[IP] more on Banking Alert (fwd)

To: Ip ip <ip@xxxxxxxxxxxxxx>
Subject: [IP] more on Banking Alert (fwd)
From: David Farber <dave@xxxxxxxxxx>
Date: Fri, 27 May 2005 07:40:21 -0400
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
References: <20050527010036.GA53058@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: dave@xxxxxxxxxx
Sender: owner-ip@xxxxxxxxxxxxxx

Begin forwarded message:

From: Adam Shostack <adam@xxxxxxxxxxxx>
Date: May 26, 2005 9:00:36 PM EDT
To: David Farber <dave@xxxxxxxxxx>, provost@xxxxxxxxxxxxxx
Cc: Ip ip <ip@xxxxxxxxxxxxxx>
Subject: Re: [IP] more on Banking Alert (fwd)

Isnt this a violation of California's SB 168? (TITLE 1.81.1, 1798.85,
a 5:)

a) A person or entity, not including a state or local
agency, shall not do any of the following: ...(5) Print an
individual's social security number on any materials
that are mailed to the individual, unless state or federal law
requires the social security number to be on the document to be
mailed.

http://info.sen.ca.gov/pub/01-02/bill/sen/sb_0151-0200/sb_168_bill_20011011_chaptered.html



On Thu, May 26, 2005 at 08:44:16PM -0400, David Farber wrote:
|
| I know which one, the idiots. djf
|
|
| Begin forwarded message:
|
| From: "Dr. James J. O'Donnell" <provost@xxxxxxxxxxxxxx>
| Date: May 26, 2005 7:36:07 PM EDT
| To: David Farber <dave@xxxxxxxxxx>
| Subject: Re: [IP] more on Banking Alert (fwd)
|
|
|
| Dave, the problem is not isolated.  I will be vague so as not to
| increase
| the security risk, but a top 20 bank recently sent its customers a
| letter

| telling them about online services and giving them their onlineservices

| account number.  The number was their SSN.  When called on this, they

| said, well, but we formatted it differently (xxx-xxx-xxx), andbesides,

| many of our customers prefer to use their SSN as their account number.
|
| They sent out many thousands of these in ordinary postal envelopes,
| assuming that they had no dishonest mailroom employees whatever, etc.,
| etc.  What I was most surprised by was their blank incomprehension at
| the
| thought that one might object.
|
| Jim O'Donnell
|
| On Thu, 26 May 2005, David Farber wrote:
|
|
| >When a very large bank starts to use personal identifiers in insecure
| >communications, identifiers which have not even been authorized for
| >that use by the person they identify, I believe that some points need
| >to be made in regard to right to privacy and security expectations.
|
|
| -------------------------------------
| You are subscribed as adam@xxxxxxxxxxxx
| To manage your subscription, go to
|  http://v2.listbox.com/member/?listname=ip
|

| Archives at: http://www.interesting-people.org/archives/interesting-people/



-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] more on U.S. shuts down network that leaked 'Star Wars'
Next by Date: [IP] Conference on Electronic Entertainment Policies, Problems, Solutions
Previous by thread: [IP] more on Banking Alert (fwd)
Next by thread: [IP] U.S. shuts down network that leaked 'Star Wars'
Index(es):
- Date
- Thread