Comments on: Navigating the law of unintended consequences

A legislative rush to prevent privacy violations could create more problems than they solve, says CNET News.com's Declan McCullagh.

[patsimon]

Largest risk is US Post Office

Did you know that anyone can change you mailing address? No identification is required. A thief can simply fill out a card with your existing name & address, put the forwarding name & address, and sign your name. The new address is recorded in the U.S. Post Office database and is sent to credit card companies, who in turn send it to the 3 major credit reporting agencies in the U.S. Meanwhile, your first class mail gets forwarded to the address the thieves have chosen. In this manner the thieves have gotten all of my personal information, including SS#, medical information, and even a copy of my credit report from one of the big 3 (TransUnion, Equifax, Experian). They changed my address 4 times in as many months. No proof of identity is required to do this, and the Post Office folks responsible for the central forwarding database in Tennessee have no way to flag your account so that it does not get changed. Check it out for yourself if you don't believe me. Even if you speak with the folks at your local post office and tell them not to forward, the mail gets forwarded from the central forwarding service before it ever reaches your local post office. This seems to me a bigger security risk than any of the computerized databases.

[declan00]

Post Office as privacy risk

Patricia: That's a very good point! Thanks for bringing it up.

Postal Service protects privacy

In response to Patricia Simon, the U.S. Postal Service safeguards the privacy of individuals and by law employes Postal Inspectors to investigate crimes involving mail theft and fraud. In addition, it was one of the first government agencies to employe a Chief Privacy Officer. I understand that Ms. Simon may have had a very bad experience and it may have occurred some time ago, but here is what happens today. The USPS does not give Change Of Address (COA) to credit card companies or credit reporting agencies. The USPS does provide COA information to mailers ? but only if they have a name and old address so the customer can continue to receive his or her mail. We presume that is why a COA was filed: so a customer can continue to get their mail at their new address. We have built in safeguards to prevent fraudulent COAs. A letter is sent to both the customers? new address and old address confirming receipt of a COA and providing contact points in case a COA was not intended.

same goes for hastily written columns

lol

I mean his comments could cause more damage than 'good' so why listen to them at all.

Its all about the 'straw man'; journalists think they hold some special place in straw man theory, only they can propose thoughtless or thoughtful proposals.

Welcome to the new world where lawmakers take on the art of the 'pose', as well.

You know its the old one about "life imitating art, imitating life", or somesuch nonsense like that.

I Say Shoot First And Sort Out The Details Later

I would like to see every State and several Federal agencies come out with their own regulations governing the mess these companies have created.

These companies should have to prove why they need this information. They need to prove why they are collecting it. They need to guarantee the security of the data. They need to notify people when they fail at any of the above.

One can always find a reason for not doing something -- and this ain't one of them. I never thought I would see the day that I long for more government regulation....

[Michael Grogan]

Best interest?

"Is such a sweeping definition of "personal" information really in the best interests of business owners in New Jersey?"
Do we really care what's in the best interests of the business owners who have been inventing all of these ways to screw with our privacy? Let 'em eat cake and leave my personal info alone...

[declan00]

"best interest"

You're taking an unfortunately narrow view of "best interest." Last I checked, without NJ businesses to pay taxes and employ their workers (directly) and government workers (indirectly), NJ would be bankrupt quickly. Imposing onerous requirements on small businesses will, at the margin, make them less likely to hire, less likely to expand, or less likely to remain in the state.

I'm not saying that this requirement by itself will make businesses flee, but it is one more regulation that small business owners will consider.

Ironically, it's the large corporations (who you apparently dislike so) that will have an easy time of complying with regulations. They've got the full-time legal department. A sole proprietor doesn't.