Sick of companies grabbing and selling your address, birth date, location, online activity, dog food brand and even adult-film preferences? Oh boy, do I have some good news. A new iPhone and Android app called Permission Slip makes it super simple to order companies to delete your personal information and secrets. Trying it saved me about 76 hours of work telling Ticketmaster, United, AT&T, CVS and 35 other companies to knock it off. Did I mention Permission Slip is free? And it’s made by an organization you can trust: the nonprofit Consumer Reports. I had a few hiccups testing it, but I’m telling everyone I know to use it. This is the privacy app all those snooping companies don’t want you to know about. (A surge of interest in Permission Slip has caused technical difficulties for Consumer Reports. If you can’t get on, try again later or reach out to their support line at permissionslip@cr.consumer.org.) Here’s how it works: Following California in 2020, a dozen states passed laws that finally gave Americans some digital privacy rights. They empower us to tell companies to stop selling and delete our data, but the truth is they’re pretty painful to take advantage of. You have to jump through hoops, going to each and every company that might have your data to fill out forms. Until now. Permission Slip acts behind the scenes as a legally “authorized agent” — kind of like your own privacy butler. You tell the app your name, email address(es) and phone number, and it does most of the work, sending emails and filling out paperwork on your behalf after it has verified your information. Even if your state isn’t one of the ones with a privacy law, most national companies respect these sorts of data privacy requests from all Americans. After using Permission Slip, most people notice a decrease in creepy targeted ads, says Ginny Fahs, who has been working on the app for the past three years at the Innovation Lab, a division of Consumer Reports. So how do you get started? Permission Slip opens up to a series of cards you swipe through, each representing a company that collects and possibly sells your data. Tap on a company card, and up pops a summary of data the company knows and your options to take action, depending on whether you have an account. At the bottom, you usually get two options: “Do Not Sell My Data” or “Delete My Account.” Tap one and Permission Slip starts the process. Then you can do it again for a different company. Each takes just a few seconds. This works for far more than just tech companies. Permission Slip covers Starbucks, Netflix, Disney, Lowes, Panda Express, reproductive app Glow and adult website Pornhub, to name a few — and plans to keep adding more. It also includes The Washington Post. What kind of personal information are we talking about? You might be (unpleasantly) surprised. For example, Permission Slip highlights that the retailer Petco could have your name and address, demographics and locations from where you’ve used their app on your phone, not to mention every little detail of your pet. More eyebrow-raising: Adult website Pornhub collects the email, username, demographics, on-site search history, browser info and interests from people with registered accounts. What about all those data companies whose names most people don’t recognize — the ones that make money by collecting and selling your information? A second part of the app can automatically ask data brokers to delete their creepy file of personal information about you. (I hope Permission Slip adds some of the obnoxious voter data brokers ahead of us all getting blitzed with political spam and texts for the 2024 election cycle.) “The more data you have out there, the more attack surface there is for security breaches and for data to leak. So having good data hygiene is really helpful for preventing future harm,” Fahs says. There are a growing number of privacy apps on the market, but Permission Slip stands out in part for being free, not trying to upsell you on a product like a VPN, and not needing access to more data like your email inbox to work. Consumer Reports says it won’t abuse your data — not even to sell subscriptions to its magazine — and minimizes the data it collects about you while working as your agent. Through an open trial period, the app has already processed 200,000 requests. Sweating the details Permission Slip was easy for me to use, with the app sweating most of the details. But if you’re going to dive in, there are a few things to know. It’s super fast to use the app, but can take some time for your requests to be fulfilled. Companies typically have at least 15 business days to opt you out of selling your data, and 45 business days to delete your data. Permission Slip stays on top of the companies in a dashboard of all your pending and completed requests. Sometimes companies ask for additional information to process requests, and Permission Slip has human agents go through them to minimize the hassle for you. (It pays for those humans and other expenses, in part, with grants from the Omidyar Foundation and others.) Often, companies insist on reaching out to you directly — so you’ll want to keep an eye on your inbox. For example, Disney sent me an email asking to confirm my request, which was easy. [Your Instagrams are training AI. There’s little you can do about it.] The most cumbersome response I got was from reservation service OpenTable, which emailed to say that if I wanted it to not sell my data I would have to log into their website, navigate to privacy settings, and figure out which of its half-dozen settings I wanted to turn off. Permission Slip told me fewer than 10 percent of the companies in its app do something like this. When I reached out for comment, OpenTable told me its extra steps help “ensure it is not a fraudulent request” and “make it possible for diners to customize their privacy preferences (particularly relevant to those who have created a diner profile with OpenTable).” You will still need to make some important choices. Before you swipe through the app and tell every company to delete your data, know there may be good reasons you want a company to have your data. For example, if you delete your Netflix account, then you couldn’t use Netflix. There may even be companies you decide to allow to sell or share your data. For example, Permission Slip points out that opting out at Petco could affect your discounts and rewards if you use the retailer’s Pal Rewards program. “What we’re hoping to do is provide a little bit of education on the sorts of data that different companies collect and then help consumers reason with how they want to manage their data,” Fahs says. Unfortunately, Big Tech companies like Google, Meta and Amazon make it particularly hard to make use of the “do not sell” and “delete” options to protect your privacy. To start with, they say they don’t “sell” your data — instead, they keep it for themselves to make lots of money off your digital life. And deleting your account probably isn’t an option if you want to keep using Google services like Gmail. In some of these cases, Permission Slip offers step by step instructions to download your data or just delete parts of it, but the process isn’t automated. If you want to reclaim your privacy from these sorts of Big Tech companies, you can also make your way through the Help Desk’s Privacy Reset Guide. It walks you through the most important privacy settings to adjust for Google, Amazon, Facebook, Apple, Android and more. (Friends don’t let friends keep the default settings for any of these companies.) And you can help stop companies from snooping on you in the first place by using a Web browser that stops unwanted tracking, like Mozilla’s Firefox.

  • Boring@lemmy.ml
    link
    fedilink
    arrow-up
    66
    ·
    1 year ago

    This is straight from their privacy policy:

    We do not sell your personal information in a way that most people would think of as a sale. However, we do participate in online targeted advertising and use analytics which allows tech companies, in exchange for our use of their services, to use user information collected from our App to improve their own products and to improve the services they provide to others. Under some laws, this is considered our “sale” of your user data to third parties. You can opt-out of this as provided in the “How to Submit a Request” section below.

  • ChaoticNeutralCzech@feddit.de
    link
    fedilink
    arrow-up
    15
    ·
    edit-2
    1 year ago

    Not open source. At this point I’m more likely to trust a browser userscript from GitHub praised by 0 news articles but 10 Reddit posts.

      • ChaoticNeutralCzech@feddit.de
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        1 year ago

        Yeah, journalistts don’t really care enough to discover hidden gems (and most have different preferences from FOSS fans) so you need a press release team to get a piece of software featured in the news. Best coders are usually not great PR people and open source devs cannot hire dedicated ones.

  • neuracnu@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Consumer Reports created an iOS and Android app that collects your account information for a bunch of businesses and provides the option of sending “do not sell” requests to them en-mass. It also helps you delete unwanted accounts and stay up to date on which businesses are doing what with your data.

    Not bad, but it all depends on how much you trust Consumer Reports. It appears they have a fairly good reputation as a consumer advocacy non-profit, but I didn’t do much deep dive research.

    Ideally, this is something FTC would have a hand in for consumers in the United States – improving EULA comprehension. I can imagine a world where businesses and applications have EULAs with ESRB-like ratings or tags: “location data”, “purchase history”, “3rd party data exports”, “X year retention” to show what you’re agreeing to. I’d love to brainstorm on how else that could change.

    • meseek #2982@lemmy.ca
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      They actually do pretty good testing with scientific rigour from what I have seen. But their business and how it’s run isn’t something most people think about.

      Not sure if that makes them trustworthy or not.

      I know of pay services that offer similar products, which seem more like it just deals with all the red tape and blockers companies put up to keep your data. And even when they do tell you it’s been deleted, who really knows if your data is actually removed. I mean if they are shady enough to collect it, gotta be shady enough to lie and keep it when they shouldn’t.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    This is the best summary I could come up with:


    Sick of companies grabbing and selling your address, birth date, location, online activity, dog food brand and even adult-film preferences?

    A new iPhone and Android app called Permission Slip makes it super simple to order companies to delete your personal information and secrets.

    After using Permission Slip, most people notice a decrease in creepy targeted ads, says Ginny Fahs, who has been working on the app for the past three years at the Innovation Lab, a division of Consumer Reports.

    Permission Slip covers Starbucks, Netflix, Disney, Lowes, Panda Express, reproductive app Glow and adult website Pornhub, to name a few — and plans to keep adding more.

    More eyebrow-raising: Adult website Pornhub collects the email, username, demographics, on-site search history, browser info and interests from people with registered accounts.

    There are a growing number of privacy apps on the market, but Permission Slip stands out in part for being free, not trying to upsell you on a product like a VPN, and not needing access to more data like your email inbox to work.


    The original article contains 1,346 words, the summary contains 174 words. Saved 87%. I’m a bot and I’m open source!

    • ChaoticNeutralCzech@feddit.de
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Aurora is a third party client and might be implementing their own blacklist of shady apps (see other comments why it might be shady).