Chapell & Associates

Friday, September 01, 2006

The privacy investigation of eBay UK

eBay UK is being investigated for possible privacy violations by the UK Information Commissioner’s Office (ICO). eBay UK allegedly violated the UK Data Protection Act of 1998 by making it extremely difficult for users to delete their accounts. Although the other large website companies cited in the report by Privacy International, which spawned the complaint, don’t even offer users the ability to delete their accounts, Privacy International targeted only eBay in its complaint to the ICO.

Although Privacy International’s report focuses primarily on the issue of deleting users’ accounts, the reason that its “test complaint” was filed against eBay UK is probably due to eBay’s Verified Rights Owner (VeRO) Programme, which was also mentioned in the report.

eBay’s VeRO Programme is supposed to guard against copyright, trademark or patent infringement and help prevent the sale of counterfeit goods by sharing users’ personal information among the over 10,000 Programme participants. In an article that appeared in The Guardian, eBay stated that it shared user information only with law enforcement agencies. The same article reported that the ICO would be looking into what criteria are used to share the information among VeRO Programme participants.

I think it’s perfectly reasonable for the UK ICO to want to examine eBay’s VeRO Programme more closely – and for Privacy International to bring it to the ICO’s attention. However, it seems a bit disingenuous for Privacy International to prepare a report based upon the receipt of “a number of complaints from Internet users claiming that some large online organisations operating in the UK market have either disabled or obstructed the deletion of customer accounts,” and then to file a complaint against the only large company that permitted the deletion of users’ accounts, rather than against its other “case study,” Amazon.co.uk.

Privacy International notes that Amazon “provided the most blatant example of companies that refuse to provide account delete facilities.” Privacy International also acknowledges that eBay UK permits users to delete their accounts, albeit after some non-intuitive hoop-jumping. If this were really about denying users the ability to delete their accounts, why not go after Amazon UK, a well-known company that doesn’t permit account deletion at all? That would, after all, make a relatively easy and straightforward case for violating the UK Data Protection Act. Yeah, but then the Information Commissioner’s Office couldn’t also be looking into a law enforcement-type data-sharing program like VeRO as part of the complaint.

It would be nice – and consistent – if privacy advocates were as transparent in their motives as they expect other entities to be.

posted by Elise on Friday, September 01, 2006 | |

Protect Your Brand from Rogue Affiliates

iMedia Connection - September 01, 2006

A Chapell Article
About a year ago, I attended an online advertising event in New York, where several retailers complained about affiliates who were distributing their ads via adware. Some of the merchants had chosen to cut ties with a number of these affiliates once they made this discovery. Seems reasonable enough, right? So here we are a year later, and there are still many organizations that don't have enough reliable information to determine with whom they should partner.

Why don't advertisers know more about their affiliate partners? And given the relative risk of NOT knowing, what does this mean for those who are looking either to enter or to increase their web presence via affiliate channels? At the very least, it means Caveat Emptor (or perhaps more exactly: Caveat Mercator).(more).
posted by Isaac on Friday, September 01, 2006 | |

© 2005 by Alan Chapell & Associates LLC