[newday]

It's funny, because on the one hand we have privacy advocates demanding simpler and plain language TOS's that aren't so draconian. On the other hand, if you don't have a draconian TOS's, you're going to get sued by a privacy advocate.

[lukeschlather]

According to the article, the law in question explicitly says a TOS is not sufficient to grant permission.

Which is really the whole point. There's no room to negotiate the language of TOS, so it naturally is written to only benefit Facebook or Shutterfly.

[username223]

Or better, how about simple and honest business models? "Shutterfly is a photo printer, so they make money by charging people to print photos." No biometric database is needed.

[withdavidli]

They already acquired a company that does that and makes them into photo albums: Groovebook http://www.forbes.com/sites/amitchowdhry/2014/11/18/shutterf...

Know that you're just giving an example. Points about simple and honest business model comment. Maybe this is considered simple now in terms of the Valley. The honest part, almost no one reads the TOS/EULA.

[kefka]

But that is a low-margin business.

So I have tons of images associated with accounts. So, why can't I do a 'google' and image mine too? Aaaand, I can sell the results to whatever data company?

Suddenly, higher margins and fulfills corporate charter.

[kuschku]

A business making high margins is always suspicious – because they need to get the money from /somewhere/, and if you’re a customer, then the company will only get those margins by charging you more than it is worth.

(By the way, too high margins are even illegal in some countries)

[kefka]

That's the special part of this: People who buy prints that they upload are a customer and a product.

Companies that buy the aggregate big data package of all individual customers are also customers.

A simple EULA boilerplate "we can do whatever we want with your images" is usually enough to disclaim liability or privacy... Because you chose to upload them out of your control.

I didn't say it was ethical.

[forgottenpass]

Your comment seems to be missing the forest for the trees.

Privacy advocates aren't looking to let companies invade everyone's privacy as long as they do it right, the advocates want to stop it in the first place.

Have you considered that a company could use unintrusive technology, operate on private data only to the extent fundamental to delivering the product the customer has purchased and removing the surveillance clauses from their contracts of adhesion? I suspect privacy advocates might possibly leave them alone if they did that.

[jacquesm]

Another option is to simply behave.