The classic non-apology goes something like this: “I’m sorry if you were upset.” It’s a sneaky way of expressing regret for how one’s crappy actions made another person feel, rather than the crappy actions themselves. But the CEO of Unroll.Me — whose parent company was revealed this weekend to have sold Unroll.Me’s anonymised customer data to Uber — has invented a whole new level of terrible, borderline sociopathic non-apology. He’s not sorry that you were upset about your data being sold. He’s sorry he got caught.
Image: Unroll.Me, via Facebook
In a post on the company’s blog yesterday, co-founder Jojo Hedaya said it was “heartbreaking” that “some of our users were upset to learn about how we monetise our free service”. The revelation was a small detail in a long, juicy New York Times profile of Uber CEO Travis Kalanick; reporter Mike Isaac revealed that Slice Intelligence, which owns Unroll.Me, “collected its customers’ emailed Lyft receipts from their inboxes and sold the anonymized data to Uber”, who used it as “a proxy for the health of Lyft’s business”.
Unroll.Me is a free service that allows users to unsubscribe from all their unwanted email lists at once — which is made possible by allowing the company access to all your emails. It’s a classic example of the modern internet user’s dilemma: Should we trade our personal data for the convenience of, say, unsubscribing from all the crap in our inboxes, or writing notes, or using basically any of the biggest sites on the internet?
If the flippant and absurd use of the word “heartbreaking” above wasn’t enough, Hedaya goes on:
Sure we told you this already, you idiots, but I guess maybe you didn’t read that… If you even CAN read?
We may collect, use, transfer, sell, and disclose non-personal information for any purpose. For example, when you use our services, we may collect data from and about the “commercial electronic mail messages” and “transactional or relationship messages” (as such terms are defined in the CAN-SPAM Act (15 U.S.C. 7702 et. seq.) that are sent to your email accounts. We collect such commercial transactional messages so that we can better understand the behaviour of the senders of such messages, and better understand our customer behaviour and improve our products, services, and advertising. We may disclose, distribute, transfer, and sell such messages and the data that we collect from or in connection with such messages; provided, however, if we do disclose such messages or data, all personal information contained in such messages will be removed prior to any such disclosure.
We may collect and use your commercial transactional messages and associated data to build anonymous market research products and services with trusted business partners. If we combine non-personal information with personal information, the combined information will be treated as personal information for as long as it remains combined.
Still, Hedaya promises “clearer messaging on our website, in our app, and in our FAQs” in the future. The comments on the post, meanwhile, seem to indicate that most people aren’t convinced:
You have to be kidding right? You took my data and sold it to Uber and God knows who else… you can take your “apology” and shove it. It’s people like you Jojo who make humanity look worse and worse every day.
Already uninstalled. You don’t get too steal my private data. F*** you and your crappy product. Hope your business fails tremendously.
I recommended this app to hundreds of people. The entire time I thought I was being helpful, but now I feel nothing but guilt. I feel so betrayed.
At least one devotee of the ever-growing corporate data-mining machinery, however, had Hedaya’s back:
I don’t use your service, but I don’t see a problem with this at all, and I’m quite frustrated with everyone’s outrage over it. People – most of the free online services you’re using are selling your data or selling access to your habits. Even Disqus, the engine powering this comment form, is sending my browsing habits out to many different ad networks.
It’s bullshit, naive, and entitled to be outraged by this. Unroll.me didn’t do anything wrong and this practice doesn’t threaten you if you’re a user (as long as they don’t get hacked, but you should have recognised that all along).
See, it’s fine. Everyone is selling every aspect of our online existence, so each individual instance of this is therefore Good; acting like you’re heartbroken because people found out you’re doing that is even better. This is how to be smart.
Gizmodo reached out to Hedaya to ask how its data is anonymised and whether they would consider switching to opt-in consent. Slice Intelligence’s Vice President of Marketing Jaimee Minney sent the following statement:
We do not disclose any of our clients or how they use our data. What I can say is that all our data is scraped of any PII before the client sees it. The way our technology works is it identifies what’s an ereceipt, and then parses the purchase data from that receipt. That’s the data that the client receives. In the transportation sector, we measure things like revenue, fare, frequency, and details about where the ride took place.