Categories

BitTorrent
Conferences
Direct Revenue
Julie Amero
Myspace
Podcasts
Postbag
The Big Ones
The Fourth Wall
Yapbrowser
Zango

Creative Commons License
All articles licensed
under a Creative
Commons License.  








Home | About me | Press | The Fourth Wall | Links

Friday, January 21, 2005

Even Mario can't squash Nintendo's web-bugs

Ever checked out Nintendo's privacy policy? 3162 (of spywarewarrior fame) did and the results are surprisingly dubious. Apart from the amazingly dodgy "privacy policy" for children wanting to sign up to Ninento's online services:

"Nintendo will collect and store the following types of personal information about a child under 13: child's name, child's e-mail address, child's mailing address, child's cell phone number (to receive text messaging), child's Nintendo Power member number (if one exists), parent's name, parent's mailing address, parent's phone number, and parent's e-mail address. Nintendo will also collect the child's date of birth and link it to the child's personal information after obtaining consent."

"We do not collect personal information about a child through the use of passive collection mechanisms such as cookies; however, information contained in a cookie may be linked to a child's personal information."

"Once a child's registration is collected with parental permission, the child's information will be used to provide the child the benefits that come with registration. These benefits may include participation in surveys, community features (such as chat rooms and message boards), and other site activities and features (e.g., submitting game reviews and uploading graphics). With a parent's permission, we may also use a child's information to send the child messages (via e-mail, regular mail, or text messaging) from Nintendo or on behalf of our partners."

...they also appear to have a nice line in trying to make web-bugs appear to be user friendly:

"Nintendo uses a common Internet technology called "Web beacons" (a.k.a. "Web bugs," "action tags," "pixel trackers," or "clear GIFs") on some of our sites. Web beacons are small graphic images placed on a Web page, Web-based document, or in an e-mail message that is designed to allow us or our vendors to collect certain information and monitor user activity on our sites. Web beacons are invisible to the user because they are typically very small (only 1-by-1 pixel) and the same color as the background of the Web page, document or e-mail message. We do not use Web beacons to collect personal information about you.

Sorry, web-beacons! Have to remember to make them sound more cuddly than they actually are. And here was me thinking:

"non-personal information such as the IP address of the computer that the Web beacon is sent to, the URL of the page the Web user comes from, and the time the Web beacon is activated (such as when you view the Web page, advertisement, or e-mail that contains the Web beacon)."

...actually was personal (and personally identifiable) information. Oh well.

Reading on, the next line is a killer:

"In general, we do not link such non-personal information to personal information already collected about you; however..."

...if they want to, they will.

They also mention that any web-bugs their "vendors" employ will also be along the same lines. Oh, well that's okay then. I have no problem with such a vague and spurious privacy policy that outlines the bare minimum needed to get away with whatever merry hell they feel like. Who are these vendors? What do they do? When are they employing their web-bugs? For what purposes besides what Nintendo already outlined (if you could call it outlining?)

Allowing these vendors to occasionally "include" a web-bug in emails that they send out also smacks of web-bug spam, and before they send these mails out, are they first of all sending another mail out to warn users of the bugged mail - just in case, you know, you didn't actually want it?

I think not.

Anyone signing up to this policy is asking for very vague terms and conditions being applied to them without actually getting into the nitty gritty specifics of the issue at hand.

Added to this is the creepy way the guardian permission PDF is spelt out (you might as well brand your child on the head and include their trouser size, considering the wealth of information they want about little Jimmy - and notice the BIG RED WARNING NOTE regarding charges incurred on the child's mobile for Nintendo texts, without mentioning the exact policy for how these texts arrive on the phone). Does the child enter a code to be sent them? Or do Nintendo just fire out a stream of cash sucking messages? Who knows, but you have a rather alarming situation which has apparently been rumbling along for some time.

Is this a big "NO" to the Big-N?

posted by paperghost at 10:37 AM | Digg it!

All Content © Vitalsecurity.org 2006. The content of this site is entirely the opinion of Paperghost, and is in no way endorsed by FaceTime Communications. In other words - have a problem, come see me.