Yesterday, Twitter announced that they had changed their terms of service (TOS) to allow them to, among other things, hand over your information to advertisers and “use, copy, reproduce, process, adapt, modify, publish, transmit, display and distribute” your tweets. They stress, however, that you own your tweets even though they can do whatever they want with them.

The following excerpt, taken from the Your Rights section of the TOS, tries to expand upon the rights Twitter says you have but really focus on their rights to do whatever they want, whenever they want (highlighted parts are the scariest):

You retain your rights to any Content you submit, post or display on or through the Services. By submitting, posting or displaying Content on or through the Services, you grant us a worldwide, non-exclusive, royalty-free license (with the right to sublicense) to use, copy, reproduce, process, adapt, modify, publish, transmit, display and distribute such Content in any and all media or distribution methods (now known or later developed).

You agree that this license includes the right for Twitter to make such Content available to other companies, organizations or individuals who partner with Twitter for the syndication, broadcast, distribution or publication of such Content on other media and services, subject to our terms and conditions for such Content use.

Such additional uses by Twitter, or other companies, organizations or individuals who partner with Twitter, may be made with no compensation paid to you with respect to the Content that you submit, post, transmit or otherwise make available through the Services.

We may modify or adapt your Content in order to transmit, display or distribute it over computer networks and in various media and/or make changes to your Content as are necessary to conform and adapt that Content to any requirements or limitations of any networks, devices, services or media.

You are responsible for your use of the Services, for any Content you provide, and for any consequences thereof, including the use of your Content by other users and our third party partners. You understand that your Content may be rebroadcasted by our partners and if you do not have the right to submit Content for such use, it may subject you to liability. Twitter will not be responsible or liable for any use of your Content by Twitter in accordance with these Terms. You represent and warrant that you have all the rights, power and authority necessary to grant the rights granted herein to any Content that you submit.

The TOS also expands on how Twitter can, if they want, bring advertisers into the mix (again, scary parts highlighted):

The Services that Twitter provides are always evolving and the form and nature of the Services that Twitter provides may change from time to time without prior notice to you. In addition, Twitter may stop (permanently or temporarily) providing the Services (or any features within the Services) to you or to users generally and may not be able to provide you with prior notice. We also retain the right to create limits on use and storage at our sole discretion at any time without prior notice to you.

The Services may include advertisements, which may be targeted to the Content or information on the Services, queries made through the Services, or other information. The types and extent of advertising by Twitter on the Services are subject to change. In consideration for Twitter granting you access to and use of the Services, you agree that Twitter and its third party providers and partners may place such advertising on the Services or in connection with the display of Content or information from the Services whether submitted by you or others.

If you’ve sold your soul to Twitter, now might be the time to try and get it back before you’re inundated with advertisements tailored to your tweets. So much for privacy in social media (although I’m not sure there ever was an expectation of privacy in social media).

I, for one, am contacting the Office of the Privacy Commissioner of Canada to see if Jennifer Stoddart can swing her privacy bat like she did to force Facebook to change their stance.

As a followup to the Google Gmail outage post I thought I’d post the email notification sent from Google to all of its “premium account holders”.

I know it’s a form letter but it does convey their apologies, provides links to the incident report, and details the credit that they will be providing for the outage. I really do appreciate the credit as, based on the terms of their SLA, Google was well within their rights to simply claim that the outage fell within their conveyed SLA figures. Good for you Google 🙂

Dear Google Apps customer,

We would like to follow up on the recent Gmail outage and resulting credit through our service level agreement (SLA) with you.

Between 12:45 PM to 2:15 PM PDT | 19:45 – 21:15 GMT on Tuesday, September 1, 2009, Google Apps Gmail users were unable to access their accounts through the Gmail web interface. Users could continue to access their accounts via IMAP and POP. No data was lost during this time; messages were received and delivered, but could not be displayed.

As a result of this incident, we are extending a 3-day SLA credit to your account. This credit will be reflected in an automatic 3-day extension to your Google Apps term date, and no action is needed on the part of your administrators.

We understand that this service outage has affected our valued customers and their users, and we sincerely apologize for the disruption and any impact.

Following are the key points from the incident report:

On Tuesday, September 1, a small portion of Gmail’s web capacity was taken offline during a routine upgrade and service update. This is normal operating procedure as the Gmail web interface runs in multiple locations, and Gmail’s request routing automatically directs users’ requests to available servers. However, we underestimated the increased load that some of the new updates placed on request routing.

As a result, at approximately 12:30 PDT, a few request routers became overloaded and responded by refusing all incoming requests. This response transferred the load to the other request routers, and as the effect rippled through the system, almost all of the request routers became overloaded. As a result, users could not access Gmail through the web interface since their requests could not be routed to a Gmail server. Gmail processing and access through the IMAP/POP interfaces continued as usual because these processes use different request systems.

Upon receiving the error alerts, the Gmail Engineering team immediately began analyzing the issue and initiated a series of actions to help alleviate the symptoms. After determining the root cause to be insufficient available capacity, the Engineering team deployed a large-scale addition of request routers through Google’s flexible capacity server systems. As they distributed incoming traffic across the expanded pool of request routers, access to the Gmail web interface returned to normal.

During the incident, we published ongoing reports to the Google Apps dashboard, Gmail Help Center, the Enterprise and Gmail blogs, and the GoogleAtWork and Google Twitter feeds, to help provide customers with the latest status and available workarounds.

The complete incident report (http://www.google.com/appsstatus/ir/buuqdnt6fcervea.pdf) in the Google Apps Status Dashboard describes the corrective and preventative measures to address the underlying causes of the issue and to help prevent recurrence. For ongoing service performance information, please see the Google Apps Status Dashboard at http://www.google.com/appsstatus.

Once again, we apologize for the impact that this incident has caused. Thank you very much for your continued support.

Sincerely,

The Google Apps Team

Jennifer Stoddart, the Privacy Commissioner of Canada, has decided that Bell Canada must clearly tell its customers that it is collecting information for the purposes of traffic shaping. Bell states that they only collects the IP information of its subscribers’ routers or computers and, although these dynamic IP addresses can’t identify individuals, they can, however, be traced to a user’s ID. Stoddard concluded IP addresses are personal information, and therefore the telco could do a better job of explaining what it does.

From the article:

The final decision came this week from commissioner Jennifer Stoddart, who in April found that the telco’s public explanations of its use of deep packet inspection technology (DPI) to slow traffic of some Internet subscribers doesn’t comply with its obligations under the federal privacy law, PIPEDA.

In April Stoddart ruled Bell has to clarify its written agreements with subscribers, that it integrate its privacy and traffic management practices better on its written and Web pages, findings she upheld. This week’s ruling says the commission is giving Bell 30 days to comply with changes to three specific documents.

The use of DPI has spawned much controversy, as evidenced by the ongoing CRTC hearing. Included in her findings, Stoddart also wrote this: “It is relatively easy to paint a picture of a network where DPI, unchecked, could be used to monitor the activities of its users. It is rarer to dispassionately examine a specific implementation of DPI on a network.

The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian law relating to data privacy. It governs how private-sector organizations collect, use and disclose personal information in the course of commercial business. In addition, the Act contains various provisions to facilitate the use of electronic documents. PIPEDA was passed in the late 1990s to promote consumer trust in electronic commerce. The act was also intended to reassure the European Union that the Canadian privacy law was adequate to protect the personal information of European citizens.

The full itWorldCanada article can be found here: http://www.itworldcanada.com/a/Security/f8c8388d-1425-4e20-b1d9-c025c9318a4e.html

More information about PIPEDA can be found here: http://www.priv.gc.ca/legislation/02_06_01_e.cfm