Hacker News new | ask | show | jobs
by porpoisemonkey 3424 days ago
> Sure, they can destroy their data, but everything shared with those 3rd parties is still at those third parties.

Agreed.

I think it would be more effective deterrent if VIZIO had to work with those third parties to locate and delete the material that was transferred to them. This 1) would nullify the contract between VIZIO and those parties forcing VIZIO into back payment and 2) create an annoyance for the third-parties, hopefully making them think to ask how any data they're purchasing is being collected.

At a minimum I think that customers whose data was collected prior to March 2016 have a right to know which third-party companies purchased their information.
2 comments
PirateDave 3424 days ago
In California, there is the "Shine the Light" law [0] that requires a company to release third-party information to a consumer if there is identifiable information given to third-parties along with the data collected. So in this case, Vizio would be required (at least to California natives) to release those third-parties' names and associated data collected from you. [0] http://leginfo.legislature.ca.gov/faces/codes_displaySection....
link
porpoisemonkey 3424 days ago
Thanks for the additional information.

This is a step in the right direction but it's unfortunate that the obligation to disclose appears to be opt-in and not opt-out as detailed in paragraph (a).

> that business shall, after the receipt of a written or electronic mail request, or, if the business chooses to receive requests by toll-free telephone or facsimile numbers, a telephone or facsimile request from the customer, provide all of the following information to the customer free of charge

To compile a list of all companies that have their personal information an user would have to identify every business they have a business relationship with that could possibly be gathering this information and then send a written request to each on a regular basis as the request is only valid for information disclosed in the proceeding year. It seems then that this law only really covers consumers in the event that they find one specific and recent instance where they'd like this information disclosed.

link
porpoisemonkey 3423 days ago
Correction:

> To compile a list of all companies that have their personal information an user would have to identify every business they have a business relationship with that could possibly be gathering this information and then send a written request to each on a regular basis as the request is only valid for information disclosed in the preceding year.

link
ysavir 3424 days ago
As one of those customers, I definitely think so!
link