For those of you who can't read the Globe and Mail article, here are some points from it that are not in the Toronto Star article:
- @Canada’s privacy commissioner Daniel Therrien said Tuesday that his office continues to investigate other concerns raised over new terms of service recently sent to users of @rogers.com e-mail addresses
- In testimony before a standing parliamentary committee in Ottawa Tuesday, Mr. Therrien said that after his office began an investigation, Oath agreed to remove that particular term.
“We’re also investigating other issues with respect to that organization but on that specific point, my understanding is that they have agreed to withdraw that part,” he said.
- In response to requests for comment last month, Oath said customers can opt out of the e-mail scanning that allows the company to deliver what it calls interest-based advertisements. But many people complained they could not find a way to do so.
- @Rogers said Tuesday that it is updating its website to provide customers with more information on this issue and will be e-mailing @rogers.com users directly this week. “We take our customers’ privacy very seriously. We know some customers had concerns about Yahoo’s term related to personal contacts, so we are pleased it was removed,” spokeswoman Sarah Schmidt said Tuesday. “We are working with our customers to address their questions and help them use Yahoo’s opt out settings to customize their e-mail preferences.”
- Charles Stewart, a spokesman for Oath, said in a statement Tuesday that the now-withdrawn provision “made clear to our users that they were responsible for obtaining the consent of their contacts when they chose to have Yahoo Messenger invite their friends to the app.” The term, which has now been removed from a 27-page document outlining the new policy, did not specifically mention Yahoo Messenger. Mr. Stewart said Oath did not use those contacts for advertising purposes and added, “Upon further review, we’ve removed this section of our terms of service as the functionality does not currently exist in our product offerings.”
Thank you @Zaphod64
Globe and Mail story thru MobileSyrup:
From the bottom of that page:
Update 01/05/2018 4:35pm ET: Story updated to clarify that Rogers email clients who don’t want to share their personal information can opt out by navigating to their Yahoo email settings.
Update 01/05/2018 5:19pm ET: Story updated to clarify that Rogers email clients who want to opt out of interest-based ads can do so by navigating to their Yahoo email settings.
Read more at MobileSyrup.com: Canadian privacy commissioner investigates Rogers, Yahoo over email terms of service issue
As far as I'm aware, you still have to accept the TOS in order to access the mail service. Then and only then you can access any settings associated with that service. To indicate that you can "opt out of interest-based ads" still doesn't solve the issue of the invasion of privacy that users are concerned about. So, personal opinion, this is completely disingenuous. You can turn off the adds, but all that means is that your email is still being scanned, along with any attachments, but, you aren't receiving any adds based on Oath's magic formula for sending unwanted adds to its users.
Wow - read the article - not sure I want to do the exercise - it will direct my behaviour in future, but it is great that people and media are doing this sort of stuff to show us all just what is going on.
And the statement Bonnell: Privacy is dead and we all helped kill it Boy is that so true - many of us, me included have done this to myself and others with that quick click that had become almost habitual.
Fortunately, this discussion and incident has really educated me and I have become very vocal with others, and hopefully legislation will change this around to bring protections back as a responsibility to corporations and others, not. We have to look out four ourselves as Canadians and consumers with companies, who, let's be honest here - I was told that these privacy documents are written by lawyers for lawyers - the words of the OOP rep, and I said, but the thing we were said described their intent was to make it more transparent and clear. Had many of us not read through the pages and pages of the document found deeper than the original summary, we would have known what Oath tried to pull on us, and I still say, Rogers is at a minimum complicit in not requiring that any changes to the service that Rogers directed us to, be reviewed by them before it comes to us. They are actively still allowing the set up of those email and other services, using Rogers branded email addresses, so I argue they have a responsibility to ensure that the companies that they are permitting to access us as customers (we wouldn't have had the referral to Yahoo without the agreement between Rogers and Yahoo, no matter how it is written - so are they referring us to companies that within the laws of Canada or not).
The question of free or not free, I will hold on that one, it is privacy I am arguing, and the reality is that Rogers had to have set up an arrangement for services, and maintains that relationship - if it turns out that that arrangement is with a company trying to sidestep canadian laws, then they have a responsibility to advise us and to get them to change, not just dump it on us and claim that Yahoo has nothing to do with them, our agreeement is with Yahoo.
So I a glad we are getting movement - glad we have a privacy commision that clearly takes our privacy under PIPEDA seriously and whether Rogers acted on our behalf, I am sure we will not know until the privacy commission tells us, and they certainly are already being open to the media questions on this investigation and they are quite open and transparent already on that investigation and remedies they are seeking and furhter investigations to follow that are ongoing.
Now, all I have to for now is get a hold on all the other agrements that have come - I have already cancelled 5 services that I only occasionally used as their changes to policy was driven by the EU and looking at their previous ones, I realize I may not have agreed.
And life goes on.
I wonder what some means??
Thanks for putting up the link. We even have to carefully read the policies of the commission too.
Is there a way to do it anonymously? Just wondering - although what am I really worrying about, my view is sitting right here for the world to see on this issue. I guess this whole issue of electronic privacy has me being a bit overly cautious.
Welcome for the link @BS and yes if you look next to the name, address and phone number windows, it says optional. Email required, a throw away addy could be used I suppose. If you wish you can phone and that is the best way to be anonymous I believe.
I understand how you feel, we can never be too cautious when there are some who will take advantage of our data.
I am aware that some have reported that they couldn't get past the memberpage to the email and settings without accepting.
I just tried it and I just clicked on the x, and it took me over to my Rogers powered by Yahoo home page, not that I have ever wanted to be on that page ever - and then went into email just fine - I have no personal information in my personal info section right now - no messages, no mail, no contacts, nothing in spam, or trash - just an empty email with a message that says, I am on vacation for the following reasons - description of the issue.
That is not to say that some may not be getting past.
But bottom line, whether we accept or not, we are still bound under the old one that still has all that previous language, much which is in contradiction to EU law since that is why they all made the changes (Thank you EU - the US is still convening hearings, and some minor changes by some companies like Google, Facebook and Microsoft have been made in response to the Cambridge incidents, but obviously the EU initiative and their grander set of overriding principles, has forced them all to jump - wonder if there are other companies that have tried to pull fast ones that may not be covered by EU, but they try to get at us another way - like Oath did).
I didn't notice that Oath acknowledges anything wrong, just that they couldn't implement it, and they told us that we had to have consent, so I guess they suggest that we were to contact every contact we had individually or on mass and come u with some way to get consent, and personally, I would want it formally in writing in email or otherwise, in order to cover them and me if a disagreement should arise. Again, are they serious?? Let's be honest, they tried to slip it through as the research suggested in an article that this is basically true click bait, and even everything we click on a Facebook page is also click bait.
Unfortunately, we have all become highly dependent upon things like social media, email, google searches, media, etc, so we are expected to understand and agree - what ever happened to the principle like I had to follow as a health practioner - it was my responsibility to ensure that my client fully understood and agreed - it is called informed consent - not it is all our responsibility???
Welcome to the electronic world - who could have imagined. Oh someone did - I think the book was called Brave New World - first studied it back in about 1975 in highschool. didn't understand it - failed that unit.
Now I think I need to reread it again.
Now I am getting philosophical - I do that when I get frustrated rather than be frustrated with my communications. All part of my illness - will all I have written to people about my illness and treatments be used to target me.
Iknow that when I have done google searches, I have for sure been targetted with ads and on Facebooks, join this group suggestions, so I knew it was happening, but didn't consider fully what it all meant - I just ignored it.
There biggest mistake for Canadians was the special provision related to our contacts to us only that I am aware of, and that through up all kinds of red flags or red cards. Glad they tried, it has been a great education and chance to be a part of changing this whole mess we got ourselves into.
I am going to back away for a while, it is just annoying me now and need to clear myhead. Think I will go on a Internet escape for a day or two.
Keep up the fight. Bruce
Read today that OATH is being forced to remove Canada specific clause forcing people to share their contacts. Nice to see but still won't ever use their email service.
While Oath was forced to drop the proposed use of our contact list, which contravened both Canadian anti-spam and do not call legislation and regulations, the terms and conditions still provide for harvesting contact names and emails as well as the subject line of our communications for every email sent or received.
So while they cannot get your full contact list with phone numbers at one swell swoop and then spam these people as if they consented they will still slowly gather some of that data. For what purpose? Not yet stated.
Legislation is required to stop the collection or use of names and emails, as well as subject matter, in our emails/headers or text messages other than for the expressed purpose of the transmission of our communications and all such information should be immediately deleted once the task is complete.
If I am a user of their services, of course they will have my name and email. But there is no reasonable purpose they should retain information from my subject line or who I contact.
Response I received from OPC today. No need to continue emailing them.
Now to wait, hope the final result will clear this mess up and protect our interests.
We have received complaints related to other aspects of the company’s terms of service agreement and have opened an investigation involving both Rogers and Yahoo/Oath. Due to confidentiality provisions in the Personal Information Protection and Electronic Documents Act(PIPEDA), Canada’s federal private sector privacy law, we cannot provide further details at this time.
Individuals have a right to make a formal complaint to the OPC, but do not need to do so in order to initiate an investigation as there is already one underway.
Tonight I received an email from Rogers CPO about the update to Oath Yahoo provisions related to the harvesting of our contact list. It notes it was deleted because some users "had questions" and that "You wanted to know how Yahoo!/Oath would use or share this information and why it was necessary. "
No mention of it contravening privacy, spam and do not call regulations. Just "concerns".
What is amusing is that the email went to one of 4 active rogers emails under our internet account, the only one never used to communicate with Rogers and not the parent email associated with the account. 😞
Yesterday I received one from the President's office - an office I never communicated with on this issue. Which makes me wonder if the CPO for Rogers shared my information? or did every one get one?
By example Rogers (as of 02 May 2018) is encouraging clients to accept the Oath Terms and Conditions through its email by stating:
(3) How can I change my Yahoo! email settings?
There are a number of ways you can customize your email experience:
i. You can opt-out of Yahoo's interest-based advertising through their Ad Interest Manager.
ii. You can unsubscribe from Yahoo's marketing messages or newsletters through their Marketing Preferences page.
iii. You can view your Yahoo search history and clear it, or block further search customization through the Yahoo! Search page.
iv. You can edit your email account information and contact information through the Rogers Member Centre.
None of which impacts on the information Oath/Yahoo harvests, stores, analyses or uses in research.
(4) Is my personal information shared with other companies, like advertisers?
No, your personal identifying information is personal for a reason. It is not shared with third parties.
Rogers does not define "personal information". The only reference to personal information I have found is to name and email address. Phone number, address, postal code, IP address, GPS, email header information, email key words etc are still subject to harvesting as well as browsing activity and information related to other services such as Facebook, Google etc.
Third parties is not defined in this FAQ, which misleads people. Third parties does not include Verizon, other Yahoo services and other Oath companies. There are also third parties that fall under unique definitions of third party which is different than third parties as used in this FAQ.
IS there a push to get people to click through on the T&C's so data can be harvested now before it is prohibited? Stopping directed advertising and marketing campaigns by clicking a box does not impact the harvesting of Rogers client related information for purposes other than direct advertising.