ClickBank was recently made aware of a situation in which customers were posting their information using social bookmarking sites, which are indexed by Google. As a result, ClickBank is taking steps to limit the information that a consumer can inadvertently share through such services. We take customer privacy very seriously and believe that all individuals share responsibility for maintaining the security of personal information that is posted online. At no time is customer payment information disclosed.
Thanks, Matt... But it's pretty evident from your customer support tickets that your customers were alerting you to this issue (and their privacy concerns) since at least 2011... But you've clearly done nothing to fix it since then.
It's hard to believe you take customer privacy very seriously when you've made evidence to the contrary so easily searchable in Google.
How was customer payment information NOT disclosed?! It is on Google!! The URLs should be protected by authentication! It should be impossible for Google or anyone else to access it without a login. It does not matter that some customers shared it on social sites. Saying there is no problem if the social sharing doesn't occur is security through obscurity.
I've been through this before. Online receipts identified with long, random URLs. Users posting them online with no regard for security. Requiring a login for purchase was deemed infeasible since it adds friction to the checkout process. The only thing keeping the online receipt from google was robots.txt.
"...believe that all individuals share responsibility for maintaining the security of personal information that is posted online."
You (CLICKBANK) posted this information online--not your customers. Are you seriously trying to blame them for the fact that your development team seems to have no concern for security and privacy?
I'm puzzled. How is taking customer privacy seriously compatible with leaving private information indexable, let alone accessible through unrestricted urls?
Yes. $4 per unique without a real business model. Smart folks and they each have their own version of how they are going to be big, branded ad networks but the fundamental issue is that brands need to control where their ads are placed. This is polar opposite to how RY and Slide distribute their content.
ClickBank was recently made aware of a situation in which customers were posting their information using social bookmarking sites, which are indexed by Google. As a result, ClickBank is taking steps to limit the information that a consumer can inadvertently share through such services. We take customer privacy very seriously and believe that all individuals share responsibility for maintaining the security of personal information that is posted online. At no time is customer payment information disclosed.