User permission opt in or out? Time for HDI!

3 mobiles optin privacy
Is grey opt in or opt out?

I’m one of those people who look at terms when using services or purchasing IOT devices. I also dont accept the cookie warnings unless I’m actually happy to use the service. This does make looking at any Oath/Yahoo site a pain for a while, as they use to have accept or nothing else (this changed).

Very sure a lot of the companies deliberately put up painful cookie notices to mislead their users. If this isn’t a dark pattern it should be?

Recently I noticed this cheeky one from the three mobile app. You can assume the sliders when grey are not active and the purple one on? But there’s no actual clear sign to say what is active/on and whats inactive/not. Its also interesting that the grey ones are the default, which you would assume are active/on in every other example you have experienced of this.

Another clear call for Human Data Interaction (HDI).

Better to know or to live in blissful ignorance?

23andme box

Following my brush with death I have taken a much deeper look at my family genes.

But one of the ultimate ways to know more is by signing up to 23 and me.

Although the idea freaks most people out, when you’ve been so close to death theres really little which can freak you out. So I have been considering the process quite a lot and looking through there material and some of the backstory of 23 and me.

Besides my thoughts of a world like Gattaca, I’m wondering if its better to know or live in a world of blissful ignorance? Although I do have to say blissful ignorance is part of the reason why I ended up in hospital. I do however wonder about 23 and me’s terms of conditions. There privacy statement is interesting too…

You may learn information about yourself that you do not anticipate. This information may evoke strong emotions and has the potential to alter your life and worldview. You may discover things about yourself that trouble you and that you may not have the ability to control or change (e.g., your father is not genetically your father, surprising facts related to your ancestry, or that someone with your genotype may have a higher than average chance of developing a specific condition or disease). These outcomes could have social, legal, or economic implications.

Genetic Information that you choose to share with your physician or other health care provider may become part of your medical record and through that route be accessible to other health care providers and/or insurance companies in the future. Genetic Information that you share with family, friends or employers may be used against your interests. Even if you share Genetic Information that has no or limited meaning today, that information could have greater meaning in the future as new discoveries are made. If you are asked by an insurance company whether you have learned Genetic Information about health conditions and you do not disclose this to them, this may be considered to be fraud.

We do not sell, lease, or rent your individual-level Personal Information without your explicit consent. As a general rule, 23andMe will not disclose your individual-level Personal Information to any third party, except under the following circumstances:

  • Partners or service providers (e.g. credit card processors or our contracted genotyping laboratory) process and/or store the information in order to help us provide, understand or improve 23andMe’s Services.
  • If you have consented for research, research contractors may access your individual-level Genetic and Self-Reported Information onsite at 23andMe’s offices for the purpose of scientific research, provided that all such research contractors will be supervised by 23andMe and subject to 23andMe’s access rules and guidelines.
  • If you have consented to use of your individual-level data in the Research Portal feature, qualified researchers (who must comply with certain requirements) may access your individual-level Genetic and/or Self-Reported Information for the purpose of scientific research, which could lead to commercial use.
  • We are required to do so by law or we do so in coordination with regulatory authorities (see the section below titled “Information Disclosure Required By Law”).
  • You have provided explicit consent for us to do so.

On a whole I don’t quite feel at ease with there terms of conditions or privacy statements. 23andme is a company and that worries me. If they were a charity or something like that, I would feel a slight bit better. How long will it be till they sell out on there users? You only have to look at what’s happened with Flickr to see the bizarre things that can happen.

So its not the information I’m worried about, its the way its stored and disclosed, now and into the future…

 

 

Terms and Cons

 

Not written about TOS DR or Terms of Service Didn’t read.

I have read and agree to the Terms” is the biggest lie on the web.  We aim to fix that.

ToS;DR aims at creating a transparent and peer-reviewed process to rate and analyse Terms of Service and Privacy Policies in order to create a rating from Class A to Class E.

A long time ago while the Data Portability group was in full swing, we talked about doing something very much like TOS DR but the issues of trying to get a unified system across all End User Licence Agreements (EULA’s) seemed like a total nightmare. The suggestion was to use a traffic light system to alert people of the bogus stuff ahead of time. This also meant it wouldn’t replace the EULA, it would just highlight some of the questionable stuff.

In the end it was far enough off the main focus of the group to make it a that would be nice rather than essential. Its a shame but it was the right decision for the time.

Hope the TOSDR guys get as popular as Creative Commons and team up with the likes of the plain english campaign.

To be honest if I had more time and wasn’t already doing lots of other stuff, I might be tempted to join in and help where I can.