Yes but not enough, not by a long shot! This a basically a way to get individuals privacy on every level from banking institutions, medical care, shopping habits, GPS locations, personal correspondence, everything and in return? an email address??? Are they nuts? Rogers is not protecting us or our contacts whatsoever and we are paying for the privilege of being exploited. The media and Parliment needs to address this pronto!
Of course if anyone wishes to make a formal complaint, as stated at the end of my message, they have the right to do so.
Personally, I have written several letters over the past 2 weeks and have received the answer I wanted. All I can do now is wait for the results, otherwise, I will just be repeating my concerns.
Once the investigation is complete, I will resume letter writting if I am still not satisfied.
Even though I set up a new email, I will still be vulnerable if anyone using Oath services contacts me. Because their in and out going emails will be read, this will include my information which will then be scanned and stored.
I have a few people in my contacts using AOL, Rogers and Yahoo. I alerted them, if they keep their addy, sorry, deleting. I sent the message using my rogers.com and will not be giving out my new addy to them. They can phone if they need me.
I removed my auto pay on Rogers and requested paper bills. Finances will be between me and my bank. All online communication from any financial institutions have been unsubscribed.
I will go to their secure website only.
I had Safari set to private even before this fiasco and got rid of google but now I have Hotbot search engine saved on my homepage on the iPad and go directly there to do a private safe search.
I may not be able to protect myself complety but will do as much as I can to keep important information from leaking out.
Update - I too got the email - basically the same things that their execs said to the media this week. So nothing new in there.
Same details said by Oath to the media - although I still don't buy their explanation - to suggest that they were clear about that they would access our accounts and use our contacts information for marketing and that they are there because we have obtained consent - in a clause buried very deep in the document - not in the upfront first message of important changes.
I also received bascially the same template information from the OOP today, so the message is consistent.
It was our resonsbility to read the terms in Oath and that "our permission and consent from our contacts allowed them to solicit them under our names", yet we have never before known to do that - so we are to go to every contact before May 25th and get their consent - maybe I should hire a lawyer and get a privacy statement written up so they fullyunderstand their privacy in their personal and private interactions with me via Oath/Yahoo mail. And what about those customers I contact - if they agreed and I get the email, what action do I take - would Oath include a specific opt out as required by Canadian law, in Ontario related to spam. Are we all supposed to understand spam law under pipeda when we interact with our friends - oh yeh, that was messenger - one of the oath family of services, not email - not that wasn't clear and explicit. And oh yeh, not an issue, they weren't able to do it anyway at this time, so no issue they will remove it - How can I be assured they won't put it back.
And Rogers still dumps all responsibility on us and Oath, not their issue at all. Yes, I did find in their policies how they are not responsible for the privacy of third party services, so yes it was deep in those long documents - not clear and transparent at all.
No comment on free or not free services.
I suggest they are silent as they are in a legal hot mess along with oath and under clear investigation by the OPC at the federal level and they are basically in damage control mode, with everyone passing blame around - or at least Rogers to Oath, oath to us, and both companies, placing blame with us.
As one Rogers staff said, these long policy documents are written by lawyers for lawyers, not intended to be fully clear and transparent.
If you review the many new policies, they all have the concept of clear and transparent, control, collection and storage and use and how to opt out. This is all in response to EU - thank you to them for doing this. Even facebook is currently doing an add to put them in a better light, that they got off track and returning to the basics.
New twitter agreeement, and they were caught with Cambridge involement too - my wife got it and I said, let's read those terms closely.
I have had a total of 7 new policy statements come in the last week, and cancelled 3 of them, one I was quite fine with.
Was sitting in a second cup, signed in and saw that they want me to read and understand the terms - their privacy statement - one paragraph, as they don't require registration and personal information, but do monitor for how well their service is working and flagging for illegal activities. That I hae no problem with that - expectation is that I review each time I use it, easy to do now that I have read it - only a few short pages, very well laid out, headings and simple paragraphs and language - very easy for anyone to understand - they put a last reviewed date - they haven't changed it since 2016, and it is right at the top when you click terms, so you can imeidately know that you need to reread it.
So, for now, I too will wait on the federal review - they are being investigated and hopefully reall change will occur and Rogers roles can be clarified and whether how we got from our original viewed included emails paid for in our service to be outsourced and not their responsibility - were those changes clear and transparent, of were long documents used to hide it from us.
I will finish with some of the actions I have now taken - i left the current concern at OOP open, still awaiting some answers to some items and I want more than a a template response and the additional quesitons do not need the privacy officer to answer - they are administrative questions on a use of a non-approved email in contacting me.
I have now officially and permanently deleted the Rogers account - I don't need correspondence with them - my wifee will finish hers next week.
For now I am continuing to communicate with the people I know on rogers accounts, but very limited, but I have advised them that I may close that door, or I will set up an anonmous account somewhere to communicate, although I may not - I tried that already and it was a nightmare having two meials to pay attention to me.
Yahoo anythning is blocked on my browsers, and I am using the duck duck go search engine and I will look at the others mentioned.
I have been playing with adding cookie blockers and tracker blockers, using some of the tools available through companiies committed to allowing you to lock out their contact through a central page.
I am going to be reducing my contact on here too, because I took the time to see just how many sites are impacted by restricted cookies, popups, trackers, etc. Many work very fine, Rogers is a bit slow, but you et through as it tries to connect to all the analytics, you can see in the left botttom corrner and you will see google analytics, adobe tracking, and many others, as it tires to connect, but can't. If you block popups, you can't log in though. Most pop ups I can live with.
I will contineu to work to learn how to become more safe on my internet usage, and watch as companies provide new alternaties ant dools. I will begin paying for privacy, and ultimately less service, but I will live - and true friends will learn to communicate in old fashioned ways and those that don't are not true friends.
So I await to see what happens - I expect to hear nothing more, but do throw up comments once in a whilehear as you hear new things, to remind the company that we are still looking for answers, and hopefully th emedia stays with it, and we hear the results of the investigations.
Companies may feel they are not easily accountable to us through these impossible contract restrictions, but they are accountable to legislation and guidelines, as they have learned with pick and pay, wireless codes, service summaries which they didn't want to do as reported in the CRTC internviews, but were forced to do, and once in place, they are accountable to the concerns raised to customers to privacy and legislation - that a contract cannot override, and we don't have to fight them in court one by one.
We all done good on this one, and let's hope for improvements in the law and protections, as it seems it is not a huge priority to companies, except when countries step in and say no, or like Facebook an Cambridge getting caught - our thanks to them for putting this all in the open.
Great stuff Bruce.
I am disappearing for a while - I like hleping, but I am also tired of canned responses and phrases like listening - for example Fox HD - they listened - took them almost a decade to listen and make a change, with little full explanation that they just felt they didn't have amarket - if they had said that, there would have been a huge uproar, not a trickle that took a long time.
Here is a notice from twitter. I know twitter is in hot water at the moment with Cambridge, but is shows they are taking their responsibilities for security and privacy seriously in order to stay a viable company as they need to respond to concerns of customers if they want to stay an active player in social media.
|When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.|
|Out of an abundance of caution, we ask that you consider changing your password on all services where you’ve used this password. You can change your Twitter password anytime by going to the password settings page.|
|About The Bug|
|We mask passwords through a process called hashing using a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter's system. This allows our systems to validate your account credentials without revealing your password. This is an industry standard.|
|Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again.|
|Tips on Account Security|
|Again, although we have no reason to believe password information ever left Twitter's systems or was misused by anyone, there are a few steps you can take to help us keep your account safe:|
|We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.|
They take responsibility for their slip in security, they let us know about it immediately, and they give us advice on how to deal with it. Rogers could learn from this example. When it was know that Yahoo was hacked, they never acknowledged it, they did put in more security practices to deal with the flaws of Yahoo in their security and put in a higher level than Yahoo even provided in that they did not allow chocie of using insecure applications, in the two phase and new authentication practices under the Oath2 protocols - any coincidence that yahoo chose to name their company using a term close to the best practice security that the;y did not implement and they got hacked.
Rogers never advised of us the hack, nor acknowledged their relationship with Yahoo, it was up to Yahoo to tell us all and evenutally they sent messages out to impacted users.
This is the level of responsibility that I expect from a service i pay for, Rogers full range of services, not dumpting the responsibilities on us and other companies. Twitter took full resonsibility and contacted all customers. This is what I expect from Rogers, too.
This is why aiside from this recent changes, and taking no responsibiloity for their relationsihip between customers and Oath, and each company basically laying blame on us for not understanding their terms. Twitter took full resonsibility to its customers and contacted us immediately with what happened and recommended actions.
No hiding behind terms, just honest taking responsibility.
This is what I expect from my relationship with Rogers, and why I have to seriously consider will I stay, and consider how I will deal with Internet, email, and policies in this new world.
There are alternatives out there, but under terms of our agreement with the forum, I am not supposed to get into those alternatives. Do your research, they are out there - in many wholesale providers of bell and rogers services - and that is not just things like Techsavy, but also local providers in your own community, who function as wholesalers. They are out there, and we do have options. If Rogers is not going to take my concerns seriously and just dumpt it on the contracted provider ( I am sure they have a contract with oath and Yahoo in place), but they set it up, we had no choice in it, so I will not agree with their claim that they have no resonsibility in this whole thing.
It is frustrating negotiating the website....1) I called tech support and the screens would not show option....3 calls 1/2 hour wasted. 2) on pc could not understand how to negotiate all the screen....15 min wasted. 3) called tech support to complain .....another three calls another 1/2 hour wasted.
Even if I opt out my friends may opt in and Oath will have access to my emails for marketing?
Yes lots of reassurances of privacy, just like Facebook and Cambridge Analytica getting Trump elected. No I do not trust Oath and Rogers of all companies Rogers needs to understand this...I would rather pay to use my email account, which is what I agreed to when I switched from AOL to Rogers internet 25 years ago.
Read the update to Yahoo!/Oath email this morning and I can honestly say that trying to follow their instructions is like trying to read the terms of service. Full of confusing information that is not helpful and gets me nowhere. Now that I have stopped using my rogers email account I can now look into other WIFI providers and say goodbye to Rogers forever. This is unfortunate since we have had a 30 year relationship and for the most part it has been good, now however they have stopped listening and I am going to have to move on. Thanks to everyone on this forum, your words have been very helpful.
Although, I am giving a chance to privacy commissioner, this whole incident and my trust in these companies providing services on the internet like searching, advertising on the pages, email, and social communications.
In particular, I remain displeased with Rogers as a whole that they have refused to acknowledge any role in this whole incident, and although communicating the Oath informatin, helping to guide us to the opt out choices, and making the standard claim of concern for our privacy, I just don't buy it.
I have opened communication with those I know once the clause from oath was removed, but I am still uncomfortable given they still state they can change policy at any time in the future.
If they never had the ability to do this in their system and decided it was of no benefit for the service, why did they actually write it specifically directed at our spam laws and its concepts of consent and opt out.
And tonight, someone I know was asking me about that original clause and we realized something that they completely overstepped in legislation (our do not call list). I cannot give consent for a third party company to contact another person I have a business relationship with unless that company is hired to represent my own service relationship with an existing customer for only a limited period of time.
I am unsure whether I can give permission to the Oath to use their phone number as they suggested - it is my understanding that they must still comply with the do not call list.
Here is the current law that applies to the anti spam question.
It is complicated, and is not well tested at this point - Rogers and Oath have brought this whole discussion to the level of review of just exactly how these regulations apply.
I read through it and it is hard to determine just how the law applies to that infamous policy - my own opinion, Oath had lawyers very carefully word their wording in that clause, while never referring to the applicaable law and placed an expectation on us to understand that law fully, where this is a law directed at business relationships,not individuals.
In a way, they are treating our friend relationship like a business relationship. They tried to suggest this is a factor for messenger, where we have friends, and there are already targetted adds, where they use our infomration, but we can opt out, but this whole thing seems to fit in terms of email to the law under.
Take a look at these two Q &a's..
Q. What if the email includes information from more than one company? Who is the “sender” responsible for CAN-SPAM compliance?
A. If an email advertises or promotes the goods, services, or websites of more than one marketer, there’s a straightforward method for determining who’s responsible for the duties the CAN-SPAM Act imposes on “senders” of commercial email. Marketers whose goods, services, or websites are advertised or promoted in a message can designate one of the marketers as the “sender” for purposes of CAN-SPAM compliance as long as the designated sender:
- meets the CAN-SPAM Act’s definition of “sender,” meaning that they initiate a commercial message advertising or promoting their own goods, services, or website;
- is specifically identified in the “from” line of the message; and
- complies with the “initiator” provisions of the Act – for example, making sure the email does not contain deceptive transmission information or a deceptive subject heading, and ensuring that the email includes a valid postal address, a working opt-out link, and proper identification of the message’s commercial or sexually explicit nature.
If the designated sender doesn’t comply with the responsibilities the law gives to initiators, all marketers in all marketers in the message may be held liable as senders
That last sentence implies that we are bound by the same laws as the original sender, and both parties are legal for meeting the reliabiliites. These terms don't actually refer to our responsibility to the laws of Canada, the ensurance of an opt out clause as required by law - are they opting out to us, or to the company, and many other questions.
I see a company set of skilled lawyers who did their best to keep our knowledge and understanding of these Canadian laws on both us and them if we implied consent and they carefully crafted it such that it did not let us know what our legal risks were of saying yes, and ther are in my opinion.
All the more reason why I won't deal with this company and boy do I read consents very clearly.
Q. My company sends email with a link so that recipients can forward the message to others. Who is responsible for CAN-SPAM compliance for these “Forward to a Friend” messages?
A. Whether a seller or forwarder is a “sender” or “initiator” depends on the facts. So deciding if the CAN-SPAM Act applies to a commercial “forward-to-a-friend” message often depends on whether the seller has offered to pay the forwarder or give the forwarder some other benefit. For example, if the seller offers money, coupons, discounts, awards, additional entries in a sweepstakes, or the like in exchange for forwarding a message, the seller may be responsible for compliance. Or if a seller pays or give a benefit to someone in exchange for generating traffic to a website or for any form of referral, the seller is likely to have compliance obligations under the CAN-SPAM Act.
This would suggest that since we are getting no direct benefit, then we, and the sender (oath have responsibilities here) -
I am glad that privacy commission is looking very closely at this information.
What I would like to see is regulations that require comanies to have us set as opted out by default, then specifically ask for and explanation permission for each item they want us to opt into. At this time I don't thnk we can trust companies to protect our rights and privacies, that they want us to agree by default and it is up to us to figure out whether that opt in makes sense for us which means that given how many things they say they are asking us to agree to, collection, storage, control, who gets to have access, who gets to use it for what purposes, can we remove consent, etc. Thee are all requirements of PiPida in Canada.
Rogers keeps telling me I can adjust my "settings" to opt out of "interest-based ads".
Personally, I don't want to receive ads at all, interest-based or otherwise, but ads fuel the Internet, so I am resigned to it. Interest-based ads are no worse than regular ads (but the service provider gets paid more by the advertiser for delivering them, that's why they like them, and therefore want to collect the data to produce them).
So why would I want to opt out of receiving interest-based ads? Well, if it meant the service provider would then stop collecting the data to drive them. And maybe Rogers thinks we are dumb enough to believe that.
So I will ask the question:
Mr. Rogers, does opting out of "interest-based ads" stop Yahoo from mining the data from my email that would otherwise be used to deliver these ads?
Over the course of the last 4 weeks wait time have been ridiculously long, I don’t blame the agents. I have tried reaching Rogers support (for changes and new product) at various times, including 1st thing in the morning and the wait is still unacceptably long. I frequently give up.
Together with he email TOU fiasco, they are making it so much easier to leave Rogers.
I like you, don't blame the agents.
I have discussed with OOP and with agents what seems to be creating the over load.
Here was the list that we all conceded was the issue.
Promotions back in December with the Data Wars, and then in the speed of trying to make changes, mistakes got made, and many corrections occurred due to unexpected things on the bill and it took about two months to correct.
That gives you 2-3 months, into February for that load to thin out.
Next is the one year and two year promotions running out - when these new promotions came out, there were lots of us on VIP and many of us like me made the change - this means that 1 years later (more like 10 months plus two to finally get ones head wrapped around what the next plan would be - it took a long time to get into a new model from a model we were on for years, so that also took time, and then it takes quite a stretch to wrap your head around the next move as you try to stick with you got and not incur too much increase, and clarify if you want to stay at same price, what promotions you can get and what can you cut. This usually takes a long time on the phone, and often many phone calls.
Next is the constant miscommunication on the offer we finally agree on, in particular if it involved a lot of changes (say like VIP to a new service model), it often involves a lot of changes in features, channel mixes, maybe a new modem, different caps, speeds, whole lots of things, on a cell phone, changes in feature sets from what you were used to, sometimes are now in the price, sometimes not there anymore, and so on.
Then you end up in phone calls or chats to deal with, "that is not what I understood when I said yes". Sometimes it is easy to fix, sometimes it can take a lot of time and phone calls.
The common comment in my discussions about what is taking so much time, is this one could be fixed by providing full quotes, like the required confirmation and summary of services and service changes and copies of all relevant changes, for us to review at our leisure and to confirm, it is really what we thought it was, and was it really what we wanted.
Their is a remorse period, true, but often when you agree to the change, although verbally, not necessarily with full understanding on both sides, it is often not possible to put it back.
To date, I have been told that Rogers is not considering providing quotes, that they write the quote down and you can call back in and get the details, but sometimes it is easier if you can read it all for yourself, and not all of us are great note takers.
And this last issue with the terms, and learning about what was going on with that change, and first the silence, then the give it back to us, then answer the questions by making it all our respnsibility and Oath's to deal with has also led to a huge load.
But I think we have been dealing with a lot of time consuming changes from Rogers, which I don't think they anticipated how challenging it would be for staff to become skilled at communicating the changes, and also recognize that we need the time to digest the changes and decide what we want.
Bottom line, in my opinion, is that they have had a lot of things not work as well as hoped - the data price wars, the Navigatr, responding to required rule changes from the CRTC, responding to legislative rules around CRTC and other portions of legislation and law, a very competetive market,, three CEO's, I think it has been, at least two, and a major cultural shift.
They need to seriously look at how to deal with this backlog (company that is), to make things easier for the customer and the staff. Someone in another thread commented that they had been with Rogers and really had no issues until about 2013. I would say about the same period of time for me - I have been to the Office of the President only once before that, and rarely ever talked to Rogers except to deal with a change in my service needs.
But from 2013 onward, I think I have been to the office of the president about 7 times, and spent way too much time on the phone to get mistakes fixed that if they provided a written quote for me to consider in the first place, I would have avoided it.
They really do need to find an easier way to communicate and avoid miscommunication. In the public, we see lots of this here on this board, and it usually gets handled, some just move on, on Facebook and twitter, but there is also the private discussions around issues on the phone and chat or letters, or faxes that we don't here about.
I think all the types of issues are pretty apparent in the discussions on the board, and the solutions are also provided by many people.
So I hope they move forward and get these issues related to timely contact with customers, clarity, as well as we will have to wait on what the Privacy commissioner of Canada has to say after they investigate the whole recent situation with privacy.
To close off, I got a final email from office of president, now directing me to go to the privacy officer for Rogers, that it is felt that the answers to our questions are clearly stated in the statements from that office. I personally don't agree, and have left my complaint open, but will leave it with the federal people to deal with.