I was surprised by some questions from adults concerning data privacy while I was talking to students about internet safety and digital citizenship. Thus the inspiration for this post.

  • Terms of Service
  • Terms and Conditions
  • Privacy Policy

How often have you read them? I encourage you to read ALL terms of service agreements. Why? Who do you think those terms are meant to protect? (Hint: It isn’t you.)

Key point – If something is free, ask yourself why? How are they making money? Someone spent time and effort creating that app/website or setting up the “free” wi-fi you are about to use. People must eat, live, etc. Even if something is NOT completely free, they may decide to make more money off your data. Last year AT&T (DirecTV) changed their terms:

3.4 You grant AT&T and its designees a worldwide, royalty-free, perpetual, irrevocable, non-exclusive and fully sub-licensable and transferable right and license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, perform and display your Profile Information, in whole or part, and/or to incorporate it in other works in any form, media, or technology now known or later developed related to AT&T Access ID, Account Management or the services associated with your AT&T Access ID. AT&T is under no obligation to post or use any Profile Information that you may provide, and AT&T may remove your Profile Information at any time in its sole discretion. You represent and warrant that you own or otherwise control all necessary rights, consents and permissions to your Profile Information necessary to submit such material and to grant AT&T all of the license rights granted herein and that such submissions do not violate the privacy, publicity, or contract rights or any intellectual property or other rights of any person.

Keywords that jumped out at us: perpetual, irrevocable, transferable, modify, and publish. Here was the fun part. So I talked with customer service. Trying to explain to DirecTV why this was a problem was challenging. First, “irrevocable”. So if we agree, according to this, we cannot change our minds later.

Second, the section about modifying our profile and publishing it (which they insisted they don’t do).  In theory, DirecTV could modify our profile to make it appear we watch shows we don’t watch. Why is this a problem? Years from now, we, or you, might want to run for public office. Ha ha. 😊 But seriously, they could increase the price of advertising by making it look like more people watch a show than are actually watching. The price of a Super Bowl ad is significantly more than other football games because of viewership numbers.

DirecTV is a service we PAID FOR so why do we have to give up our privacy? We don’t. CANCELLED. While writing this, I noticed they recently changed their privacy policy and my first thought was, ‘They listened!’ Then I read it.  The keywords listed above are gone, but there’s this:

Web browsing and app information includes things like the websites you visit or mobile

apps you use, on or off our networks. It includes internet protocol addresses and URLs,

pixels, cookies and similar technologies, and identifiers such as advertising IDs and device

IDs. It can also include information about the time you spend on websites or apps, the links

or advertisements you see, search terms you enter, items identified in your online shopping

carts and other similar information.

Items in my online shopping cart? You mean DirecTV wants to know about the baby items I ordered as a gift to send me targeted advertising? No, thank you.

Next up, free apps! They need to make money so what are people giving up to use them? The best example I share with students is Snapchat. Do a quick search for some of the words mentioned above and check out section 3:

  • perpetual? ✔
  • irrevocable? ✔(irrevocably)
  • transferable? ✔
  • modify? ✔
  • publish? ✔ can delete your pictures or publish them without your permission. It is a jaw dropping moment for many. 

Free games. I used to enjoy mindlessly playing Harry Potter: Hogwarts Mystery on my iPad until the terms changed:

https Data we receive when you use the Services: We also may collect the following Personal Data from our website or your device when you are using the Services or are navigating to the Services from other (third party) websites: certain information about your computer or mobile device including operating system, software version, Internet protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, language, details about your browser, location information (including inferred location based off your IP address), Internet service provider, pages that you visit before, during and after using the Services, information about the links you click, and other information about how you use the Services. Information we collect may be associated with your account and the devices you use.

“…pages you visit before, during, and after using the Services.” !!!!!!!

Another point to consider is how you log into websites. Some allow you to log in with your Google or Microsoft account. I noticed that the Microsoft permissions were less intrusive than the Google permissions. Often, there is a line that the app permissions include being able to “permanently delete” all your files. Recently that seems to have changed, but still something to watch for.

(If you’ve seen similar intrusive permissions, we’d love to know. Comment below.)

Something to consider from Tools and Weapons by Brad Smith and Carol Ann Browne (#RecommendedRead):

but, as I learned from individuals ranging from senior generals to a West Point cadet, one can't graduate from an American military acad- emy without taking a course in ethics.29 The same is not yet true for computer science majors at many American universities.

Ethics should be taught in schools, and not just at the university level. Not everyone creating apps attends university and not all care about your privacy.

Another gem for keeping your information safe: Don’t make it so easy. If a website gives you the password reset question options for mother’s given name, pick your favorite cartoon character. They need to know that you know the answers to your security questions, but we fail to see why they need to know answers to questions that may be on credit card applications. Also from Tools and Weapons, hackers search emails for the word “password” which often contain your password.

And the next time you are prompted to change your password YET AGAIN and add special characters, respond with this link: Best practices for passwords updated after original author regrets his advice. 

Speaking of passwords, after all that doom and gloom, here’s something that might make you smile: