Voter.com to sell membership list

The recently failed political portal Voter.com plans to sell a list of 170,000 e-mail addresses, complete with the party affiliations and issues of interest to people on the list, raising new concerns about the strength of voluntary privacy protections when companies go belly-up.

In an attempt to head off privacy concerns, Voter.com is requiring bidders to agree that they will use the list only to "provide personalized political news and information to the subscribers." That would be consistent with the former Web site operator's privacy policy, which said that if the company was sold, data about subscribers could be transferred only if it was to be used for that purpose.

A call to Voter.com's office in Washington wasn't returned.

Privacy advocates, however, complain that the sale of such sensitive information could easily result in misuse of the list. The loophole in the original privacy policy may keep Voter.com out of legal trouble, but subscribers could be in shock if the list is purchased by partisan political groups, they say.

"This takes many of the other sale-of-information issues to the next level," says Deirdre Mulligan, director of the University of California at Berkeley's Samuelson Law, Technology and Public Policy Clinic. Political preferences are "highly sensitive," and a sale could easily allow the information "to go to people that subscribers would never have chosen to share it with, like people on the other side of an issue," she adds.

Jason Catlett, president of Junkbusters, notes that Voter.com is trying to sell the list to multiple buyers, which probably isn't what consumers expected if they had read the provision of the privacy policy covering a sale of the company.

"It's not what the average person would expect to happen," Catlett says. "It's another example of how privacy policies are usually a hopeless way to protect privacy because the consumer doesn't have predictable rights."

The e-mail address list doesn't include people's names and home addresses, though it does include other demographic data such as gender and home zip code.

In a description of the data offered for sale, Voter.com says the e-mail addresses were from people who subscribed to one or more of the site's newsletters. "The subscribers are identified by e-mail address and issue interest(s) and, in many cases, have additional demographic information associated with them that could include zip code (which allows segmenting by geography), sex and political party," the site says.

Political consultant Jonah Seiger, co-founder of Mindshare Internet Campaigns, says the sale of the list renews questions that many had when Voter.com hatched its business plan of seeking profit by gathering personal political data about individuals.

"It confirms many of the worst fears of what they were up to," Seiger says. "I would hope that any reputable entity would think long and hard about the value of this list before buying it."

Voter.com announced Feb. 5 that it was closing, another victim of the failed political portal business model. The site had hoped to profit by attracting a large audience of voters with original content penned by the likes of Watergate sleuth Carl Bernstein. But like others in the niche, Voter.com found that it couldn't attract enough advertisers or viewers.

The controversy over sales of personal data collected by bankrupt Web sites first arose in July when the Federal Trade Commission moved to block defunct Toysmart from selling its customer list. While in business, the former toy retailer adhered to a posted privacy policy that forbade the company from sharing personal customer information with outside parties (see story).

The issue could become moot if a version of the bankruptcy reform bill being considered by the Senate becomes law. Sen. Patrick Leahy (D-Vt.) added a provision to the bill forbidding bankrupt companies from selling personal data collected under privacy policies that restrict such transfers.

The version of the bill already approved by the House lacked the privacy protection provision, so a conference committee would have to agree to add it for the measure to become law.

Related stories:

For more coverage of this issue, visit Computerworld's Privacy Issues page.

Related:

Copyright © 2001 IDG Communications, Inc.

9 steps to lock down corporate browsers
  
Shop Tech Products at Amazon