E' stata avviata nei giorni scorsi una azione collettiva nei confronti del colosso internet AMAZON, accusato di aver illegittimamente raccolto dati personali dei vari utenti con il solo fine di rivenderli a società terze.
Secondo l'articolo Seattle PI che di seguito proponiamo, l'attività di raccolta illegittima dei dati, avvenuta tramite "flash cookies", si sarebbe sviluppata anche attraverso la richiesta ai propri clienti del rilascio di consenso per informazioni ulteriori a quelle strettamente necessarie.
di seguito l'articolo di Seattlepi che ringraziamo per l'autorizzazione alla pubblicazione.
"Suit: Amazon fraudulently collects, shares users' personal info"
By NICK EATON SEATTLEPI.COM STAFF
"A class-action lawsuit filed Wednesday alleges Amazon.com fraudulently circumvents users' Web-browser privacy settings to collect personal information without permission and share it with other companies.
The suit says Amazon tricks Microsoft's Internet Explorer into thinking the e-retail site is "more privacy-protective than it actually is," and uses a clever work-around to collect users' personal information even if they have set their browser to block it. The plaintiffs allege Amazon knowingly and fraudulently set up its website to spoof IE, and purposefully misleads customers in its privacy policy published online.
"For years, Amazon has been taking visitors' personal information that it was not entitled to take," the lawsuit states. "It does so by misusing privacy-protection software on users' own computers, bending the software to Amazon's purpose of collecting more personal information than it had a right to collect or that users have given it consent to collect."
Since the release of Internet Explorer 6 in 2001, most websites have been using machine-readable codes that tell a browser their privacy policies -- such as whether a website sends cookies and with whom the website shares personal information gained from those cookies. Most websites use several standard "compact policy" codes such as "NID" (no identified user information collected), but Amazon uses the code "AMZN" -- which the lawsuit says is "gibberish."
That code tricks IE into thinking Amazon's privacy policy falls in line with a user's settings, even if they are set to the strictest level, the lawsuit alleges. Even if IE blocks Amazon from sending and accessing cookies, as a work-around Amazon also uses what are informally known as "Flash cookies" -- files that transmit data via Adobe Flash Player, which is on most people's computers, instead of Internet Explorer.
Browser cookies are small files that are often left on a user's computer when they visit a website. Amazon.com, for example, accesses those cookies to look at the user's browsing history there, and can glean what types of products the users has browsed or purchased.
Most of the time, cookies must be enabled for someone to sign in to Amazon, add items to their shopping carts and check out. Many websites can't function fully if a user turns off cookies in their browser privacy settings.
But turning off cookies is more secure, keeping websites from accessing a user's personal information. The major Web browsers -- Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari -- all have features that allow the user to identify specific websites as "trusted," allowing only those approved sites to send and access cookies.
Most likely, people would consider Amazon a trustworthy website. But the plaintiffs in Wednesday's case, filed in U.S. District Court in Seattle, want to call that into question.
One of the plaintiffs, Ariana Del Vecchio, said that after she started using Amazon in 2008 to buy pet-care products, she began receiving snail-mail advertisements from companies with which she'd never done business. Amazon, the lawsuit suggests, only could have done that by sharing her personal information with other companies, even though her computer was set up to restrict Amazon's access to her data.
"Amazon claims in its privacy notice that it does not share users' information with third parties for advertising purposes and that, instead, it delivers third parties' advertisements on their behalf," the lawsuit alleges. "In fact, Amazon shares users' PII with third parties for those third parties' independent use and does not disclose this fact to consumers."
Amazon did not reply to multiple and repeated seattlepi.com requests for comment.
The other plaintiff, Nicole Del Vecchio, stated she found Flash cookies on her computer that Amazon had used in circumventing her strict IE privacy settings. IE was supposed to keep Amazon from sending cookies to her computer, and did, but Amazon got around it by using Flash cookies, the lawsuit says.
As a class-action lawsuit, the case represents anyone who has used Internet Explorer versions 6, 7 or 8 -- with high privacy settings -- to visit Amazon.com and purchase products there. The plaintiffs are asking for a jury trial, injunctive relief and monetary damages, which could be spread among millions of consumers.
The lawsuit also alleges Amazon deliberately misleads users in its online privacy statement by saying Flash cookies -- officially known as Flash Local Shared Objects (LSOs) -- are similar to browser cookies, when they are in fact much larger in filesize, can be accessed by other websites, and are difficult to manage or delete.
"Amazon, through its use of an invalid Compact Policy and Adobe Flash LSOs, causes IE users' browsers and computers to perform in ways the users do not want," the lawsuit states. "Amazon does so intentionally, diminishing the performance and value to users of their browsers and computers.
"The costs and harms described above are aggravated by Amazon's continued re-tention and commercial use of the improperly acquired user data."
fonte: http://www.seattlepi.com
Nessun commento:
Posta un commento