Friday, February 12, 2010

Privacy warning regarding Yahoo mail

Hey, all you Yahoo mail users out there. I just found out that Yahoo Mail (you know, the thing you thought you were using just for e-mail) is now pretending to be Facebook and being, if possible, even worse than Facebook about privacy. Suddenly, out of nowhere, Yahoo mail is making available to the public your birthday, including your age, and your location without your permission. Those under age 18 do not have their age displayed. You can get it to hide your age if you are over 18, but the location and the birthday day and month will continue to be publicly available information. Your only recourse is to put in a phony location and birthday, which I think is perfectly justified, considering that the information is no one else's business and certainly is not something Yahoo has the right unilaterally to publish.

Naturally, if you start using their posting option and posting "statuses" (see the Facebook envy coming out?), adding more information to your profile, and the like, you'll have to encounter a whole web of privacy settings and such, which I have no interest in mastering, so I just don't use those features.

It's particularly outrageous that minor children have their locations displayed as part of their public profile without their or their parents' consent now on Yahoo, and the only way to get around this is to discover it and enter something like "Undisclosed Locationville, AK," on your child's profile. I find this really angering.

So far, Google mail has not jumped on this bandwagon all the way. Gmail has added a "buzz" feature which is similar, but here's the difference: Thus far, gmail does not automatically generate a public profile for you without your consent, as Yahoo did. You have to create such a profile deliberately if you want to use the "buzz" feature, so if you just don't use that feature, you don't have a gmail profile. Of course, if you have a blogger account, such as the one I have for this blog, you already have a Google profile, but you made that one on purpose and can control its contents. So Yahoo gets my thumbs down and Gmail my thumbs up on the privacy front.

11 comments:

zippy said...

I think the direction these companies are going with privacy is unprecedented in human history and downright dangerous, in a whole host of ways that most people probably haven't even thought about.

One of the ways that law enforcement tracks drug dealers, etc is through their network of contacts. It is pretty incredible what you can determine about a person just by knowing his network of contacts; not the content of conversations, mind you, but just the network. And that is right now, with the tech in a very early stage. I think folks who make their "friends lists" public - which you have no choice about on (e.g.) Facebook, although they lie and make it look like you do have a choice - might as well install cameras with audio in every room of their homes and run a continuous webcast to the entire world, including all authorities and private parties. And keep a recorded archive of it also available, so that everyone from the Local Library Pervert to Homeland Security can browse at liesure using automated tools.

Most people who hear that kind of thing will dismiss it as conspiracy-mongering, etc. But it isn't a conspiracy when it happens out in the open -- it is a social trend. A very, very dangerous one.

And yet people who freak out over the Patriot Act just blissfully and cluelessly use (e.g.) Facebook (which used to be a private service, but since last December is not private anymore). Jump on board, connect with your friends, have a few laughs. Pay no attention to the fact that BATF can now deduce to a great degree of likelihood whether or not you have any "assault weapons" and if you are likely to be part of a "right wing militia", all from stuff voluntarily made public. Just as an example. Don't even think about the nascent hacking tools great for generating potential victim lists using publicly available "social network" information.

People have just gone freaking crazy, and they don't even know it.

Lydia McGrew said...

I must admit, I thought making birthday and location public information was ratcheting it up a bit. Last I checked, your birthday is the kind of private information that you use for identification purposes. Sure, your bank requires _more_ than your birthday, but both your bank and your doctor's office, for example, consider birthday info. top-secret. Location, too, is really shocking. How many people set up a Yahoo mail account and entered their location (actual town and state) thinking that this information was just going to Yahoo? Then, suddenly, it's out there for the whole world. I hope and assume that someone like, say, Robert Spencer (who has real privacy and security issues) didn't set up a Yahoo mail account like this.

William Luse said...

I went over there and changed my birthdate to Jan 1, 1890. And a few other things. It takes a lot of clicking around to cover all the bases, though, and I'm not sure it's all taken care of. I'm thinking of dumping the account and just using my home email for everything. I don't know what to do about Facebook.

Lydia McGrew said...

So far it will let me hide my age but will not let me change the year of my birth. They say you have to wait 30 days after first "activating" your profile (which actually, they "activated" for me without my doing anything) before you can change your birth year. At least, that's how it was last night. I should try it again today. But as they let you hide your age, I suppose that means your birth year is hidden anyway. Hopefully.

It's beyond me how they can do this without getting sued. If my doctor's office went publishing the birthdays of all its patients on the web, they'd get in huge trouble, I'm pretty certain.

Lydia McGrew said...

Okay, cool, now it lets me set my birth year to 1890.

zippy said...

Well, I know that different laws, e.g. HIPPA, apply to medical information. But on Yahoo and Facebook you agree to terms of service and then they can do what they want within those terms. So far Google seems to be the privacy good guys --probably because they basically print money with the search engine, whereas Facebook still doesn't have a Google-class business model -- it needs one since it turned down a multi-billion dollar acquisition and took in money at a $15B valuation, I expect the principals get wiped out if they don't find a Google-class business model - and Yahoo has been in a slow decline for years now. So anyway big G seems to be the privacy good guys so far but still bear watching like a hawk.

Lydia McGrew said...

I suppose for completeness' sake I should add a mention of gmail's odd thing where a bot apparently scans the e-mail you happen to have open at the moment and generates ad content around the margins based on keywords seen in the e-mail. I don't know how much of a privacy concern this is. So far, it doesn't bother me too much, though I'm not overly happy about it, either.

William Luse said...

I told Zippy he could make his next million by starting up a privacy and Christian-oriented Facebook, but he hasn't shown any interest, so I guess it was a dumb idea.

Lydia McGrew said...

I don't think it's a dumb idea, but that doesn't mean he'll do it. I'd have to get all my FB friends to join. :-)

romishgraffiti said...

I'm scrounging for decent work Zippy, so let me know if you start anything up. :)

Scott W.

zippy said...

Well Scott, maybe we can at least start a Shadows or David Gilmore cover band or something. I hear that is really lucrative =8^]