Thursday, May 17, 2012

Declining a Privacy Policy

I think this will have no effect, but I just declined a privacy policy.

My employer recently changed prescription drug benefit plans. The new cards have decals explaining that we should visit a web page to activate online benefits. There is no explanation of online benefits, why I would want them, etc., unless it was in the paper which I shredded and recycled.

So I went to the web site,, which right off the bat earned two raspberries:
  1. The site doesn't allow "special characters" in the password. Is there any conceivable justification for that, other than to lower password entropy, making passwords easier to crack?
  2. There was no explanation on the page that they were restricting the character set of the password, thus forcing me to go back and try again.
There were two separate privacy policies, each of which went on for pages and pages. And pages. It was clear that one thing they intend to do is to share my personal information for marketing purposes. There was a brief statement suggesting I could amend the agreement, but no information about how. After a couple minutes, it became clear that they did not have my best interests in mind both by the length and complication of the privacy policy and the fact that they want to make money from anything they learn about me.

So I declined the privacy policy. That took me to a page explaining that I had declined--I knew that--and giving me a choice of going back or logging out. I logged out. It would have been nice if they had allowed me a text area to explain why I had declined the onerous privacy policy, but alas, no. I guess they decided against having an extra customer service placebo.

No comments: