Connect with us

Tech News

DocuSign users’ info viewable, company says no security breach

Developing story: DocuSign is the world’s largest electronic signature platform and it appears that emails and names of signers are visible to the public. AGBeat Exclusive

Published

on

DocuSign user information found through Google search

As the world’s largest electronic signature platform, DocuSign says that they have over 6 million unique signers processing millions of transactions per year and that they are “trusted by more people, more companies, more times than any other electronic signature provider in the world.”

In just one search query in particular, we uncovered 4,450 URLs filled with DocuSign customer names, emails, document names, and GPS coordinates of where documents were signed. These details are found on websites with URL structures appearing like the one below (which is not a functional link that takes you to a signed document, just an example):

[ba-quote]https://www.docusign.net/Member/DocuSignTrust.aspx[/ba-quote]

DocuSign tells AGBeat that while the documents appear to be hosted on their secure https servers, “They are not. Anything that is found via Google search is not from DocuSign’s secure site, but rather the publicly accessible and searchable locations where customers have saved their personal copies of signed documents. In order to access documents, data, or transactions on the DocuSign Global Network, you must have the login credentials and password.”

We do not yet know the full scope of the number of transaction details that can be seen via Google, but we can see that they go as far back as at least January in our preliminary investigation. We have not made public how to discover these documents due to security risks, but suffice it to say that we can see the private emails, signatures, times, dates, locations, and document names (hypothetically speaking, we can see “Listing on 201 Main Street” or “Employment Contract – $58k/yr” as document names).

On the heels of a hacker leaking LinkedIn and eHarmony passwords, the leaking of personal information and potential details of legal documents that are meant to be private, is a major problem for several industries and feeds the hysteria behind cloud based storage and digital data sharing.

The company tells AG that “While DocuSign encourages customers to save their signed documents on the secure DocuSign Global Network, we are also required by law to offer customers the ability to download and retain their own personal copies,” adding that “it appears that a very small number of DocuSign users have saved their own personal copies of their signed documents to publicly accessible and searchable locations outside of the secure DocuSign Global Network. In the event that customers need to save signed documents in a location outside of DocuSign, we encourage that they ensure the location meets the security requirements of all signing parties.”

DocuSign asserts their “commitment to security” as outlined on their website. DocuSign is the official and exclusive provider of electronic signature for the National Association of Realtors’ nearly one million members, under the REALTOR Benefits Program, and is used by many industries, including users like American Airlines, LinkedIn, Sony, and Yamaha.

After publication, all links formerly discovered through a Google search appear to no longer be clickable, but can still be viewed through the Google cache, as seen in the before and after below.

The American Genius is news, insights, tools, and inspiration for business owners and professionals. AG condenses information on technology, business, social media, startups, economics and more, so you don’t have to.

Continue Reading
Advertisement
39 Comments

39 Comments

  1. abodograph

    June 7, 2012 at 2:07 pm

    Nice work breaking the story!

  2. jonbenya

    June 7, 2012 at 2:15 pm

    Wow, so glad I’m not on Docusign! 

  3. Market Leader

    June 7, 2012 at 3:50 pm

    Definitely something to be aware of. Thanks for sharing!

  4. MatthewCohen

    June 7, 2012 at 3:50 pm

    I can see what you guys mean – but ask yourselves if the information disclosed is truly PII as defined in any state, or simply *might* be undesirable to have disclosed.

    • franklyrealty

      June 7, 2012 at 5:29 pm

       @MatthewCohen I had to google PII. I got this:
      Personally Identifiable Information (PII), as used in information security, is information that can be used to uniquely identify, contact, or locate a single person or can be used with other sources to uniquely identify a single individual.
       
      I would think that a private email address and private name with information that they signed an “offer to purchase 555 Oak” as being VERY personal information that can “uniquely identify” a person. And as for “locate a single person” it actually has the GPS coordinates of where the person signed. Is that PII enough?
       
       

      • MatthewCohen

        June 7, 2012 at 5:41 pm

         @franklyrealty  – Again, I see what they mean – there is significance and some sensitivity, but read further into any state’s definition of PII and when it rises to the level of significance that must be disclosed it is almost always a first initial or first name and last name plus one or more of the following (1) Social security number. (2) Driver’s license number or State ID number. (3) Account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account. In some states the account number alone is sufficient, without the password.

        • franklyrealty

          June 7, 2012 at 6:03 pm

           @MatthewCohen Got it. No passwords here. Would showing the full contract be PII in your opinion? I wouldn’t be surprised if it was up there as well. I will look.

        • jonbenya

          June 7, 2012 at 6:07 pm

           @franklyrealty  @MatthewCohen Showing the full contract would certainly be PII, IMHO.  consider if the contract exposed was a cash offer with bank statement proof of funds, or copies of drivers licenses in the file.  Also, a check copy with acct and routing numbers?  That would make for a SERIOUS breach.

        • franklyrealty

          June 7, 2012 at 6:14 pm

           @jonbenya  @MatthewCohen I just found one saying “Final Offer 555 OAK.pdf” (I changed the address). I would think this is very private information. I wouldn’t want other buyers knowing that I was offering on a house. Yes it could interfere with the deal.

        • jonbenya

          June 7, 2012 at 6:21 pm

           @franklyrealty What about the unique signature block and ID number below?  Can that be used fraudulently?

        • MatthewCohen

          June 7, 2012 at 6:35 pm

           @jonbenya  @franklyrealty The whole file would DEFINITELY be a serious breach!

        • franklyrealty

          June 7, 2012 at 6:45 pm

           @jonbenya Well the signature is usually not a real client wet signature in the sense that it wasn’t done with a pen (I think). And I don’t think that ID# can be used for anything useful to a hacker. 
           

  5. Missy Caulk

    June 7, 2012 at 4:27 pm

    Dang what is going on? I hate to hear this. Wonder why they have not notified us? 

    • franklyrealty

      June 7, 2012 at 5:27 pm

       @Missy Caulk Because they don’t know. It has probably been on there for many months.

  6. DanTroup

    June 7, 2012 at 4:58 pm

    While I think this is a good find, I don’t think it has the same weight as other breaches.  If you could actually access the documents then I would say it was huge.  Just names and email isn’t something I would stop using them for.  If you found this on your own then I feel you should have brought it to DocuSign in private and allowed them to fix it.  Once it was fixed, then publish your story. 
     
    Just because the pages were on https doesn’t mean they can’t be public. https is a protocal not a URL structure.  https can be used for public or private websites where you want the data transfering between the user and web server to be secure.  How that data is published on the server has nothing to do with https.

    • franklyrealty

      June 7, 2012 at 5:21 pm

      @DanTroup
      Reagrding HTTPs, Yes, I think the point is, it is funny when companies use “httpS” in part to seem more secure. But it isn’t so secure if you just let Google index it.
       
      So you would rather AG hold onto the information for a few days, while more customers expose themselves, vs telling Docusign first to try and fix it? Fix it how? It isn’t like Docusign can immediately remove the information from Google and Google Cache.
       
      Sure they didn’t leak the full contract. Well, as far as we know. Maybe they did. But leaking unpublished private email addresses and any details of a private contract is horrible. We have to trust these companies. I just found a colleague of mine. I bet she will NOT be happy that THREE of her transaction details (not the contract itself) are on Google. Three over 6 months.
       

    • franklyrealty

      June 7, 2012 at 5:22 pm

      @DanTroup
      Regarding HTTPs, Yes. I think the point is, it is funny when companies use “httpS” in part to seem more secure. But it isn’t so secure if you just let Google index it.
       
      So you would rather AG hold onto the information for a few days, while more customers expose themselves, vs telling Docusign first to try and fix it? Fix it how? It isn’t like Docusign can immediately remove the information from Google and Google Cache.
       
      Sure they didn’t leak the full contract. Well, as far as we know. Maybe they did. But leaking unpublished private email addresses and any details of a private contract is horrible. We have to trust these companies. I just found a colleague of mine. I bet she will NOT be happy that THREE of her transaction details (not the contract itself) are on Google. Three over 6 months.
       

  7. Merge

    June 7, 2012 at 6:01 pm

    They should really be using a hash or id. It’s extra work to put the name in the url. I would be interested in hearing why they chose to do that.
     
    I’m even MORE interested in why they allow indexing of those pages. It takes seconds to throw a robots.txt file up and keep search engines from seeing/indexing the pages.

  8. joannasmitherton

    June 7, 2012 at 7:01 pm

    Hi folks:
     
    AGBeat is trying to sell a story when there is no story.  This is about people storing documents in public – OUTSIDE the DocuSign service.  DON’T DO THAT.  Many agents have been using public sharing folders to get documents back and forth to customers using tools that are not designed to protect them.  THIS IS WHAT HAPPENS.
     
    It has nothing to do with DocuSign security.  
     
    Biggest lesson – DON’T store documents outside DocuSign. If you do, make sure it is a secure location, or you will put your customer’s information at risk.  (Not only the info about who signed, BUT THE DOCUMENTS ALSO)..
     

  9. franklyrealty

    June 7, 2012 at 9:49 pm

    I told my agents to stop using Docusign until the matter was resolved. 
     
    It appears that they found a solution to a problem they still deny existed. Now, moving forward, these private URLs will be blocked from Google via a firewall. That is great for the FUTURE, but still does not fix the approximately 10,000 users that were already indexed and still in Google’s Cache.
     
    I demand that Docusign fess up (like Tylenol does when they mess up, albeit to a worse extent) and email ALL users about this glitch or at least email the 10,000 people that likely are NOT aware that their data was released to the public for Google. 
     
    How can we trust them if they just Deny Deny Deny. Remind me of a Chris Rock video: https://youtu.be/I28rarDdaCY?t=2m20s
     
    One agent that was on there 3 times said she called Docusign and their response was “they have a team of people working on it and they know it’s a huge problem.” If it wasn’t a mistake, the answer should have been “yeah, you must have made it public, your fault not ours.”
     
    It doesn’t matter how many ISO 9000s you have and 1, 2 3 parties that supposedly test your system, when you leave the front door open. I can have Brink’s Security on my house, but who cares if the door is left open.
     
    Want to know if you are in there?
     
    Here is how:
     
    Google:
    site:https://docusign.net  “YOUREMAIL@YOURDomain.com”           (with quotes)
    or
    site:https://docusign.net  company name
     
    and see what you find. And make sure you click on the CACHED version.
     
    I just did a search and found a second friend of mine on there… they will not be happy. 2 so far.
     
    I also found a few lawyers that have their info online. Asking them if they were stupid enough to have pressed some button to make it public. I really doubt it. And if they think it was stupid for Docusign to even allow that to happen (part of what they need to protect against is user error).
     
    Frank

  10. ArnCenedella

    June 8, 2012 at 12:59 am

    I like the docusign product and if there is a problem, I believe they will fix it.
    Name and email address “breach” is a problem but it is not the end of the world. And I do believe it is possible, docusign users thru their own actions made the this data available.
    It is also good reminder to us all that any data or info transferred over the Internet may not truly be safe.
    I don’t think names and emails being “hacked” is a big deal.
    I would think most folks who are on-line have emails addresses posted on the web already, right? Lots of folks are on line for either social or business reasons want their contact info posted and they want people to be able to contact them.
    Property ow nerd hip records are public records and easily accessible.

    • franklyrealty

      June 8, 2012 at 1:16 am

       @ArnCenedella Correct. Not the end of the world.
       
      You tell me. If you sent a Docusign to a client. To offer on a house. A bidding war lets say. And he comes to you and says “why is it that some/any details from our confidential contract ‘Offer on 555 Oak Street’ are posted on Google for all to see? Also it has my private email address and the GPS coordinates for my home where I signed, I am not happy.”
       
      Are you going to tell them “Dear Sir, it is not the end of the world, get over it.”? I doubt that. 
       
      And no. Due to MASSIVE spam problems, I never post my email address ANYWHERE. So I would be very pissed if Docusign posted it online for spammers to have access to them. And yes there are web crawlers just out there looking to cultivate new email addresses to spam. 
       
      Yes they did change their system. They have yet to admit to fault or notify people that some/any of their data is online.
       
      The worst part is this is just what was found. It begs one to ask what else is out there and Docusign hasn’t disclosed.

      • BenspBenfb

        August 30, 2012 at 6:38 pm

         @franklyrealty  @ArnCenedella Yes, blaming their customers seems suspicious because there were so many. And then they managed to “fix” it and get Google to remove the links, something hard to do if the data being indexed wasn’t their own.

  11. franklyrealty

    June 8, 2012 at 1:22 am

    Any Docusign competitors out there?
     
    Anybody willing to chime in? Would your system EVERY allow your customer’s data (even if it is just an email, GPS location and contract name)  to be accessible via Google, while still hosted on your URL?
     
    If not, what steps do you do to prevent this?

    • franklyrealty

      June 9, 2012 at 3:44 pm

      Really disappointed that the Docusign competitors haven’t had the guts to come forward and state whether or not they had the same issue.

      • BenspBenfb

        August 30, 2012 at 6:36 pm

         @franklyrealty Well, it’s impossible to prevent your customers for disclosing their confidential information (purposely or accidentally). If they posted docs that contained the unique links (how did Google get those links anyway…there are so many instances it seems unlikely it was random users doing this).  Of course, most sites would have a simple robots.txt that would keep Google (being honest right?) from indexing such a site. Otherwise, the link needs to be protected, but often the “protection” is just a unique link sent in an email that you expect only the owners to have and not have them submit it to Google for indexing.  I wonder if that’s what really happened, Google indexing customer’s email?  I’ve not heard of anybody else suffering this, though, so I still suspect it was DocuSign’s fault and not their customers who did something odd like post their unique links somewhere Google could index it.

  12. AgentGenius

    June 8, 2012 at 1:38 am

    please see story updates, docusign explains how it’s not a security breach

  13. DanTroup

    June 8, 2012 at 7:42 am

    @AGBeat, what made you think this was a security breach?  You had evidence of someone breaking into DocuSign and stealing information?  This is what a breach is.  There is a huge difference between your story and other breaches in the news.  Please don’t confuse the two.  If someone wants to steal your car they have to break the window and hot wire the ignition. This is a great example of a breach.  What you found, was data that was willing exposed.  This is not a breach.
     
    Anytime you find a security flaw your first step is to contact the company.  Notifying the public first is just doing more damage.  You draw attention to something where you don’t have control.  For those that are thanking AGBeat, how are you fixing the issue?  Are you calling all your clients letting them know? Are you removing their information from showing?  You’re probably notifying them, but there is absolutely nothing you can do to resolve the issue.  If there was something you could do to fix this issue then publishing the story would have been great.  They could have included instructions for fixing the issue and you would have looked like a hero.
     

  14. Merge

    June 8, 2012 at 9:15 am

    Dear Docusign & Docusign Developers,

    Life might suck right now, but things will get better.

    Hope this helps.

    https://support.google.com/webmasters/bin/answer.py?hl=en&answer=1663660

    I am a Sr. Developer, willing to chat/help just because I know what its like to be in a tough spot. No charge. If you ever need me just send a quick email to Joel (attt) MergeApp.com

  15. nartech

    June 13, 2012 at 4:39 pm

    This is a good opportunity for me to make a pitch for the importance of privacy and data security in all contexts. (i.e. not just when using Docusign.)  NAR has produced a data security and privacy toolkit to help you think about how you handle sensitive customer data. You can find it by following this link https://www.realtor.org/letterlw.nsf/pages/1010datasecurityprivacytoolkit?OpenDocument&Login
    You must be a member of NAR and give your NRDS number to access the document.

  16. unhacker

    July 23, 2012 at 2:55 pm

    Okay first off, yes as many have noted, this is not a “breach” as the term is generally used in Infosec.  This is certainly a risk, but is probably best characterized as ‘disclosure’.
     
    Most importantly, though, this information /was/ in fact retrieved from (or via) DocuSign’s own servers – if you doubt that, simply recognize that it was a change on DocuSign’s part that has closed this exposure.  That’s because they (probably) have restricted Google from indexing that content.  And that is what they should have done From Day One, Already.
     
    This isn’t a breach: It’s evidence of a weak or lax back-end security posture, or procedures.

    • BenspBenfb

      August 30, 2012 at 6:31 pm

       @unhacker Technically this is correct, but allowing confidential pages to be accessible is bad form, and they did put a fix in to resolve it, showing that it was an error that could be fixed easily.

  17. Ronie Walter @ IT Staffing Agencies

    July 29, 2012 at 8:35 am

    DocuSign moves the process of getting important documents signed completely online. Its tagging system shows the recipient what to do, and it offers a full court-accepted audit trail of the process. It’s a great choice for electronic signing of documents.

  18. Pingback: Despite DocuSign promises, they couldn't avoid the inevitable - The American Genius

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech News

Google Maps will soon display traffic lights

(TECH NEWS) The addition of traffic light positions to Google Maps promises to boost navigation accuracy. Now you won’t run a light while looking at navigation.

Published

on

google maps traffic lights

At over 150 million monthly users, Google Maps’ value is not to be understated. With a new feature that shows traffic light positions rolling out to select devices and locations soon, one can expect that trend to continue.

A common issue with navigation via an app–especially when navigating solo–is a lack of precision that can lead to confusion, missed exits, potentially dangerous driving, and, worst of all, spilled coffee. By adding the location of traffic lights, Google Maps will improve both landmark recognition and automated navigation by providing drivers with more accessible information.

It’s worth noting a couple of arguing points, the first of which is the assertion that Google is starting from scratch on this feature. They aren’t. In fact, Japan-based Google Maps users have had access to traffic light positioning for years; Google is simply expanding the feature to include a larger number of cities and population density.

In a similar vein, Google also isn’t the first company to implement an ease-of-access feature such as this. Apple Maps has incorporated traffic light recognition since the release of iOS 13, and while its use is hit-or-miss (my iPhone 11 fails to pick up most traffic lights in my admittedly rural town of residence), the option to have Siri direct users to the nearest traffic light rather than saying “in 213.7 feet, turn left” is helpful.

That said, Apple Maps is a service which sees a little over 20 million monthly users–a far cry from Google Maps’ monthly base. For Google, accuracy and speed of updates will be paramount for a successful, routinely helpful launch.

At the time of this writing, Google plans to release the traffic light feature in New York, San Francisco, and a few other United States cities. The feature will be available on Android devices–sorry for now, Apple users–and will ideally expand to encompass most of the country if the initial release is successful.

It will be interesting to see how comprehensive Google’s coverage is and how quick the company is to adjust positioning of lights as cities do what cities do best. For now, if you have an Android device, keep an eye on your Maps app–good things are coming your way.

Continue Reading

Tech News

How Microsoft plans to upskill millions of workers during COVID-19

(TECH NEWS) Microsoft is providing affordable and accessible resources to upskill workers during the COVID-19 economy.

Published

on

Microsoft helps

While the undeniable amount of job loss in the Unites States, thanks to COVID-19, may have lost some steam in the news, there are many people out of work and job searching. As of June 6, 2020, “Total nonfarm payroll employment rose by 4.8 million in June, and the unemployment rate declined to 11.1 percent, the U.S. Bureau of Labor Statistics reported today.”

This means many Americans are quietly pondering their next move. Some are freaking out over what their next place or type of employment will be, while others are taking a minute to pause and re-design their life’s path. Both may be hopeful that their career is aligning with their ultimate goals or ways in which they would prefer to live their life via professional pursuits and family preferences. There may be an optimistic outlook as well if they have been able to score interviews and feel some excitement about new opportunities amongst the angst and uncertainty.

However, as you may likely know, after a job loss, the job seeker has some extra time to think and this can be scary for some. They may catch themselves with extra worry or spinning in the what ifs? What if I don’t have the skills for the jobs in demand? What if I’m too old? What if they are not looking to hire someone with my credentials? What if I am unable to replace my salary?

Let’s look at the data when we cannot get out of our heads. What are jobs that are in demand and will be growing? According to VentureBeat and Microsoft, here are the top 10 jobs that are in demand and likely to grow over the next decade:

  1. Software developer
  2. Sales representative
  3. Project manager
  4. IT administrator
  5. Customer service specialist
  6. Digital marketing specialist
  7. IT support / help desk
  8. Data analyst
  9. Financial analyst
  10. Graphic designer

In tandem, Microsoft is providing access to “learning paths” and resources for users to develop skills for these jobs, which will be available from today until the end of March 2021, and includes a series of videos to help jobseekers start off on the right foot for each role. Microsoft will also connect more technical roles with other resources and tools, including its bot-powered GitHub Learning Lab where budding coders can practice new skills. And feeding into this, Microsoft said that it will join the dots through to qualifications, by offering “low-cost access” to industry-recognized Microsoft certifications “based on exams that demonstrate proficiency in Microsoft technologies,” Microsoft President Brad Smith said in a separate blog post.”

Venture Beat goes on to say that “Microsoft has announced a slew of new initiatives designed to open up access to new digital skills, including cash grants, providing access to data, affordable certifications for Microsoft products, and a new learning app baked directly into Microsoft Teams.”

Looks like those software developers aren’t going away and you can hate on sales all you want, but those are needed for companies to keep their doors open and sell their products or services.

It seems apparent that the tech giant is looking to make a positive impact and help upskill workers to be able to explore and gain the skills they need to pursue these available and growing job opportunities. They are utilizing the data available within the LinkedIn platform to provide insights on job postings, as well as pledged to support access to learning and non-profit organizations. Microsoft is also making smart moves to grow and expand in an area where they see some major growth opportunities (within the LinkedIn Learning platform and MS Teams). Microsoft CEO mentioned that we have seen a 2-year digital shift in about two months due to COVID-19.

However, this does pose a question – how long will it take for hiring managers to catch up on reviewing resumes of those that had to make a job switch and may not have the previous experience they typically look for when hiring? There is fair room for a discussion that those reviewing resumes will also need to be informed of the career shifts of candidates due to COVID-19 and may need to spend a little bit more time making sure they are not dismissed for looking to make a switch after their upskill experience.

There may also be some questions from employees if they do not feel they resonate with any of those jobs listed as growing over the next decade. We may see a spike in entrepreneurial activity and people setting out to create and design their own work-life harmony – especially if the remote work opportunities are only going to grow exponentially.

Continue Reading

Tech News

Study finds 1,000 phrases that accidentally activate smart speakers

(TECH GADGETS) Don’t worry about accidentally activating your nosy smart speakers… unless, of course, you utter one of these 1,000 innocuous phrases.

Published

on

smart speakers

It’s safe to say that privacy concerns, especially in today’s digital era, are unquestionably valid. With new video recording technology making it easier to identify people at a glance (whether they like it or not) and concerns that your smart speakers are eavesdropping on you, it may feel like you’re bordering on slightly paranoid around modern technology.

After all, even though there have been cases of smart speakers picking up on intimate conversations, there’s absolutely no risk of them overhearing private things without your consent, right? Even though it’s been documented that these devices — including Cortana, Alexa, Siri, and Google Home — have listened in relationship spats, criminal activity, and even HIPAA-protected data, you’re totally in the clear.

Oh yeah. The thing is, everything that gets broadcast into your smart speaker? There’s a completely random chance that someone back at headquarters may decide to sift through it in order to improve AI learning.

And while most of the time these conversations are totally benign, it doesn’t change the fact that a complete stranger is getting an earful of your private life. In fact, these transmissions? Are actually completely admissible in court, as several murder cases have already demonstrated. Their key evidence was none other than poor Alexa herself.

But wait, wait. These smart speakers can only get your information if you activate them, and that requires you to clearly enunciate their names. Right? Um. Not exactly. Even though you may think that you need to speak crisply into the speaker to activate it, it turns out that these devices are highly sensitive to any suggestion that you might be talking to them. It’s almost like your dog when you even remotely glance at his bag of doggie treats in the corner: one crinkle and Fido comes running, begging for some kibble and ready to serve you.

It’s the same for your smart speakers. As it turns out, there are over a thousand words or phrases that can trigger your device and invite it to start recording your voice. These can range from the perfectly reasonable (Cortana hearing “Montana” and springing to attention) to the downright absurd (Alexa raising her hackles over the words “election” and “unacceptable”). Well, crap. Now what?

It’s no secret that someone is listening in on your conversations. That’s been clearly documented, researched, dissected, and even accepted at this point. However, if you thought that they’d only listen to it if you gave them implicit permission by activating your device (which, to be fair, should not even count as permission in the first place), you were wrong.

So what’s a privacy-loving person to do? Just suck it up and try to choose between the lesser of two evils? On one hand, yes, these smart speakers are super convenient and can make your life easier. On the other?

Well, if you’re a fan of your privacy, then perhaps these devices aren’t meant for you. At this point, you’ve got little recourse. These companies will continue to use your data, and there’s nothing stopping them from spying on you. That is, unless you prevent them from doing it in the first place.

If you want to keep your private conversations private, either unplug your smart speaker when you’re not using it, or don’t get one in the first place. Otherwise, you’ll continue to give your implied consent that you’re totes cool with them butting in on your personal life, and they’ll continue to be equally totes cool with using it without your permission.

Continue Reading
Advertisement

Our Great Partners

The
American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.

Emerging Stories

Get The American Genius
neatly in your inbox

Subscribe to get business and tech updates, breaking stories, and more!