

First, the item offered for sale is not "our" comic book - it is created by a third party and offered for sale through our website.

I have never heard of Olivia Munn until you brought her to my attention, but a quick web search turns up a Wikipedia article describing her thusly

http://en.wikipedia.org/wiki/Olivia_Munn
Olivia Munn (born Lisa Olivia Munn) is an American actress, model and television personality.
and her self promoting web page at

http://www.oliviamunn.com/

where she displays near topless pictures and links to a cover shot at Maxim magazine.

Given these two websites, it is clear that she is a public figure. As a public figure, the use of her likeness meets the tests for the parody copyright exception set forth in both Campbell v. Acuff-Rose Music, Inc. and the more recent Suntrust v. Houghton Mifflin.

As such, we have no intention of taking down our webpage, destroying any inventory, or refusing to offer the comic for sale.

If you have any further comments you may reach me at this email address,

Travis Corcoran, President
Heavy Ink


Permalink | Comments | Email This Story
]]> parody-as-free-speech http://www.techdirt.com/comment_rss.php?sid=20100204/1914318059