Privacy stink erupts over Borders bankruptcy deal

Barnes & Noble doesn’t want to adhere to Borders’ consumer privacy agreement

To perhaps to no one's surprise, Borders bookstore collected a ton of consumer information - such as personal data including records of particular book and video sales - during its normal course of business.  Such personal information Borders promised never to share without consumer consent. But now that the company is being sold off as part of its bankruptcy filing, all privacy promises are off.

Reuters wrote this week that Barnes & Noble, which paid almost $14 million for Borders intellectual assets including customer information at auction last week, said it should not have to comply with certain customer privacy standards recommended by a third-party ombudsman. In court papers, Barnes & Noble said that its own privacy standards are sufficient to protect the privacy of customers whose information it won during the auction. 

More interesting news: 20 of the weirdest, wackiest and stupidest sci/tech stories of 2011 (so far!)

At the heart of Barnes & Noble's disagreement is the court appointed Consumer Privacy Ombudsman Michael St. Patrick Baxter of the Washington, DC law firm Covington & Burling's requirement that any use of Borders consumer information would require consent.

From Reuters: "Barnes & Noble rejected the consent requirement as 'completely unrealistic.' The retailer proposed narrowing the recommendations to allow it to use its own privacy policy to govern the customers, which it said provides as much protection as Borders' policy, if not more."

The Federal Trade Commission has weighed in on the matter saying in a letter to St. Patrick Baxter's office that recommended that any transfer of personal information in connection with a bankruptcy sale take place only with consent of Border's customers or with significant restrictions on the transfer and use of the information.

The FTC wrote, in part: "The representations Borders made to its customers about the privacy of their information, including email addresses and purchase history, would likely be considered very important to many customers. In particular, information about the types of books and videos customers have purchased would be considered personal to many customers.  Consumers who bought such items would likely be very concerned if their information were to be transferred without restriction to an unknown purchaser for unknown uses. Potential Sale or Transfer of Personal Information We understand that Borders' customer information constitutes a potentially valuable estate asset. We are concerned, however, that any sale or transfer of the personal information of Borders' customers private information would contravene Borders' express promise not to disclose such information and could constitute a deceptive or unfair practice.

The Commission has brought many cases alleging that the failure to adhere to promises about information privacy constitute a deceptive practice under the FTC Act. These cases include FTC v. Toysmart, in which the Commission sued an online toy retailer which had filed for bankruptcy and sought to auction the personal information it collected from its customers. The Commission alleged that the sharing of private information in connection with an offer for sale constituted a deceptive practice because the company had represented in its privacy policy that such information would never be shared with third parties."

The FTC went on to say its privacy concerns in the Borders case would be reduced if:  

  • Borders agrees not to sell the customer information as a standalone asset;
  • The buyer is engaged in substantially the same lines of business as Borders;
  • The buyer expressly agrees to be bound by and adhere to the terms of Borders' privacy policy
  • The buyer agrees to obtain affirmative consent from consumers for any material changes to the policy that affect information collected under the Borders' policy.

The sale of Borders assets should be finalized this week before a judge in New York if the privacy argument doesn't torpedo the agreement.  

 Follow Michael Cooney on Twitter: nwwlayer8  

Layer 8 Extra

Check out these other hot stories:

Prototype system promises 54% smartphone battery life boost

HP CEO Apotheker on his way out?

NASA unbolts open source space applications challenge

US Energy Dept. finds myriad challenges to building culture of network security

Nigeria tries to quash rumor of "killer cell phone number"

NASA spots Star Wars-like "Tatooine" planet orbiting two stars

NASA's big space telescope avoids death-by-budget-cut

Cyber-attack: A big one is coming says US Cyber Command General

NASA picks five companies to study solar electric spacecraft propulsion

EPA offering $500k to rev-up nationwide auto diagnostic Web site

US plan fires up gigabit application development for ultrafast networks

US lacks serious cyber intelligence

Verizon fires workers who ran, participated in office football pool

Got acne? There's NOT an iPhone, Android app for that, FTC says

US blusters up $43M to grow off-shore wind energy

Carnegie Mellon opens competitions aimed at building slick robots

From CSO: 7 security mistakes people make with their mobile device
Join the discussion
Be the first to comment on this article. Our Commenting Policies