←back to thread

383 points bookstore-romeo | 5 comments | | HN request time: 0.216s | source
Show context
dankwizard ◴[] No.42200923[source]
We do this at MyFitnessPal.

When users scan their barcode, the preview window is zoomed in so users think its mostly barcode. We actually get quite a bit more background noise typically of a fridge, supermarket aisle, pantry etc. but it is sent across to us, stored, and trained on.

Within the next year we will have a pretty good idea of the average pantry, fridge, supermarket aisle. Who knows what is next

replies(13): >>42200951 #>>42200954 #>>42200955 #>>42200966 #>>42200972 #>>42200976 #>>42200980 #>>42201021 #>>42201023 #>>42201114 #>>42201284 #>>42201321 #>>42202322 #
ryanschaefer ◴[] No.42200951[source]
I’d be interested in how your privacy policy allows this. I can’t find where it mentions photos are stored or used for training purposes…
replies(2): >>42200979 #>>42201060 #
1. Cheer2171 ◴[] No.42201060[source]
The MyFitnessPal privacy policy says "We use photos, videos, or other data you provide to us to customize our Services." [1]

That's all they need to do to cover themselves.

[1] https://www.myfitnesspal.com/privacy-policy

replies(2): >>42201078 #>>42201280 #
2. moreofthis ◴[] No.42201078[source]
The policy defines "Services" as the mobile app and website. How is building a general purpose model for what the average fridge looks like used to customise either the website or the app? This feels like the kind of flimsy reasoning that only holds so long as no one is challenging it.
replies(1): >>42201111 #
3. Cheer2171 ◴[] No.42201111[source]
Easy. They provide this new general purpose model through the website. Bam, that's a Service that uses photos to customize. They can also expand what counts as a Service unilaterally.

With this broad of a privacy policy, they can start MyFitnessPal.com/UncroppedCandidPhotos where they let people search for users by name, email, or phone and sell your photos to the highest bidder, and that still would count as a Service that uses photos to customize. You consented to it!

> This feels like the kind of flimsy reasoning that only holds so long as no one is challenging it.

No, it is written by professional lawyers to be as permissive as possible.

replies(1): >>42201181 #
4. moreofthis ◴[] No.42201181{3}[source]
> No, it is written by professional lawyers to be as permissive as possible.

But you repeat myself.

OK, say they do all that, that isn't customisation (I would argue) it is a new service that was built from unconsented data scraped from users of the pre-existing services. Call that splitting hairs if you like, but this looks like a risk to me.

5. tgsovlerkhgsel ◴[] No.42201280[source]
> That's all they need to do to cover themselves.

If this is real and not a joke, I bet some DPA will disagree if this is brought to their attention. Effective consent under GDPR requires informed consent.