Posts Tagged "privacy"

There has been a lot of confusion lately over the Facebook Messenger app and what it wants to do once it’s on your phone. There are blog posts and reports saying the sky is falling, the permissions are insane, and everybody should uninstall it or never install it. There are blog posts and reports saying no, that’s a hoax, it’s really OK, go ahead and install it.

As an Android fan girl, I read the permissions for the Android app.

Interestingly, Facebook has named their install file “orca” as in killer whale. I’m assuming they are hoping it’ll kill Google Hangouts, Google Voice, and your phone’s text messaging and calling. Because it wants to be all of those things… the killer (whale) app.

It’s all there in black and white, no need for he said/she said.

This is an easy one to determine. We don’t have to wonder whether alarmists are right or mellow, unworried people are right. And you are welcome to install it or not. But you should know to what you are agreeing to give Facebook access (that they don’t have access to now). For example:

• A log of your past phone calls. Why does Facebook need to see who I’ve been calling?
• The ability to dial my phone for me. Well, I can do that myself nicely, thanks. How about you just tell me the number.
• Sending, receiving, reading, and editing text messages (SMS and MMS aka multimedia messages aka pictures you and others text each other). Facebook wants to see those and send them for you. Thanks but I don’t need any help there.
• All the Wi-Fi networks I’ve logged into. Why?
• Keep my phone from sleeping. Well, that sounds like a serious battery drain. Why would you want to do that?
• The ability to download files to your phone without telling you. OK, what? What is so important that you need to download files AND not tell me?

That’s just some of the permissions that make me uneasy. You might dislike other permissions once you read all of them.

I uninstalled the app a few weeks ago. I don’t miss it. I have a shortcut on my home screen to the mobile web page for Facebook messages. That’ll work fine. Anybody who needs my attention faster can email, call, Google Hangout, or text. It’s not like you can only reach me via Facebook messages. I could never use that again and reach people just fine.

Beware of Orca

It’s important to read permissions. I have uninstalled other apps when they updated their permissions. I remember when Skype wanted to turn my wifi on when it felt like it and “Draw” over everything else. I uninstalled.

Sure, you might say what’s the point. Internet privacy is like airport security… it’s a lame story, so why bother. Go ahead. I understand that as an Android user, Google knows everything. But I don’t need Facebook to know everything. I can control that. That’s what I’m choosing to do.

What do you want to teach Facebook and future companies about what they can do inside your phone or with your information? Jeez, this article doesn’t even TOUCH what Facebook could possibly down the road do with all they collect about you. Could they then let advertisers advertise to you differently because Facebook notices you keep calling certain businesses? I don’t even want to imagine.

Killer Whales. Not known for being nice.

Maybe I’m just a power user on the end of a bell curve, but I think Facebook privacy has a long way to go. Here are some of my suggestions for Facebook.

Block Anybody and Block By Email Address

Right now, if Person X blocked you on Facebook, you can’t see them to block them. And you might REALLY want to block them. If they unblock you, you won’t know it. They might read or comment on your public stuff. You will be damn surprised. And by the time you go to do something about that, they’ll have blocked you again. This means we need Facebook to let us block people, even if they have blocked us.

And I’d like to block by email address. I may not know what real or fake name someone is using on Facebook. But I may have an email address that matches an email address Facebook knows. Let me block those people so that whatever name or account they create, Facebook knows I don’t want them seeing me ever. Period.

Heck, blocking by domain would be great. What if someone I deeply distrust has his or her own domain. He could create endless email addresses there. I’d have a hard time knowing them to block them. I’d love to tell Facebook anybody with an email @______.com should be blocked.

Blocking By Specific Targeting

Let’s say I have some really bad exes (I do!). Let’s say I want nothing to do with anybody from their world. And I don’t know enough names to keep blocking them all. I would love to be able to tell Facebook that anybody who is friends with Person X (or a certain email address) AND isn’t friends with me is auto-blocked. That way, as he adds new friends, I have them blocked. If he makes a dummy account and friends himself, which I can see at least one of them doing, he’d be blocked.

And if my Block By Email Address were in place, I could also block an ex by knowing the email address of a couple of people in his circle. I could tell Facebook to block anybody friends with his best friend… or Mom… or sister. That’s then likely to include him no matter what name or email he used to sign up.

I’d also like to block by Page or Group. I know a few groups that really attract some crazies. A few FB pages too. I’d love to tell Facebook that if someone is in that group or likes that page and isn’t already my friend, block them all.

Apps Getting My Info MUST Be Double Opt In

Right now, if a friend of mine approves a Facebook app that grabs her friends list and friends’ info, I have no idea that’s happened. I had no say. I may not have approved that. And there’s nothing I can do to stop it.

Before some “Hot YouTube Videos” app is grabbing my name so it can send my friend fake emails from my name (which might look real to her and fool her more than the typical spam), we should BOTH have opted in and approved that app. If we BOTH did, then we got what we deserved. But I would like to see Facebook apps not able to access ANYTHING about me unless I approved them. Sounds so logical, right? Yet, it’s not how it works.

You might say that poops on the whole idea of the graph. I don’t care. This is about privacy, control, and my info, and I didn’t opt in to anything about me being given out.

Let Me Use My Last Initial

I’d like to be Debbie L. That would be harder for people to find me. My not-that-common last name wouldn’t be given out because my friends approved an app for this sick little girl who needs your likes. Facebook won’t let me do that. So while people are named “NoLastName” and other weird things to get around this, I just say Facebook, let us use a last initial.

Block By IP and Other Matching Data

When eBay suspends a member, their policy is that they don’t want you back under any name. They often suspend other accounts they think are yours or connected to you. And if you try to come back and they put 2 and 2 together, that new account will be suspended too.

Facebook should be that smart. If I have blocked Person X but he closes his Facebook account and opens another with some other name and email, Facebook should be as smart as eBay. They should be able to say with reasonable certainty that it seems to be the same guy. We should pre-emptively block this account too for Debbie.

Friends of Friends Are Strangers. Keep Them Out.

Facebook will show some things I post to Friends of Friends. Facebook should realise that my friends’ friends are strangers to me. I don’t know or trust these people. In fact, I have plenty of friends who add ANYBODY that sends them a friend request. That means some of my “semi-private” stuff is now being shown to scammy strangers. Facebook needs to be smarter and keep things from people who aren’t my friends.

Better Removal Of Fake and Scammer Accounts

I’m tired of getting messages and friend requests from accounts that are clearly fake. If I can look at them and know they’re fake, Facebook has to have an automatic way to weed these out. But of course, that would skew their advertising numbers since some of the fake accounts are there to click on ads and like pages, not to spam me. So many scams. Facebook should care and do more, and blog posts I read keep saying they won’t.

These are just a few ideas that I think would really help with privacy.

There’s a lot of buzz about Disney’s new MagicBands at Disney World in Florida. In the old days, when you stayed and played, you got a card with a swipe strip. This was your hotel room key, room charge card, park tickets, and how you got your FastPasses (that let you dodge long line rides by coming back later).

MagicBands replace the cards. You wear a wrist band with an RFID chip and tiny battery. This wrist band gets waved all over the place to open your hotel room door, charge things to your room, get into parks, and get FastPasses. You can also associate pictures Disney staff and rides take of you with your PhotoPass account.

Since they’re using RFID, some people are getting nervous. They’re concerned that Disney will track their movements around the park. And think of the children! They might track children, and isn’t that a breach of privacy!!!

I don’t see it that way.

Thing 1, Disney World is a public place. What is my expectation of privacy in a public place? Not much when in theory, a marketing person could follow me ALL DAY and write down everything I do, eat, buy, ride, etc…

Thing 2, I’m sure before MagicBands tracked people, there were plenty of other ways to track people. The old card system knew where I was, what I was buying, where I stayed, and what FastPasses I got. Cameras can watch me everywhere. Experts track people’s movement through parks and shops. Disney even has/had a manual system that helps them know how long a ride wait is. They’d give someone entering the line something they had to give to the staffer who seats you on the ride. They then know how long that wait was.

We’re kidding ourselves if we think Disney weren’t the masters of tracking, understanding, and catering to human behaviour, even before RFID got involved.

Thing 3, I don’t remember a giant outcry when Disney World sold “Pal Mickey.” He was a stuffed plush Mickey that told you stories, asked trivia questions, and tried to keep you occupied when waiting on lines. But he also reminded you when parades were, and he told you when certain characters were near you. This means he had RFID or something in him that knew where you were.

Thing 4, let’s say Disney is using some long range tracking around the parks to see who’s moving around where and how. Let’s say your child is lost in EPCOT, which is a 300 acre park. And they don’t make announcements over speakers for lost children like it’s Walmart. Would you be happy that MagicBands saw your kid at The Land pavilion 7 minutes ago, helping you find your lost child more quickly?

Does that mean I’m for this? Well, it’s a vacation experience with a company known for forward-thinking technology. And you can opt out. They’ll give you the old card if you don’t want the wrist band. And I also believe Disney will keep the data for themselves and their use to improve the parks, guest experiences, and get people to spend more and stay longer.

I also think the data Disney collects is nearly useless to anybody else. What can Procter and Gamble do knowing how long the average woman is in a Disney bathroom? What can Coca Cola do knowing what the average guest spends on souvenirs? What can Siemens do knowing the average guest eats chicken fingers for lunch and then rides the carousel?

So I don’t feel particularly afraid of the data or how it will be used. It seems like a very specific application to me. I guess I can’t really find the problem here. This info won’t come up when you Google me. Nobody is going to call my house or mail me flyers. Pictures of children won’t be on the internet (more than Moms and Dads post them now).

So I’m not sure what the problem REALLY is. MagicBands are a more efficient way for Disney to do what they were already doing in a public place.

I recently moved in with my boyfriend. So excited. 🙂 Went to post to Facebook using their “post a life event” flow. I followed that to home-related events, and chose New Housemate. Why not.

I filled it out with the date we moved in, and wrote my comments. I hit SAVE, and got an error message saying Facebook won’t let me post that unless I tag someone as my housemate. I tried writing, “Boyfriend” since I know in some Facebook fields, you can write general things, and they let it go. But not here. Click to enlarge:

I decided to try another route. Went back and started again. Post a life event. Home-related event. “Other.” Put my details in there. Who this event involves is evidently optional, so I was able to post it without tagging anybody. Click to enlarge:

That’s an inconsistent user experience, and just seems odd. If you don’t really need to know WHO, then let me post without WHO. My boyfriend doesn’t use Facebook. Those people exist. I should be allowed to post any life event with my boyfriend without having to tag him as the other person at the event.

It’s like I’m psychic! I was JUST posting about how the biggest problem with Facebook privacy isn’t their terms (yet). It’s your own friends. I wrote a blog post about it.

Around Xmas, people thought that Mark Zuckerberg’s sister must not have understood Facebook’s privacy and UI because a family picture she posted ended up getting reposted to Twitter. How DID that happen? Did it happen because evil Facebook took her picture and put it out there while she flailed and yelled for help? Not exactly.

One of her Facebook friends assumed her picture was public because she saw it in her News Feed, and she reposted it to Twitter. Never repost, broadcast, publish, share, print on a t-shirt, or do ANYTHING with someone else’s stuff without getting written permission with them. Not only is that good manners, but depending on what you want to do (like print it on a shirt), you may be subject to copyright laws. Just because you saw it on the internet doesn’t mean it’s free or isn’t owned by someone who may want to enforce who can do what with it!

Randi was sure that she knew how to use Facebook privacy settings, so this isn’t about Facebook privacy.

But This Is About Facebook’s UX and UI

Play this out with me for a moment. A photo comes down your Facebook News Feed. How aware are you if that image is Friends Only or Public? Can you tell which friends got to see it? Maybe the person who posted the photo used Facebook lists or other features that allowed only 5 people on the planet to see that photo, and everybody else was blocked. As a recipient or viewer of content on Facebook, you really DON’T know the intentions of the person who posted. You don’t know how semi-private he or she meant to be.

If you’re really good with Facebook, then you recognise the little grey “world” icon here, and you know this was completely public. Facebook gives you a “share” button reminding you to re-broadcast it to your peeps!

But what would you know about an image if it had this under it:

If you notice small, grey icons, then you know this was just to his friends. You don’t know which friends. Using Facebook lists, your pal could have posted it to just 2 people. Or maybe it was to all his friends. You could stop there and think hey, my friend didn’t post this publicly… he might not want me to re-share it publicly. Yet there’s Facebook, giving you the “share” link and inspiring you to re-broadcast it. How can you possibly truly understand that people might feel “privately” about something when Facebook automatically tells people to re-publish it (which takes it out of someone else’s control)?

You don’t know from the above markings that your friend would HATE it if you re-shared the image, even just on Facebook. You don’t know that. I can only assume Facebook will have to start building that option into posts… like “turn off the share link” as an option so that people who kinda just want to share things with friends can kinda just try doing that… and hope for the best!

So while I’m not thrilled that some random woman took Randi’s photo and posted it publicly to Twitter, I can see HOW it would happen. It seems at first like a breach of the friend code, and it kinda is. But it’s ALSO a good reason to focus on the Facebook UI and realise that ideas of privacy or “can I share this” are not really clear to most people, especially when there is a “Share” link there making it seem like that’s a good idea.

Another Example

Just at the end here, I wanted to throw in another example. My boyfriend feels strict about Facebook and online privacy. So much so that he doesn’t use Facebook, and he doesn’t want me posting pictures of him or us. Weird in 2012/2013, but OK, I can do that. I also decided that on public posts, I will refer to him as “boyfriend,” and not use his name. He’s very happy about that.

So public posts (grey world icon), he’s “boyfriend.” Friends-only posts (grey people icon), he has a real first name.

I recently noticed that my friends had no idea I was doing that. And how could they. I could write that 100 times in my Facebook feed, and I can’t be guaranteed that every friend would see my request. How did I realise this? I did a public post where I said boyfriend, and one of my friends responded and used his first name.

World didn’t end. Not for me, boyfriend, or Randi. But I think these are starting to highlight how people on Facebook don’t really understand HOW public or private people feel things are. “Share” links certainly don’t help that!

Oh, that meme is going around again. The one where people think that if they post to their Facebook wall that everything is theirs and they own the copyright and let’s name a few laws that that OVERRIDES Facebook’s terms and conditions. It doesn’t. Just like standing up and yelling that your high speed internet will now cost $2/month because you want it to does NOT make your internet cost $2/month. Comcast will keep billing you the regular rate.

One thing seems to be lost on most people, and that is that the biggest risk to your privacy relating to Facebook is YOU. We can break this into three simple factors.

Factor 1: What You Post

Facebook’s privacy didn’t make you post that drunk-at-work picture that got you fired. Or that high-at-work status. Or the thing that made everybody figure out that you were cheating. Or the picture of your new racist tattoo. Facebook’s privacy didn’t make you post those things. You posted them. You chose to share them with a public or semi-public group. You don’t get to blame Facebook for that.

Factor 2: How You Post It

Well, how DID you post the status that made it clear that you were having someone else’s baby? Public? Friends only? To certain people? To a closed Facebook group? This IS in your control. Learn how to use it, and use it wisely.

Factor 3: Who You Friend

Do you have the sort of friends who would send your post to your boss? Your ex? A Cheezburger website? Do you have the sort of friends who will take an original artwork you create and posted to Facebook, steal it, and sell t-shirts with that on there? Then congratulations, the big security breach is in your own house. It’s not Facebook or their privacy or some laws you don’t understand but want to quote.

It’s your own CIRCLE of people.

Step one is clean house. If you are not real life friends with someone, unfriend them on Facebook. If they write to you acting all mad, block them. This is a STRANGER to you. Who cares if their feelings are hurt. Protect yourself. You are exposing what might be personal things to strangers, and why? So you can say you have X number of Facebook friends as if there is a contest? Start removing people you don’t really know, don’t really like, or don’t really trust.

Step two is to learn how to use Facebook lists. These are privacy groups that you can control. Maybe you have a “former and current co-workers” list who is blocked from seeing that drunk pic of you from Friday night. Maybe you have a “clients” list who is blocked from seeing personal info about your divorce. Maybe you have a “family” list who can be blocked from political rantings that don’t match their views.

Facebook does let you say which lists can’t see something, which means you can post a picture or status, and block multiple groups from seeing it.

Protect yourself. It’s a brave new world of knowing a lot about people rather easily. You get to decide what’s out there and who your friends are. Real friends wouldn’t post things with or about you that could hurt your work or personal life. Choose deliberately!

eBay tracks you. Wildly and well. They know who’s logging in from where into which accounts. They know when you log out of one account and into another. They know how many accounts you have. And because they know you’re doing this, eBay has an interesting rule. If you get suspended on eBay (for any reason that eBay suspends people), ALL of your eBay accounts (that eBay has connected with you) are suspended. They’re pretty good at connecting all of these things. The idea here is that if you’re trouble, they don’t want YOU no matter what you’ve named yourself. Makes sense.

I once knew someone who had something for sale on eBay. He wanted to make it look like I was bidding on it, I guess because I’m some sort of celebrity. 🙂 He created an eBay account that looked like a name I could pick, and he bid on his own stuff. I was concerned that the auction would end with “fake me” as the winner, and, not knowing what personal or contact info he put in for that account, someone might try to hold me responsible for paying for it. So I reported it to eBay for shill bidding (bidding on your own item). Within 24 hours, the item was taken down, and the jerk’s account was temporarily suspended. Clearly, eBay found enough evidence in their logs and data to know it was the same guy in both accounts.

Why can’t Facebook do that? Facebook has to know when someone has more than one account. Let’s say for example that I block my ex-boyfriend on Facebook because he’s not at all a well cat, and I want nothing to do with him. Facebook knows what devices he logs in from. They know his IP number from where he lives with Mommy. They know his Mommy since they are listed on Facebook as mother and son. Facebook sees Mommy’s account logging in from the same IP and possibly the same devices. Facebook would probably see no other users coming from those devices or IPs. It would be great if Facebook could see those devices or that IP trying to poke around my Facebook page (to see whatever might be public), and STOP them. Facebook should understand that I’m trying to block ALL connection with this guy, realise what he’s doing, and throw him some sort of obstacle.

Facebook could ripple that out even further, since it’s all about relationships and the graph, right? Facebook would KNOW that the handful of his friends that I friended I also blocked. Facebook would have enough to know that I have truly disconnected from him, blocked everybody I could think of, and haven’t unblocked him, and have a clear and consistent set of behaviours that show that as soon as I figure out that someone is connected to him, I block them. Facebook COULD take that more seriously, and not let accounts connected to him surf mine.

In fact, imagine if that were an option. Imagine if when I block crappy ex-boyfriend, FB asks if I would like to block ALL of his FB friends. Let’s say his name is James Allen. I could have a block setting for “James Allen’s friends.” That way, as he makes new FB friends, they are automatically blocked. This way, there is NO possible link between me on FB (which would be my few public postings) and him (through his friends). It would mean he couldn’t ask any friends to check out my public postings and report back. That would be best.

Facebook COULD do this, and Facebook SHOULD do this. It would at least be a START.

My friend, Joe, recently wrote this blog post about privacy. I think I might be the tech savvy friend who couldn’t believe he was Foursquaring his home address. 🙂

And his post made me think. What IS private? Is there anything you can’t Google about someone? Does shredding everything matter?

When it comes to the internet, I’ve pretty much given up on the idea that I have anything to hide from Facebook, Google, or my internet service provider. In theory, and certainly between them, those people could know everything from my innermost thoughts to what I look for online to how much is in my bank accounts. They’d know where I live because I have to type it everywhere.

I remember in 1994, I knew a guy who worked at some ISP, so he was some techy admin guy I couldn’t make much sense out of. One day, he wanted to prove a point about privacy, and emailed me all the info that was on my driver’s license. In 1994. Didn’t need Foursquare, Facebook, or Google. He had found some way in to the Motor Vehicle database for our state, and easily found my info, which included home address and birthday. Probably Social Security Number. He never did anything with it, but he sure made his point. And I bet it’s even easier now.

I have a friend who works in the music biz. He has his AT&T-given email address on his Blackberry. He uses no social media or apps. Has no website. Owns no domain names. When I put him into Google, I get like 2 web pages on him, both blog posts from people saying they had recently met him. Nothing else. That’s amazing, so it “can be done.” Still, my friend, Joe, would be right. If his name is on a mortgage somewhere, that’s probably something people could find.

So he’s mostly off the grid, but the price of that is being off the grid. Most of us are looking for connection and interaction, so we want to be on the grid. All the time.

Let me know in comments your thoughts on privacy.

Some guys from Stik.com emailed me last night to tell me my last blog post got it all wrong. Mostly, they wanted to make sure I knew that they haven’t sold anybody’s info. My take on that is of course you haven’t. You’re still building up the database. I felt their email lacked some reassurance that I was not in their database (considering all my friends who allowed their app, which then spiders me), I would not be contacted, I would not be called, and I’d never be sold, shared, or rented. They didn’t mention that at all in their reply to me. Oh well. Not reassuring.

I decided to dig a little bit more. I put Stik.com into Google, and was surprised that there were some predictive searches for “stik.com reviews” and “stik.com spam.” Looks like lots of people are digging! I went to their Facebook App page to read reviews, of which they were only 47.

Here are some screen shots from people, with their identities hidden, though if you go to the reviews page, they are plainly there.

A woman I don’t know posted to a closed Facebook group I belong to with, “I cannot figure out how to remove myself. Other people recommended me…I have no idea how this was accomplished, since I never granted permmission for Stik to use my infomation… ??” So she’s in Stik’s system, yet never opted in. I find this unsettling and not OK.

I was so worried about their privacy policy, and how they might be tapping into the Facebook graph to put me in a database that they might someday sell. It looks like there are other problems as well. Posting to friends’ wall? Posting an ad for itself weeks after someone last visited the app? Turning your friends SO off with the wall spam that they unfriend/hide you? I can see how that might mess up someone’s marketing campaign if a flurry of people unfriend/hide him just before he is launching something new.

I think Stik.com is going about this all wrong. If this is simply a database of professionals, as they claim, then it has to be built like LinkedIn or LinkedIn’s smaller competitor, Honestly.com. People have to add themselves. Don’t add me because some Facebook friend clicked “allow” on something I didn’t agree to. There are people who use fake names, fake jobs, and fake colleges on Facebook just for fun. So if Stik is spidering all that, it’s going to be a database with lots of junk. Compared that to LinkedIn, which I’d imagine to have relatively few fake people or fake jobs or fake colleges. I have friends who put on Facebook that they graduated from the “School of Hard Knocks.” Not too sure how many people are putting that in their LinkedIn.

If Stik’s privacy policy is true to how it is written, then while they may not be doing anything unsavoury today, I think we need to be careful of what we give them access to. Do you want them to be able to post on your wall any time? Do you want them to grab all of your Facebook friends’ personal info? Do you want to be contacted by third parties?

And if this is a great, searchable, open database of professionals, why can’t I search it without giving them ALL that Facebook access? Go to Stik.com. Put your name in the search. You won’t even get search results without “logging in with Facebook,” which is where you agree to give them lots of info about yourself PLUS access to your friends.

I still don’t see how a system claiming to be a database of trusted professionals needs to know my friends’ likes and hobbies that they put into Facebook. I don’t see why people who didn’t opt in should be spidered, and dumped into this system. I don’t trust this, but that’s my opinion. Look into it, and form your own opinion.

Edit: Check out other posts on this topic at our Stik tag.

A woman I like a lot pinged me on Facebook, asking me to please leave her a good review on Stik.com. It was like a LinkedIn recommendation, but much more casual. Sure! I left her a review. Stik.com then asked me to allow their FB app so they could share that on my wall. When I saw what they wanted access to, I did NOT allow it. Click to enlarge:

I’ve seen apps that just want to post on my wall, and that’s all they ask to be able to access. Stik wants to access my personal info, send me emails, post to my wall, access posts in my news feed, access my data any time, access my profile, access my photos and videos, and access all of my friends’ information. Which friends’ information? ALL of it. It says their family members and relationship statuses, current cities, likes, music, TV, movies, books, quotes, education history, work history, websites, groups, photos, and videos. Of your FRIENDS.

Really? Just to post my review of someone on my wall? Stik wants you think this is all very simple. From their help section (click to enlarge):

Something’s not right here. They are clearly NOT just simply connecting to your profile when they are asking for ALL of that access. So I did a bit more digging. I’m not the only one wondering things… This Quora question asks how Stik can know so much about his friends, including things beyond what he thought he had access to (as a Facebook friend). Click to enlarge:

On the surface, Stik is trying to make it sound like they’re just building a database of professionals. They need to access your friends’ info because your friends may be professionals, and they should be in the database too. For example, you’re a lawyer. You put yourself in Stik. You have Facebook friends who are lawyers, realtors, etc… Stik wants to find them too.

But the real story is where few people ever look. The privacy policy. Here, it’s spelled out beyond clearly. Click to enlarge:

Let me sum that up for you.

• Stik may share your personally identifiable information, especially to push to you “opportunities we think may be of interest to you.” Translation: we’re going to market directly to you.
• Stik is going to share your info with “third parties,” but can’t control how a third party may use your personally identifiable info.
• Stik recognises that a main asset of its business is the database of personal information it is building. Stik is letting you know that they may sell your information such as email and “customer” information, which I assume is your name and anything else they’ve pulled from Facebook.

Another great piece of the privacy policy says that by being a part of Stik, you consent to have their partners email or call you, even if you have registered on a “do not call” list. So if you thought you were on the “do not call” to avoid telemarketers and sales people, you have just given them approval to call and email you. Click to enlarge…

You’re for sale. And you just sold your friends. You joined Stik, and now they’re grabbing info about me. Thanks a not.

All you had to do was allow Stik the Facebook access they wanted. And now, your “customer info” and your friends’ info are part of their valuable, saleable asset. This is data mining, and to me, this is a scam. You think you are signing up to be in a directory. Since nobody reads privacy policies, and everybody mostly clicks on anything that says Facebook (please stop!), you had no idea that you were agreeing to have your info sold. And once it’s in the hands of third parties, good luck regaining control of it.

Remove Stik from your applications, and contact them about getting out of their database/directory before you lose control of your info.

I wrote them an email asking how to make sure that I was NOT in their system. I told them that I read their privacy policy. I didn’t want to be part of their company assets. I understood that my friends approving their app gave them access to my info. I asked how to keep my info out of their system. When they write back, I’ll let you know what they say. We’re ALL going to need that answer.

Edit: Check out other posts on this topic at our Stik tag.