Jan 302013
 January 30, 2013  Posted by  Online, U.S.

I’ve been checking Foursquare’s site occasionally today as they indicated that a change in their Terms of Service was forthcoming. Now it’s here, and it’s great.

As I blogged earlier today, Foursquare had implemented their new “full name” privacy policy, announced last month, even though it seemed to be in conflict with their media statements that suggested nyms could be used, and their Terms of Service that required “truthful” registration information.

Their new TOS, dated yesterday but uploaded today, states, in relevant part:

Registration and Eligibility.

You may browse the Site and view Content without registering, but as a condition to using certain aspects of the Service, you are required to register with Foursquare and represent, warrant and covenant that you provide Foursquare with accurate and complete registration information (including, but not limited to a user name (“User Name”), e-mail address and a password you will use to access the Service) and to keep your registration information accurate and up-to-date. Failure to do so shall constitute a breach of these Terms of Use, which may result in immediate termination of your Foursquare account. We recommend, but do not require, that you use your own name as your User Name so your friends can recognize you more easily. (emphasis added by me)

This is good news, indeed, and I think they made a great policy decision. Hopefully, they’ll allow users who registered using real names to change to usernames if they so desire.

Frankly, I have no idea if any of this was already under internal review before Jules Polonetsky, Greg Norcie, and I individually contacted them with our observations and questions, but either way, it’s a good outcome for user privacy.

Jan 302013
 January 30, 2013  Posted by  Business, Online

Back in December, some of us were impressed when Foursquare rolled out its new privacy policy a month in advance so users would have time to read it and understand it.  The revised policy seemed to be a model of transparency in terms of its statements on how, going forward, full names would be disclosed. They also provided a new FAQ to answer questions about the policy.

But kudos quickly turned to confusion when a comparison of their new privacy policy to their existing Terms of Service revealed a conflict between what the privacy policy said, what Foursquare was saying in their media statements that nyms were still permitted, and what their TOS said about “truthful” information being required for registration.

I contacted Foursquare in December to get clarification on the apparent contradiction between their privacy policy and their TOS, as did a few other privacy advocates.

Their press office never responded to my inquiry, despite having gotten it.

After a few tweets, their support department responded, telling me – and others who asked – that the issue was under internal review and they’d get back to me.

Every few days thereafter, Foursquare tried to close the support ticket that was submitted as  a media or press ticket.

Every few days, I replied that they shouldn’t close the ticket, because I still didn’t have an answer and neither did their users.

On January 28, Foursquare’s new privacy policy went into effect.

On January 28, their Terms of Service, last updated in August 2011, remained in effect.

Foursquare has an obligation to come up with a policy and a TOS that are consistent with each other as to whether real names are required or nyms are permissible.

Giving out one’s location information is risky, in my opinion.  People who register for Foursquare using their full real name because they believe they have to to use the service are taking unnecessary risks if nyms would be permissible.  Not everyone would care to use nyms, but for those who are concerned, it should be an option.

After one month of “internal reviews,” Foursquare should make a statement resolving the conflict.  Hopefully, they’ll revise their TOS and clarify some wording in their privacy policy to plainly allow nyms. But at the very least, the plain language of their privacy policy and their TOS should agree with each other.

 UPDATE: Foursquare has now resolved the conflict, and in a pro-privacy way. See this post.

Jan 302013
 January 30, 2013  Posted by  Surveillance

From Out-Law.com:

Businesses should be prevented from using model contract clauses and binding corporate rules (BCRs) as mechanisms for processing personal data in the cloud because those arrangements do not prohibit US law enforcement bodies from gaining access to that information, it said.

The report, ordered by the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE), said that the EU had created “derogations” from traditional rules governing international transfers of personal data that, in a cloud computing context, could not adequately protect the privacy of that information. It said BCRs and model contract clauses were examples of the ‘derogations’ created and that both are were “equally unsuitable to prevent the use of cloud data for surveillance purposes”.

Read more on Out-Law.com

Jan 292013
 January 29, 2013  Posted by  Surveillance

Katitza Rodriguez writes:

January 28 marks International Privacy Day. Different countries are celebrating this day calling attention to their own events and campaigns. This year, EFF is honoring the day by sharing some advocacy strategies utilized by human rights advocates and activists from Argentina, the UK, Canada, and the United States, that have helped to defeat overreaching surveillance proposals that threaten civil liberties.

Read more on EFF.