I was stunned to read that credit card numbers were stored in clear text on Stratfor’s servers. So I pulled up a cached copy of their Privacy Policy as it appeared on December 19th:
Privacy Policy
STRATFOR Enterprises LLC , publisher of STRATFOR, and its affiliates (hereafter referred to collectively as “STRATFOR”) are committed to maintaining the privacy of personal information that you provide to us when using STRATFOR. This Privacy Policy describes how we treat personal information received about you when you visit STRATFOR. We may make content or services from other Web sites including our affiliated or co-branded Web sites available to you from links located on STRATFOR. These other Web sites are not subject to this Privacy Policy. We recommend that you review the privacy policy at each such Web site to determine how that site protects your privacy.
Information We Collect
General: When you register, and at other times, we may collect personally identifiable information from you that may include your name, age, address, e-mail address, credit-card number and facts about your computers, profession, and similar information. We do not, however, knowingly collect personal information from children under the age of thirteen.
Surveys: We may conduct occasional online surveys. For example, when you’re within our Web site, you may see a pop-up window offering you the optional opportunity of participating in a survey. These surveys are entirely voluntary and you may easily decline to participate.
Web Site Usage Information: We automatically collect IP addresses and Web site usage information from you when you visit our Web site. This information helps us evaluate how our visitors and subscribers use and navigate our Web sites on an aggregate basis, including the number and frequency of visitors and subscribers to each Web page, and the length of their visits.
How We Use the Information Collected
We may use information in the following ways:
For the purposes for which you specifically provided the information including, for example, to enable us to process, validate and verify subscriptions. To send you e-mail notifications about our new or existing products and services, special offers, or to otherwise contact you. To send you e-mail notifications, through companies who work on behalf of STRATFOR, about certain approved third-party products and services (Unless we tell you differently, these companies do not have any right to use the personally identifiable information we provide to them beyond what is necessary to assist us). To enhance existing features or develop new features, products and services. To provide advertisers and other third parties with aggregate information about our user base and usage patterns. To allow us to personalize the content and advertising that you and others see based on personal characteristics or preferences. We may combine the information that we collect from you on this Web site with information that you provide to us in connection with your use of our other products, services and Web sites.
At times STRATFOR may use third party network advertisers to deliver ads to you on our behalf. We may also use third-party service providers to contact you on our behalf, or facilitate some aspects of our Web site services or fulfill your purchase requests. These network advertisers and service providers may be supplied with or have access to your personally identifiable information solely for the purpose of providing these services to us or on our behalf. Except as specifically set forth in this Privacy Policy, we will not share your personally identifiable information outside of STRATFOR unless you “opt in” to having your personally identifiable information shared with a company that is not affiliated with us.
We may disclose and use personally identifiable information in special circumstances where it is necessary to enforce our Subscriber Agreement or Terms of Use (for example, when necessary to protect our intellectual property rights). We may also disclose or use your personal information when we, in good faith, believe that the law requires us to do so.
Additional Information
Cookies: We may employ cookie technology to help visitors and subscribers move faster through our site. When you sign on to our Web site or take advantage of several key features, we may pass cookies to your computer. A cookie is a string of information that is sent by a Web site and stored on your hard drive or temporarily in your computer’s memory (Read our Cookie Disclosure Statement for more information on our use of cookies).
Security: The personally identifiable information we collect about you is stored in limited access servers. We will maintain safeguards to protect the security of these servers and your personally identifiable information.
Pixels: STRATFOR.com uses pixels, or transparent GIF files, to help manage online advertising. These GIF files are provided by our ad management partner, DoubleClick. These files enable DoubleClick to recognize a unique cookie on your Web browser, which in turn enables us to learn which advertisements bring users to our website. The cookie was placed by us, or by another advertiser who works with DoubleClick. With both cookies and Spotlight technology, the information that we collect and share is anonymous and not personally identifiable. It does not contain your name, address, telephone number, or email address. For more information about DoubleClick, including information about how to opt out of these technologies, go to: http://www.doubleclick.net/us/corporate/privacy.
Policy Modifications: We may change this Privacy Policy from time to time. We will post any changes here, so be sure to check back periodically.
Choice/Opt-Out
STRATFOR provides its users the opportunity to opt-out of receiving communications from STRATFOR and its partners at the point where we request information about the visitor. To remove your information from our database, to not receive future communications or to no longer receive our service, please send and e-mail request to: [email protected].
Correct/Update
STRATFOR gives users the following options for changing and modifying information previously provided.You can send an e-mail to [email protected]
Comments and Questions
If you have any questions about this privacy statement, the practices of this site, or your dealings with this Web site, you can contact:
Attn: Marketing Department
STRATFOR
221 W. 6th Street
Suite 400
Austin, Texas 78701
[email protected]
If you have any questions, comments, or concerns about this Privacy Statement, please contact us at 877-9STRAT4.
So they pledged to “maintain safeguards to protect the security of these servers and your personally identifiable information.” In this day and age when there have already been so many hacks and hackers have made their intentions clear, I think some might reasonably be shocked or consider it negligent that Stratfor not only stored so much data but failed to encrypt it. Is this how companies demonstrate that they are “committed to maintaining the privacy of personal information?” If so, I am not impressed.