Exactly. If a company wants to sell my data, they should have to make an explicit agreement with me to do that. If law enforcement wants data from my phone company, they should either produce a warrant or get my permission to release it. And so on.
If a company holds my data, they should be legally accountable for safeguarding it, and liable if it gets in the hands of someone I don’t have an agreement with. Banks do that with my money, I don’t see why social media companies should have any less expectation here.
And no, burying some form of consent in a TOS isn’t sufficient, it needs to be explicit and there needs to be a reasonable expectation that the customer understands the terms.
I’d say it also needs to be entirely optional and be opt-in only. Any service, program, whatever needs to work fully for anyone who doesn’t allow their data to be sold or released with extremely few exceptions.
Exactly. If a company wants to sell my data, they should have to make an explicit agreement with me to do that. If law enforcement wants data from my phone company, they should either produce a warrant or get my permission to release it. And so on.
If a company holds my data, they should be legally accountable for safeguarding it, and liable if it gets in the hands of someone I don’t have an agreement with. Banks do that with my money, I don’t see why social media companies should have any less expectation here.
And no, burying some form of consent in a TOS isn’t sufficient, it needs to be explicit and there needs to be a reasonable expectation that the customer understands the terms.
I’d say it also needs to be entirely optional and be opt-in only. Any service, program, whatever needs to work fully for anyone who doesn’t allow their data to be sold or released with extremely few exceptions.