Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Spam

What to Do When Company Breaks Privacy Agreement? 43

Posted by Cliff from the as-the-consumer-suffers dept.
Mustang Matt asks: "Earlier this month, I caught ALXNet redhanded in breaking their own agreement in their privacy disclaimer. I've started generating unique email addresses for use in signups that are formed like [domain]@mydomain.com. [ C :"mydomain.com" is just used as an example, here] I just received spam to alxnet@mydomain.com, and here's the kicker: what I received was not even from ALXNet! It was filled with forged headers regarding an online trading newsletter, and this address has never been used anywhere else other than their signup. How can I hold them accountable? All I've done so far is asked Yahoo to close the account they are using." What, if anything, can be done about companies that pay lip service to their privacy agreements? For those SPAM busters out there, an example of the SPAM's headers is included, below.
SPAM with full headers: 
Return-Path: directaccessus@yahoo.com

Received: from yourwebsite.com (66-108-136-65.nyc.rr.com [66.108.136.65])
by linux.thoughtprocess.net (8.11.0/8.11.2/SuSE Linux 8.11.1-0.5) with SMTP id fB7M8Dv07978
for alxnet@mydomain.com; Fri, 7 Dec 2001 16:08:13 -0600
Message-Id: 200112072208.fB7M8Dv07978@linux.thoughtprocess.net
X-Authentication-Warning: linux.thoughtprocess.net: Host 66-108-136-65.nyc.rr.com [66.108.136.65] claimed to be yourwebsite.com
Reply-To: directaccessus@yahoo.com
From: directaccessus@yahoo.com
To: alxnet@mydomain.com
Subject: Trading Newsletter
Sender: directaccessus@yahoo.com
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Date: Fri, 7 Dec 2001 17:12:38 -0500
X-UIDL: 6cadc61cbcf01cac2a66f167c5416863
This discussion has been archived. No new comments can be posted.

What to Do When Company Breaks Privacy Agreement? More

What to Do When Company Breaks Privacy Agreement?

Comments Filter:

  • Use the power of the free market (Score:5, Interesting)

    by an_mo ( 175299 ) on Saturday December 22, 2001 @09:02PM (#2742630) Journal
    I am afraid most of those privacy statement in the U.S. are unilateral, and can be revoked by anytime by the company that offers them to the customers. Read the fine print: I bet you'll find they stated that they could change their privacy policy anytime; you can argue they did it without notice but if they posted it on some page on their web site they can argue they gave it enough publicity (sure you don't want an email from them anytime they change two words of legalese contracts :-) )

    Then your only weapon is to let them know you're pissed and to change company. A little sad, but hopefully if enough people care about this then you'll find a company willing to maintain its reputation.

    The situation in some other countries is a little different; in some european countries you have to sign in advance a statement that says you are aware of the privacy policies. Most of the times you have to sign a statement saying you are aware you have no privacy. In the end the outcome is no better and sometimes worse than the american market solution to privacy.
    • I'm afraid that the above poster may be right, but here is one possibility: You *generated* that id, right? So maybe that means you hold the copyright on that... So they may have violated copyright laws. It may not hold up in court, but who knows, a sympathetic judge may decide that slapping down the spammers who write fake privacy contracts is just the right thing to do.

  • Alxnet's employees (Score:2, Informative)

    by p0ppe ( 246551 )
    A picure of Alxnet's employees can be found at http://www2.alxnet.se/img/misc/press/alxnet_employ ees.jpg [alxnet.se]. It's always nice to *see* who you're dealing with.

  • post about it on slashdot (Score:5, Funny)

    by Phork ( 74706 ) on Saturday December 22, 2001 @10:01PM (#2742811) Homepage
    i suggest you make a post to slashdot about how the violated there privacy statement, it should generate lots of negative PR for them, and cost them some cash for the extra bandwidth for their server from the slashdotting. If you cant get the story on the main page, try submitting something about it to askSlashdot, it wont be seen by as many people, but will still be seen by a large amount.

  • what no lameness filter on the story!! (Score:5, Interesting)

    by DrSkwid ( 118965 ) on Saturday December 22, 2001 @10:03PM (#2742823) Journal
    i'm having to scroll left and right to read the comments, sheesh, don't the editors have a preview (not that it helps me !)
  • ...because Yahoo won't cut anybody off for spamming. They're as black-hat as it gets with their own spammers.
  • Next time, sign up with mydomain@alxnet.com. That should sort them out.

  • I always sign up as (Score:4, Funny)

    by Beowulf_Boy ( 239340 ) on Saturday December 22, 2001 @11:54PM (#2743120)
    Root@wherever_im_signing_up_at.com and hope that they run a unix.

  • Upstream ISP (Score:2, Interesting)

    by leastsquares ( 39359 )
    I also use unique email addresses for web sign-ups. And, occasionally get spam sent to those addresses.

    I forward the spam to all of the upstream servers in the form abuse@upstream.com, root@upstream.com, postmaster@upstream.com.

    Nearly always, I get no response, except in one case I received an email stating that the company had been warned that if this happens ever again, their hosting contract will be cancelled. I thing this is enough justification to continue this procedure.
  • My attitude is this ... since most of the spam I get comes from either yahoo or hotmail. I opened an account on both of them. I alternate between them on the net. When they fill up. I open more accounts. Fake name and e-mail and I'm off and using their bandwidth for the spam they create instead of mine. Doesn't do much good. But I feel better.
    • Choose your fake e-mail id wisely. When one of those places opened up with free emails I got the account "fakeemail@yahoohotmailetc.com" and interestingly enough some decent perl coders out there have started to filter out people who use words like fake and email and I've also noticed some that prevent you from using their own domain name (as suggested in an above post).

      So now I can't use that account even for legit email that maybe I wanted to get...
  • Hi!

    My name is Alx Grepe and I am the founder and owner of <B>Alxnet AB</B>,
    owners of alxnet.com / alxbook.com.

    I have come to know of this message thread thru a reader who e-mailed me for
    an advice on this matter.

    <B>To start off:</B> Alxnet.com does NOT promote spam. We did NOT send the
    message out. We collect e-mails to use for login purposes at our services as
    well as populating our news letters.

    We also offer advertisers to send e-mail advertising to our users on a
    <B>100% double opt-in</B> basis where the advertiser does not actually get
    the e-mail but rather send it out thru our list broker, PostmasterDirect.com

    We do NOT send out mailings to our users on our news letters without their
    possibility to remove themselves at any time.

    <B>Second:</B> We will investigate how this message was sent out to him, and
    as the sender seems to be using RoadRunner services in NYC, I bet it's not
    too hard to track him/them down. I've had problems with spammers using
    RR.com myself before. Whoever did this has hurt our business name and will
    not get a happy new year...

    We do not yet know how he managed to harvest this e-mail address, but we'll continue looking at it. All we know is that it did not originate from us.

    <B>Third, is Matt attempting FRAUD?</B>:
    As I wrote a response to Matt I noticed something about his e-mail address
    that made me recall that I did in fact remember the domain it was sent from,
    mail.win.org).

    I looked up my e-mail box, as I save all outgoing e-mail, I found a letter
    sent from him to me that I had sent to Paypal.com:s abuse department.

    The mail was sent to me from Matt thru Paypal to the address at which I
    signed up for the alxbook.com domain in the whois registry:

    alexander.grepe@ABC.SE

    I never see mail go to that address with the abc.se in capital except when I
    recieve spam harvested from Network Solution. (they seemed to upper-case
    domain names in e-mails for some reason)

    What's worse, the letter Suject read:

    "Bill for Email Processing"

    the body read, in short:

    Money Request details

    Ammount: $50
    Event: Bill for e-mail processing
    Event Date: December 13, 2001
    Note:

    Your company has been found in violation of your privacy agreement [...] and in
    violation of Missouri Senate Bill 763.

    [...]

    Thank you for doing business with us, Unpaid accounts will be turned over
    to the legal department.

    Alx: how rude is that?

    <A HREF="http://www.alxnet.com/mkaatman.txt">http: //www.alxnet.com/mkaatman.txt</A>

    Is Matt trying to rip us off? This sounds like a kind of invoice scam which is a classic trick. During many years faked
    invoices have sent out to companies, who afraid to get listed at authrities as non-payers or ending up with a legal situation
    accepts and pays bills to FRAUDsters.

    You judge if he did right or wrong, my opinion is clear.

    Matt has not contacted me in any way except this, thru PayPal. I have discarded his e-mails as just another clever way to scam people off.

    PayPal has been informed of this act as I hope it'll come to his attention how wrong this is.

    For any further information on this event, feel free to contact me, Alx Grepe,

    by e-mail: alexander.grepe@abc.se
    or phone: +46-708627783 ...

    I'm playing with open cards on this to let you know we are not violating privacy rules, nor do we tolerate attempts of fraud thru e-mail...
    • If in fact you did sell his email address to a spammer in conflict with your own privacy policy then I think he is justified in sending you a bill to cover his time, energy, and resources at a rate he considers reasonable.

  • Alxnet answers - we know where he got the spam (Score:5, Informative)

    by Alxnet ( 545824 ) on Sunday December 23, 2001 @08:21PM (#2745705)
    Hi again readers! It's now been confirmed - We have now found that Matt, depsite what he told the readers, did not only use that e-mail address to sign up to the services. Our services provided are guestbooks for homepages, Matt put on on his. In a message on that guestbook: http://pub.alxnet.com/guestbook?id=2249224 He has posted a message with this address in, and that's where a spam harvest bot found it. So, Alxnet has not given out the address, he did himself. Matt's false allegations has as well put us in a bad spot. Some kind of one-man warrior who in thinking he would do justice has after reading this compromised one of our testings server (let's face it, the machine has been running since '98 w/o harm and it was hacked today, we draw our conclusions).. Fortunatly, this is not a mission critical machine, but on the other hand - it's made things hard for thousands of people to send Christmas Wishes. If you who read this feel hit by this as being the one who did this, call us or e-mail us telling us you're sorry we will accept this in the spirit of christmas. LESSON LEARNT: Do not judge people without learning the whole truth. Ask both sides for their view on the story or it will make you blind... With best regards and Merry Christmas! Alx Grepe CEO & Founder Alxnet.com E-mail: alexander.grepe@abc.se Phone: +46-708627783

  • My apologies to ALXNET (Score:5, Informative)

    by Mustang Matt ( 133426 ) on Sunday December 23, 2001 @10:30PM (#2745986)
    I've been conversing back and forth through email with Alx and his team discovered the root of the problem. The address was indeed posted into a guestbook. Not by myself, but that doesn't matter, I know how it got there.

    All I can say is that I gave them two weeks to respond, sent them paypal bills per articles discussed here on slashdot, but in the end, this is my fault and I apologize for that.

    Now they've contacted paypal, so I imagine my account will get frozen which is unfortunate due to the amount of money I have sitting there.

    If they had only responded to any of my emails earlier this all could have been prevented.
    It's unfortunate that only after getting publicity for what appeared to be a major flaw on their end were they willing to respond.

    Again my apologies. Have a Merry Christmas.
    Matt
    • You are a real loser.

      Reading of troll stories on Slashdot is a violation of my principles.

      Please send me your email address so that I can bill you $15,000 under the New York Unsolicited Email and Self-Important Fucktard Enforcement act.

Slashdot Top Deals

One man's constant is another man's variable. -- A.J. Perlis

Close