Sears/Kmart spyware scandal (and Falkirk Wheel)

Sockpuppets! It's IT Blogwatch: in which Sears and Kmart are accused of pushing spyware and then pretending they didn't. Not to mention an amazing Scottish wheel-lock joining two canals almost 80ft apart...

Robert McMillan reports:

Sears and Kmart customers who sign up for a new marketing program may be giving up more private information than they'd bargained for ... According to Harvard Business School Assistant Professor Ben Edelman, Sears Holdings' My SHC Community program falls short of Federal Trade Commission (FTC) standards by failing to notify users exactly what happens when they download the company's marketing software. And given the invasive nature of the product, Sears has an obligation to make its behavior clearer to users. [more]

Dan Goodin adds:

It's not that Sears fails to notify users it intends to spy on them. Indeed, the email sent to users states that the application "monitors all of the internet behavior that occurs on the computer on which you install the application ..." The rub is that this unusually frank warning comes on page 10 of a 54-page privacy statement that is 2,971 words long. [more]

Why the long face, Ben Edelman?

The SHC/ComScore violation could hardly be simpler. The FTC requires that software makers and distributors provide clear, prominent, unavoidable notice of the key terms. SHC's installation of ComScore did nothing of the kind ... [it] also falls short in other important respects ... To my surprise, Sears defends the practices described above ... There's no good reason why users should share information about their browsing, purchasing, and other online activities. So time and time again, ComScore and its partners resort to trickery (or worse) to get their software onto users' PCs. [more]

CA's Benjamin Googins discovered the issue earlier:

In previous posts, I have given detailed information why the Sears software falls far short of CA and industry standards for proper handling tracking software ... I would expect a different response from [Sears] - namely one of engagement and seeking better understanding of my concerns ... The Sears software tracks a considerable level of user data (at a much greater level than most spyware I analyze) and therefore, the implementation of the Sears tracking software should be done with great care and consideration for user privacy. [more]

Jeff Ventura calls it, "Monumental stupidity":

Not even the old cliche “bad press is better than no press” can save [Sears]. Theres no honesty or authenticity here whatsoever. Why do this? What’s the sales pitch that convinces Sears and Kmart brass that this is a good idea? Are the execs really that clueless when it comes to web culture? ... It’s telling that Sears and Kmart think they can fool the community by hiding behind jargon-filled EULAs. [more]

Marshall Kirkpatrick draws his conclusions:

It seems obvious that privacy is going to be a major point of contention in the near-term future. It's only going to get hotter ... The story in the news this week is about Sears getting caught installing ComScore tracking spyware surreptitiously ... Who knows what it will be next week? ... The coming privacy wars are going to be high stakes and heated. [more]

Nathan K. Lovejoy makes an interesting comparison:

It demonstrates the boundaries of our exhibitionism. Many people will gladly install things like the Yahoo toolbar or RescueTime ... and allow their attention data to be tracked - but when it comes to Sears? No way. I don't mean to belittle the threat of spyware, it's a serious issue and shouldn't be tolerated, but much of this criticism seems to stem from the fact that this is a major corporation doing the surveillance rather than a cute little Web 2.0 start up. Really, both can do serious damage with that information. [more]

Marshall Sponder is blunt and to-the-point, sans obfuscation:

I would not call comScore software "SpyWare", exactly ... all of this would have OK if people opted in - if that, indeed, was what they chose to do (be tracked) - but that's not what they thought they were doing ... Someone at Sears / K-Mart ought to go to jail for this. [more]

And finally...

• The World's First and Only Rotating Boat Wheel [hat tip: boing boing]

Buffer overflow:

• Alpha Doggs: Now you can blame cell phone wielding drivers for causing traffic jams, not just accidents
• Groklaw: News about LANCOR v. OLPC
• Rands In Repose: Year in Twitter
• Rough Type: Will work for virtual gold
• Dejan Bosanac: Dealing with large code bases
• Paul McNamara: 8 can't-miss tech predictions for 1998
• Tony Pearson: IBM Acquires XIV
• Locutus: CMMI is not a secret code
• Tom Olzak: Microsoft puts the smackdown on older Word docs
• Ben Kuchera: Kiss Me, Kill Me, Thrill Me: ups and downs in gaming 2007
• Mike Masnick: Techdirt: Washington Post Flubs Story On RIAA -- RIAA Still Not Going After Personal Copies (Yet)

Other Computerworld bloggers:

• Michael R. Farnum: Laptops plus holidays equals malware city
• Robert L. Mitchell: Green Computing? Not my problem!
• Sharon Machlis: iPhone vs Centro: Pretty & Pricey vs. Fast
• Martin MC Brown: The missing link in the Apple home video solution
• Mike Elgan: Pocket projector to hit CES
• Ken Mingis: The big story of '07? The iPhone, according to readers
• Shark Tank: Details, details
• SaaS Revolution: SaaS in 2008
• Angela Gunn: Not dark yet... wait, yes it is
• Douglas Schweitzer: Apple is ripe for the picking!
• Shark Bait: Oh, that part?

Richi Jennings is an independent analyst/adviser/consultant, specializing in blogging, email, and spam. A 20 year, cross-functional IT veteran, he is also an analyst at Ferris Research. You too can pretend to be Richi's friend on Facebook, or just use boring old email: blogwatch@richi.co.uk.

Previously in IT Blogwatch:

• So farewell then, OLPC CTO (and dm.ca)
• The RIAA hates us all (and bigtit.hu)
• "SCOX: R.I.P.," says NASDAQ (and Belgian trash)