Blog Post

WSJ rolls back privacy and nobody cares. They should.

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

On Sept. 27, the Wall Street Journal (s nws) updated its online privacy policy to both read more clearly and to lay out some new, more invasive, practices. The resulting lack of outrage — or even discussion, really — highlights that we have a long way to go to get online privacy where it needs to be.

Somewhat amazing is that the new policy actually grants the WSJ more rights to user data across all its web properties, and yet nobody seems to care. Here’s how the WSJ‘s own Digits blog reported on the change: “The Wall Street Journal revised its website privacy policy … to allow the site to connect personally identifiable information with Web browsing data without user consent.” But other than a handful of articles and blog posts, the story has gone relatively underreported.

I don’t particularly care that the WSJ expanded its data mining reach — it’s the company’s right as long as we treat personal data as property that can be contracted away — but I do care what the lack of discussion says about how we think about online data privacy. If this had been Facebook making a similar move — or, actually, making a much less aggressive move — you couldn’t escape the outcry.

This suggests a narrow and perhaps wrongheaded view about the scope of the issue, about who, what and where are the real privacy threats. Yes, social media usage brings about all sorts of new privacy issues, but sharing information is, to some degree, the purpose of social media. Given that, Facebook is somewhat of an ironic privacy scapegoat while one of the nation’s largest news publishers makes linking personally identifiable information and on-site activity the status quo and there’s seemingly little concern.

Facebook — a young company dedicated to facilitating information-sharing on its relatively new and wholly unnecessary platform — turns up the sharing quotient a bit, and there’s outrage. Fair enough. But I’d argue it pales in comparison to a 137-year-old newspaper essentially saying that when you exercise a fundamental component of democracy on its web site by trying to keep informed, it knows who you are, what you’re reading and will use that information to make money unless you explicitly tell it not to.

A lack of meaningful consumer choice exacerbates the Journal‘s new policy. Despite its new, impressively frank description of what’s being used and how, the WSJ’s new privacy policy still makes opting out the norm, a procedure that many consumers likely would find too laborious. I don’t want to have to read a site’s privacy policy, bring up a couple of third-party sites and then adjust my browser settings just to read the news in relatively private manner. Sure, I could just read the news elsewhere, but that freedom will be of little value if every other reputable news site follow’s the WSJ‘s lead.

It would be great if a “Do-Not-Track” button accompanied a clearly worded privacy policy. But as I’ve argued before, we need a thorough public discussion of the pros and cons of data-tracking and analysis before we implement anything that gives consumers so much control over how the web does business. Plus, if all we care about is what Facebook and Google (s goog) are doing with our data, while giving other major sites a free pass, I don’t think we’re there yet.

Image courtesy of Flickr user Robert.Montalvo.

12 Responses to “WSJ rolls back privacy and nobody cares. They should.”

  1. Hmm, maybe nobody seems to care because nobody actually cares. Other than the author’s outrage and poor grammar, the story gives no reason why this is so “amazing”, “seemingly” or otherwise.

  2. Abine, Inc.

    People aren’t sufficiently worried about these things because they think, “I have nothing to hide; I don’t care about privacy.” This mindset is based on the faulty assumption that privacy is all about hiding negative things. It’s about positive rights, too: the right to live and speak freely without outside scrutiny. When we feel we’re being watched, we censor ourselves. Thus, tracking and surveillance have chilling effects on freedom of speech, freedom of association, self-expression, and other celebrated, protected activities. Simply put, we aren’t ourselves when we think others are watching. This is the privacy violation with which we should concern ourselves. This is the risk.

  3. Mary Ludloff

    I agree–privacy policies are so bloated that if I remember correctly, it would take most people 200 hours per year to read (and understand) what information is being collected about them and what it will be used for. While “privacy” in terms of personal information may be difficult to legislate and enforce, the use of opt-in for any kind of data collection and usage is not. But that, of course, would limit the amount of data collected. More damning (at least in my mind) is that the WSJ is known in privacy circles for its continuing series on “What They Know” which covers privacy issues centered around most of the big data collectors and government. I took a cursory look this morning–no mention of WSJ’s policy change which certainly has an impact on all its subcribers (paid or not). I consider myself to be pretty dialed-in with regards to privacy but still have a problem keeping track of all the policy changes. How about a boilerplate privacy policy where companies must explain where they deviate from it (in non-legal jargon) and always present any data collection “change” or “usage” as an opt-in?

  4. I care…I had already un-bookmarked! :) Course I’m one of those freaks who never understood why people would make a Facebook account…

  5. Ordinary people cannot keep up with every single privacy threat. There needs to be a privacy consortium, like W3c that is the central repository of all alerts, information and watchdog.
    Such a service could even warn you when you reach a website that rates high on their watchlist so people are informed at the moment it happens. People cant keep up with all this information, we need a service to do this automatically for us. Isint there an app for that? There are fart apps, beer apps….

    • Sophy Bot

      This is a great point. Companies are constantly challenging the privacy of individuals, and the burden of tracking those changes is on the latter. And you’re right, why are there more fart apps than privacy-tracking apps?

  6. Greg Knieriemen


    There’s a world of difference between a social network site tracking your all of your activity (including pictures and status updates) inside AND outside it’s own web property (like Facebook does) and a media company matching your personal information with the content you read within their properties.

    • Derrick Harris

      The data is different, but that’s in part because FB is designed as a platform to share information. One could argue that tying PII to what you read is equally invasive, especially if the authorities start asking around. But my main concern is that we rarely have these discussions outside of FB or Google even though there’s a whole world of potential privacy issues that exist outside those two companies. If we view privacy through FB-colored glasses, we miss a lot of the issue.

      • Greg Knieriemen

        I agree with you – it’s a fair point for discussion and reasonable people will disagree on it.

        I’m looking at it through a different lens – is what the WSJ doing any less intrusive than Gmail? There are occasional grumblings around gmail, but generally people understand and accept that the content of their personal communication on gmail will be used to generate relevant ads.

        Based on your description, the WSJ looks less intrusive than gmail.