Welcome to the SecAware blog

I spy with my beady eye ...

5 Jun 2007

An everyday privacy incident (averted)

Today I was fortunate enough (lucky me! How exciting!) to be invited to participate in an online Technology Management survey, "an opportunity for IT Executives to share their opinions on the evolving role and influence of the CIO in today's corporate enterprise" being conducted by CIO Magazine, apparently. I say apparently because the survey URL in the email took me first to a page on the CXOmedia.com website (which is presumably CIO Mag's publisher) and then auto-redirected me here. That final destination is a third party, and looks like a typical market survey site. Unfortunately, that page also looks a lot like a typical phisher site, complete with CIO logo (but not other elements of the CIO mag website's standard design) and typo i.e. "The drawing is open to legal U.S. and Canadian (expect Puerto Rico and Quebec) residents".

But it's OK because, according to the email, "Your responses are completely confidential and will be used only in combination with other survey responses." So, let's find out what CIO Mag means by 'competely confidential'. One of the links on the survey page points me at CIO's privacy policy which makes fascinating reading for those who take the trouble, like for starters the unfinished sentence at the end of section 1 part 4:
"For more information about our ad-serving company or for your choices about not having this anonymous information used, please visit" [sic]

And wait, it gets worse. I quote for a bit further down section 1:
"Postal addresses, and other personally identifying information and data will be used to promote CIO and other IDG companies ‘ products and services, and may be rented and/or licensed to selected outside firms for promotional purposes. Offers for which the personally identifying information and data are rented and/or licensed for use and the users are required to target their offers carefully.

Telephone numbers of CIO print subscribers are used by CIO to collect re-qualification data and may be used by CIO, IDG and other IDG companies, affiliates and it's advertisers for promotional purposes. CIO may rent and/or license for use phone numbers to selected outside firms for promotional purposes. Offers for which the numbers are rented and/or licensed for use are required to target their offers carefully."

So, by participating in this "survey", I am opening myself up to 'carefully targeted offers' (read spam and junk mail) from third parties. Yippee. Just what I need.

Of course, I need not actually enter the survey to participate in the prize draw. According to the full rules, I can simply ...
"legibly print your name, street address, city, state, zip code, telephone number, complete e-mail address, and your full entry code URL on a 8.5” x 11” piece of paper, and fax to Claudette Sears at IDG Research Services Group, fax # 508-370-0020. Please reference “Sweepstakes Drawing – CIO Technology Management Survey” in your fax."

You know, it hardly seems worth it for the infinitesimal chance of winning a pair of headphones, not least because as an NZ resident I am not even eligible to win them. So much for their oh-so 'carefully targeted' email!

No comments:

Post a Comment