Sun Microsystems violated its privacy policy and redistributed the personal data of customers who asked that their information be kept private, according to a New Hampshire-based consultant.
Dave English, a freelance software quality-assurance engineer, said that Sun shared his email address with its business partners, even though he explicitly directed the company not to.
"I really expect this from a guy selling vitamins out of his garage, and not from a multinational, billion-dollar corporation," said English, who received two unsolicited offers from companies featured on a Sun promotional CD release that he ordered.
Several months ago, English signed up to receive Sun Solutions, which contained demo software and development tools. The subscription page requires consumers to fill in demographic information including occupation, job function, phone number, and email.
Text on the page states that consumers can opt not to receive offers and mailings from the company's business partners. The option to receive offers is set by default in the "no offers" position, and English said that he left it there.
When prompted on the form for his email address, English instead entered what the direct-marketing industry calls a "decoy." He set up a new account for himself on his own server and gave the company an address containing the word "Sun."
English said that was the only time he ever used that address.
On 2 December, English received two email solicitations from companies that include demo programs on the Sun Solutions disc. The mails were sent to his decoy address.
English complained to privacy@sun.com, the company's privacy-policy feedback address and that over the course of the past week, the matter escalated to the highest levels of the company. English is set to meet with Sun's legal department in a conference call on Monday.
