Thomas 🔭✨ (@[email protected]) 23andMe just sent out an email trying to trick customers into accepting a TOS change that will prevent you from suing them after they literally lost your genome
Attached: 1 image
⚠️ 23andMe just sent out an email trying to trick customers into accepting a TOS change that will prevent you from suing them after they literally lost your genome ro thieves.
Do what it says in the email and email [email protected] that you do not agree with the new ...
23andMe just sent out an email trying to trick customers into accepting a TOS change that will prevent you from suing them after they literally lost your genome ro thieves.
Do what it says in the email and email [email protected] that you do not agree with the new terms of service and opt out of arbitration.
If you have an account with them, do this right now.
I don't see how an email that has no proof of delivery (could have ended in spam for example) would be legally binding.
Accepting a ToS update simply by virtue of no action is also questionable unless provisions permitting that were in the ToS you've accepted and even then it would not work in the European Union, because that's listed in the forbidden clauses registry.
I thought the same thing when my Disney+ rate went up a couple months ago and I couldn't find the email warning about it in my inbox or spam folders.
Why do we let these companies get away with everything? If the rates are going up, show me in the app/ui. Make it opt in. Disable my ability to watch anything until I approve the increase in spend. It should be illegal to just change the terms of a contract and say "I sent you an email."
You most likely did not officially consent to the changes and have a prolonged right to terminate the contract without the need of upholding the contract duration.
It’s probably mich cheaper just to deal with the few that complain rather than sending out hundreds of thousands of paper letters or having them confirm the changes electronically and terminating the contracts of those who did not accept.
Accepting a ToS update simply by virtue of no action is also questionable
Even it being "questionable" is a fucking outrage -- it should be so blatantly, obviously, disallowed that a lawyer should lose their license just for proposing it!
Nope. The silent consent concept is a nice thing, it solve a lof of problems both for companies and private citizens. I could offer plenty of examples of the correct use of the concept that solve problems.
23andMe is just doing a big dick move trying to avoid to be sued for the leak.
By viewing this post, you agree to gift 50% of all after tax future earnings to PersnickityPenguin. Additionally, your entire Steam Library of games is hereby under sole ownership of PersnickityPenguin. All games and/or steam account login and password must be provided to PersnickityPenguin.
Failure to transfer all financial and virtual property within (30) days is considered a breach of contract. Each incident of a breach of contract will result in a $500,000 penalty per incident. Viewer agrees to these terms of service. Any dispute or breach of contract will result in additional legal fees to be paid by the viewer entering into this contract pursuant to paragraph (A).
My ISP, phone company, bank, insurance company and everyone else send me TOS related messages from time to time. Usually, the message is something along the lines of: “We’re altering the deal. Pray we don’t alter it any further”
It doesn’t seem fair to me, but since everyone is doing it, there probably isn’t a law against it.
Every time an ISP does that around here they send you a notification via certified mail with a prepaid return envelope and a service cancellation form included - you can decide to not continue using the service without any early cancellations fees etc.
If they fail to do that they get fined by consumer protection agency, are required to return any fees they charged based on the change and they get to start over - send a notification that follows the rules resetting the clock for those who opt to cancel
Why would you need proof of delivery? The original email gives instructions. You follow those instructions and can prove you did so with date and timestamps. I don't see the issue.
Legally you have to be able to prove someone received a thing. It's why you get served when you're sued. An agent physically hands you the complaint (or whatever they're called). If the papers were put in the mail the person being sued could say they never received them.
This just blows my fucking mind. Same thing happened with Crunchyroll, apparently I could have been part of a class action lawsuit when it was found out that they were selling users data. But I didn't hear about it, didn't get any letters and didn't see the email. The date came and went. Because I didn't "take action" in time I apparently forfeit my right to my piece of the settlement AND to sue.
HOW THE FUCK IS THAT LEGAL. How can you make the least amount of effort to notify someone after illegally fucking up their life, then when they don't respond (because they didn't see the notification or whatever), say, "well legally that means they're ok with it, and can't do anything in the future"
Send their legal team an email telling them you're going to update the terms unless you hear from them.
Also, send a bunch of irrelevant shit about what your doing and thinking about and video games you're playing first, they'll probably block your email address and then wont see the legally important email.
The class actions I've been part of have said that if I want to retain the right to sue then I have to opt out of the class action. I don't think it's possible to be force-opted in, and in that case you should retain the ability to sue.
I've only been in 3 or 4 though, so I don't know if that's representative of all class actions.
Damn I forgot about that Crunchyroll class action. Thanks for reminding me. I got those emails too but I have until the 12th. It's only $30 but that's like two Five Guys meals so...
Technically a contract can have anything in it that both parties agree to, unless some are all of those provisions are actively illegal.
I would agree that assumed agreement should be illegal.
You could probably fight this in court, make the argument that this is a material change to the contract what you did not agree to and would not have agreed to had you been aware of it. But that costs money and lawyers and time.
I feel like the TOS you are subject to is the one you signed when you first used the service. Unless you have been constantly using their service, I can't see how a new TOS would affect you. I could be WAAY off here because IANAL, but a company can't just retroactively change the TOS for customers without some kind of action taken by the customers under the new TOS.
I once successfully defended myself from a lawsuit by invoking a previous TOS. The court allowed me to choose any version of the TOS that benefited me the most. It was akin the doctrine in contract law that ambiguity is always found to be detrimental to the drafter of the contract.
Nobody's genome was lost. What happened was, users with weak passwords had their accounts compromised, something like less than 2,000 of them, and from those accounts, bad actors were able to access and download family tree data for something like 6.5 million accounts.
I don't really see how the data lost is actionable in any way except for the spoofed "Hey gramma! It's me! I'm in jail and I need bail money!" phone calls.
One of the typical arguments is selling ancestry history to insurance companies, effectively handing them health data which could lead to up-pricing or rejections for customers with bad health history.
I don't really see how the data lost is actionable in any way
Agreed unfortunately. An important thing in US law that people often don't know is that in most cases, you need to prove that you were damaged in some way. Unless the company broke a specific law, you probably just have to accept it until you have problems relating to identity theft. And even when that happens, you'd still need to prove that the the attacker used the lost 23andMe data.
I personally don't understand why people use these services in the first place. Let's all let some private company that we know nothing about build an absolutely massive database of people's DNA. And let's voluntarily do it and even pay them for that "service". Sure, that sounds like a good idea. What could possibly go wrong? Hope your minor curiosity was worth the massive privacy invasion.
I personally don't understand why people use these services in the first place.
In my case, I went through 23 and Me because 75% of my DNA comes from sources unknown. No idea who my father was or my maternal grandfather. So being able to fill in those gaps as well as helping to determine medical risk has been very useful.
So, our main interactions happened in the past, your fault and abuse of me happened in the past, and now, in the present, you can slip a little "go out of your way or the legal terms governing our interactions in the past will be altered" clause in an email, and it's all legal?
(Hold on, let me try applying a rule of thumb that helps me answer legal questions like this: Would this help the rich and powerful maintain riches and power?... Yes. I think the answer to my question above is yes.)
I'd argue the the interactions and faults of the past should be governed by the agreement we had in the past.
Did they lose anyone's genome? That's not what's been reported. They certainly lost customer information and this is definitely a super shitty move to trick you into waiving some rights, but I've seen no reporting that says they lost full DNA information.
They have disabled the download data button and refuse to provide customers with a copy of their own data. I have been trying to get a copy of my data for over a month and they just tell me they'll consider re-enabling the button in the future.
I would bet money (not much, relax) that they got their shit hacked and locked down by ransomware at least, if not also extracted for sale by the same black hat.
Wow, that's dirty. The email you need to opt out at is different from what they link. If you don't respond, you automatically agree to their new TOS which bars you from taking class action against them. Shady af.
Ok now that I have that out of my system, let's see...
trick /'trik/ noun
a cunning or skillful act or scheme intended to deceive or outwit someone.
scheme /ˈskēm/ noun
a plan or program of action
especially : a crafty or secret one
outwit /au̇t-ˈwit/ verb
to get the better of by superior cleverness : outsmart
What we have, in the immediate wake of a massive security breach, mind you, is an attempt to benefit the company by getting the better of the customers, writ large, by altering how disputes are handled. By taking the unusual step of requiring explicit opt-out from the new TOS within a short timeframe, they make it more likely that customers will "accept" the TOS without even realizing it and be in a worse position as a result.
That qualifies as an act intended to outwit customers.
Or, to put it another way, if they had contacted customers and asked for an opt in for the new TOS, nobody would consider that an attempt to outwit.
So, yeah, this is a trick to further fuck over customers who are already victims of the company's poor security practices.
It is a legit question. Usually you don't have to pro-actively inform anyone that you disagree with anything, TOS included. That's just what companies want you to believe since it benefits them greatly.
No idea though how things in the U.S. are handled and if there are differences in certain states. It would surprise me though if that was actually an enforcable legal principle.
I don't get why it's a trick either. That's the catchy headline right? But no word on if the changes apply into the past or it's just lawyers trying to protect themselves for next time. It's an email with new TOS and the ability to opt out.
No it's not good for users and yes it's a shitty 30 day notice in an email even I didn't read yet because I'm so irritated with them.
But reading the patron post didn't tell me how it was a trick and neither did the mastodon link. However the replies were good and helped fill me in on some details I wasn't aware of yet on the actual breach.
https://hachyderm.io/@thomasfuchs/111531294441702837
Not sure why the down votes on a perfectly acceptable question.
Asking users to Opt out as a method to replace an Opt in TOS is a trick because they are hoping users won't see it. If they sent an email asking users to click a link to Opt in to the new TOS, that would be OK.