This morning, Troy Hunt published a blog post alerting to a recent change in the Terms & Conditions published by children’s toy manufacturer vTech. The changes are truly astonishing, take a look at the Limitation of Liabilities clause for yourself.
You may remember that vTech were breached in November last year losing the personally identifiable information not only of adults (4.8M parents), but also 6.8M children.
What do you do as a response to this kind of disaster? Well apparently, you update your Terms & Conditions to include the egregious text (the red is mine)
You may remember that vTech were breached in November last year losing the personally identifiable information not only of adults (4.8M parents), but also 6.8M children.
What do you do as a response to this kind of disaster? Well apparently, you update your Terms & Conditions to include the egregious text (the red is mine)
This limitation of liabilities clause in their T&Cs is
incredible! Here is a selection of words I would use to describe it;
outrageous, unforgivable, ignorant, opportunistic, and indefensible.
The correct response to a breach of the scale that vTech recently
suffered, particularly in light of the ease with which it was achieved,
is to learn from your mistakes, to improve security and security
practices, and to apologise to the true victims of the breach; your
customers.
vTech appear to have learned only that they have a legal liability
to protect consumer data, sensitive data of children and parents, MY
data and that and my own children in fact. And that a failure to fulfil
that obligation may result in substantial costs to the business. As a
(former) customer of vTech I can say with certainty that these new
T&Cs have not been communicated to me.
Visit the real page here - http://countermeasures.trendmicro.eu/vtech-ignorance-is-no-defence-and-neither-are-weasel-words/
No comments:
Post a Comment