Publisher Robert Ellis Smith
__________________
|
FeedbackComments From Our Readers Click and type in a question or comment Excellent resources on this site for those interested in online privacy. Nice work! I would be interested in your thoughts on what we're doing at privacychoice.org, and how we can improve it. http://www.privacychoice.org Jim Brock From Andre, Albany, Ga.: I was trying to send money overseas using Moneygram service. It came to my surprise that they asked me for my SSN and they even went beyond that by asking to have my SS card copied for their files. I offered them my driver license but they refused it. They cited the reason was the amount being sent above two thousand dollars. How do you take at that? Do you think I can fight them? Response: The USA PATRIOT Act requires financial institutions to "know your customer" and often this means collecting Social Security numbers and asking for ID from new customers. The institution wants to copy the documentation to prove that it complied. A cash transaction of $10,000 usually triggers a required report to U.S. government authorities, although other aspects of a smaller transaction can trigger a Suspicious Activity Report by the bank. In general, DON'T provide a Social Security number unless it is for Social Security itself, tax purposes or Medicare. (A transaction involving a significant amount of money usually has tax consequences.) DON'T provide a Social Security number by telephone or online unless you are positive of the identity of the organization. Try to persuade the requester of the dangers of identity theft or the indignities of being enumerated. If that doesn't work, shop elsewhere. There are competing money-transfer businesses. (This response was revised June 17.) Comment: Why don't you have a well publicized Facebook privacy settings page design competition? Comment: What can be done about Google, who are now showing search results of old newspaper articles? A search of my name shows articles from a 23-year-old court case for which I was acquitted. This can now be seen by my colleagues, wife , neighbors, acquaintances, etc. It is very embarrassing and could result in my dismissal, ridicule, harassment and even physical harm. My 11-year-old son could be subjected to harassment. It reveals personal medical information and I am outraged over this. Google responded to my complaint suggesting I contact the owner of the Web site. Of course, the newspapers think their poorly written and vindictive articles from the past are above reproach and truthfully represent historical fact. This is hogwash and a present threat to my personal security and privacy. Google claims innocence and in my opinion are culpable for any harm befalling myself or family! Innocent but still prosecuted. Response: This is going to be very difficult, because Google does not own the material you are objecting to; it merely points to it, along with billions of other bits of information. The news organization is generally not obligated to remove such information because the First Amendment prevents the government, including a court, from requiring this. TWO EXCEPTIONS: If elements of the story are untrue and you can prove it, you may sue for libel. If the information is true but puts you in a false light for any reason including the passage of time, you may sue for invasion of privacy. For more on this, see the Supreme Court case of Wolston v. Readers Digest, 443 U.S. 257 (1979). Google it. If this is your situation, a demand for the news organization to remove the item may be successful. If that doesn't work, (1) ask the news organization to place your short rebuttal with the electronic entry; (2) get your name listed in Google so many times that the damaging entry is reduced in importance and lowered in Google's search results; (3) start a personal Web page or blog that refutes the 23-year-old entry and portrays yourself as you wish to be portrayed now (and this Internet entry will be picked up in a Google search); (4) and certainly anticipate that this old event will continue to come up and so tell family members and employers in advance about it, with documentation on hand to prove the acquittal. The news organization would seem to have a moral obligation to include reference to the acquittal in any electronic version of the old story and to make sure this shows up in a Google search. But remember, even if the original entry is removed from the Internet, search engines have previously cached the displayed information. In other words, they have stored it and it will show up in a subsequent search (labeled "cached.") From Phoenix: Outlaw the use of our Social Security numbers as identifiers. Thirty years ago it didn't matter if someone had your Social Security number; it was for one purpose only. My Social Security card was shown for only one purpose: employment or collection of benefits. Ban the sale of personal information for profit; this is your work product, bits of your life, snapshots sold off for profit. Shouldn’t our life’s work information be just like a copyright? Make the credit and information collection companies have to pay a fee to use and sell your information and allow you to opt out completely. Ban credit and insurance scoring. Credit scores were completely ignored by lenders ready to make a quick buck on what was thought to be a never-ending balloon of home and property values. Insurance scoring penalizes the poor and those who have had financial problems. Comment: If I feel there are subliminal advertisements in College Textbooks as explained in Wilson Brian Keys book "The Age of Manipulation" page 51. Where do I get help in rectifying the matter? I wrote to the FTC and the university dean and got nowhere. Response: The FTC is the proper place to seek an investigation. See the Web address for complaints below. Comment: In survey after survey, including a recent MSNBC survey, more than 90 percent of the American people say that workplace discrimination based upon someone’s personal credit report is wrong and should be illegal. The practice was always wrong and from the start has always been a gross invasion of Americans’ privacy. The information has always been used by employers to low-ball wages and intimidate employees based upon the level of desperation depicted in their credit report – while employers use the smoke screen of saying the information is used to protect them from fraud and theft. It’s “the people” that need protection from corrupt politicians and dirty corporate money . . . not the other way around! NOT ONE SINGLE study or shred of evidence exists to demonstrate that Americans with damaged credit reports steal or commit fraud at a higher percentage than other Americans. Response: Reps. Steve Cohen, D-Tenn., Luis Gutierrez, D-Ill., and 51 others are pushing a federal law to prohibit use of credit reports in the employment process, even with consent, except for national-security, government, or financial jobs. HR 3149 is similar to, perhaps more stringent than, laws passed now in three states, including, as reported in the April issue, Oregon on Mar. 29. You should write to your Members of Congress with your views about this important proposal. Inquiry: A few years ago, to protect my privacy, I opted out of ussearch.com. My information has since reappeared and they now demand $10 a year to remove my information. Is there any legal precedence to stop online companies from charging a person to protect their privacy by opting out of their service? Response: Interesting question. We suggest that you notify the Federal Trade Commission, with as much detail as possible. https://www.ftccomplaintassistant.gov/ And notify the World Privacy Forum, which objected to the FTC about this a year ago. www.worldprivacyforum.org/ Depending on what your agreement was with the company in the beginning, this could be an illegal deceptive practice or a violation of the FTC's opt-out guidelines. From Florida: Do plaintiffs in a court case owe a duty not to disclose a defendant's Social Security number in a complaint or exhibits filed with the clerk of the court, under either state (Florida) or federal law? Response: Everyone who has our Compilation of State and Federal Privacy Laws knows where to find the answer: "Until January 1, 2011, if a social security number or a bank account, debit, charge, or credit card number is included in a court file, such number may be included as part of the court record available for public inspection and copying unless redaction is requested by the holder of such number or by the holder's attorney or legal guardian. On January 1, 2011, and thereafter, the clerk of the court must keep social security numbers confidential and exempt as provided for in s. 119.071(5)(a), and bank account, debit, charge, and credit card numbers exempt as provided for in s. 119.071(5)(b), without any person having to request redaction." That's the law in Florida. We believe that less specific laws in AZ, CA, CT, HI, IL, KY, MD, MN, MO, NJ, NC, RI, UT, VT, VA, and WA could be interpreted to prohibit this disclosure in court filings, especially if a business is the plaintiff or defendant. Question: When will the 2010 supplement to the compilation of state laws be published? Response: It's ready. You may order it now, $25 plus $4 shipping. Specify hard copy or electronic pdf version. Click and type in a question or comment Comment: I'm trying to spread awareness of http://www.dirtyphonebook.com among privacy advocates because there's nothing else like it out there. Be very careful about this. Question: If I wish to view my complete medical records what is the procedure? Do I just ask my doctor, or do I need to make a special appointment? Can a doctor refuse to show me the records or withhold a portion of the records? When I change to a new doctor can they refuse to see me if I do not have my records transferred to them? And if I do have my records transferred do they include all records from birth? Response: It depends. It depends. If you have seen the same doctor for many years, there will be a large file dating back to your beginning date, but certainly not since birth. Most doctors records do not have information from outside the doctor-patient relationship unless you asked for them to be placed there. Doctors are obligated to transfer records to a new practitioner. If you are seeing a new practitioner for a new condition, there would seem to be no need to transfer records if you wish not to. If for an existing condition, it would make sense. At any rate, there is no law on this one way or another. The HIPAA regulation does not require a special appointment to see your records, but an office has 30 days to arrange for you to see your record and may charge you for copying expenses. Comment: Awesome story about cloud computing in your Oct. issue. Comment: I just ordered the updated supplement to the privacy laws and thought that there was a place where I could order the pdf version. I couldn't locate it so I ended up purchasing the paper copy. The site is much improved over the years I have been a patron. Response: The text of our 2002 compilation of state privacy laws AND the most recent supplement are both available in pdf format as an email attachment. Same prices as the hard copies, but no shipping charges. Comment: How can we stop the medical field from using our SSN as an identifier? I live in Florida where there is no law that says they can't use it, and they give me a hard time whenever I don't want to give my number. They must stop this dangerous practice! Response "A hard time" is a small price to pay for sticking up for your dignity. By objecting to collection of Social Security numbers, you may educate the doctor's office and you may lead others in the medical profession to understand that many Americans object to the practice and therefore the profession should do without Social Security numbers. Just as there is no law preventing them from asking for a SSN, there is no law requiring you to provide it to get medical treatment. Point out to the doctor's office that you will have to forego medical treatment if compelling SSNs is its policy. Maybe you will shame them into waiving the request; most of the time it will. Otherwise report the office to the local medical association. ONE EXCEPTION: The SSN is the Medicare/Medicaid number and there is no way around that presently. In this case, ask the doctor's assistant to write in the file: "The patient does not consent to disclosure of his or her Social Security number." From Maryland: In this state, there is a law called the Maryland Social Security Number Privacy Act of 2006 which is supposed to prevent the transmission over the internet, mailing, and displaying someone's Social Security Number. But, as me and my family have learned the hard way, a lawyer could care less about the law and can violate this law anytime they want because they feel that no other lawyer would either sue or prosecute them out of profession courtesy. Do you know of any attorneys in Maryland that would want to hold another attorney's feet to the fire in a civil lawsuit regarding a lawyer breaking this law by purchasing, transmitting, and mailing Social Security Numbers WITHOUT someone's permission? From Massachusetts: On obtaining a search warrant police install a GPS device on a suspects vehicle, can information resulting from the GPS tracking (search) be used or should it be suppressed @ trial under the exclusionary rule, if the warrant went stale? Do you know of any case law relating to GPS searches and monitoring that could be used as support of the argument in Massachusetts. This is a question put to me be my instructor, but is based on a real case, Commonwealth v. Connolly SJC-10355 Fourth Amendment issues richc60@yahoo.com Response: An answer will require legal research. If you want our legal research services, email the publisher. From Minneapolis: We've recently acquired your "Compilation of State and Federal Privacy Laws" for our law firm's library, and it is a very impressive piece of work. From Fort Wayne Indiana: Worthwhile newsletter. From Pittsburgh PA:: The state sent my name, address, Social Security number, phone number to someone else. Do I have a claim? Response: Not in Pennsylvania, which is not one of the dozen states with "fair information practices acts," which prohibit such disclosures in some cases. Still, a court might rule for you if a judge or jury were to find this information private and sensitive AND the disclosure "offensive and objectionable to a reasonable person of ordinary sensibilities." Question: Can you tell me if there is any current statute in VT addressing consent to record a telephone conversation? CR- Cleveland, OH Response: Vermont has no law on electronic surveillance, according to our Compilation of State and Federal Privacy Laws. Interstate calls to or from Vermont are covered by the federal law. Comment: Your analysis of what our government is doing could not be further from the truth. You have no understanding of biometrics much less the real danger they present. You speak about retina scans without having a clue of what you are speaking about. Please research iris scans. Fingerprinting is not the most accurate biometric. Facial recognition is the biometric of choice. You may want to read ICAO 9303, volumes 1, 2 and 3. I know you have no understanding of AAMVA so I would not expect you to know why what is being done is being done or who is promoting the policies. I know you may not believe it but the public needs facts. I have testified in many states on subjects say you are an expert on. What scares me is people actually probably do hire you as an expert. I recommend that you learn what a unique identifying number is before you speak about Enhanced Driver's Licenses and RFID technology. DHS is not the only agency responsible for EDL's. You may want to learn more about WHTI. Also research the State Department's involvement in EDL's. I will provide my name and a site for people to become informed based on fact not speculation. Co-Founder Stop Real ID Coalition. Mark Lerner From Norwalk CT: Keep up the great work! Continue to keep us informed on our privacy and freedom which seems to be in jeopardy everyday.
From Oak Grove MO: Regarding your converting subscriptions to email, do you realize that not everyone (myself included) has a computer, nor can afford one? If and when you do such, I'll not be able to get your paper, therefore, I'll not renew. Response: We haven't converted to email delivery yet, but lots of our subscribers have done so, so that they get the newsletter faster and more reliably. They get to store the newsletters in their computers and search them later by keywords at any time. They get live hyperlinks and color graphics too. But we won't abandon our non-computerized friends; we'll try to find a way to fulfill their needs for a hard-copy edition, despite rising printing, paper, and postage rates, which are rapidly and severely cutting into our ability to practice professional journalism. Of course, if lots of people sign up for our email edition, we'll be able to do this for readers who have not gone high-tech. Comment: Can you put some or all of your books and newsletters on Kindle? Then I would buy them. Thanks.
Response: Our two most popular titles, Compilation of State and Federal Privacy Laws and Ben Franklin's Web Site, are available on Kindle, amazon.com's hand-held device for downloading and reading electronic books wherever you go. Amazon.com's enhanced Kindle now even reads the text to you! From Louisiana: I was very relieved to find your Web site, as I was beginning to believe I am the only person who is uncomfortable with non-stop camera surveillance. On your list of privacy tips you recommend resisting this in our communities, so my question concerns that issue. I live in a very quiet suburb where there has been an explosion of surveillance cameras in every possible location: hospitals just outside patient rooms, restaurant dining rooms, traffic lights. There are no less than five cameras trained on people in line at the post office.
The latest plan is for installation of a widespread camera “security” system throughout all public schools, including elementary schools. As I have a child in this system and thought this was ridiculously over the top and open to potential abuse, I contacted the school board. Their security chief told me that the plan is in response to no specific threat, but to a survey of “concerned” parents and school administrators and the recent news about potential “catastrophic” school events. I know this is apparently overwhelmingly popular with parents, but since you advise bringing up the cultural impact of constant surveillance on innocent people I would like to at least try to do that and see if it makes a difference. Can you direct me to any studies on this, particularly where schools and such young children are involved? Also, are there any studies on the effectiveness – or lack thereof – of surveillance cameras in schools? I know they did nothing at Columbine. Response: Send us an email and ask for a copy of our March 2008 issue and October 2008 issue, which documented the studies done. The consensus was that there is scant evidence of effectiveness. The U.S. Department of Justice said in 2006, “While there is a general perception among system managers and the public that video surveillance cameras are effective in preventing crime, actual evidence is more difficult to find.” From Zanesville, Ohio: Are there chief privacy officers in the states?
Response: We count five: Joanne McNabb is director of California’s Office of Privacy Protection in the Department of Consumer Affairs. Laurie Beyer-Kropuenske is director of the Information Policy Analysis Division in the Minnesota Department of Administration, which enforces the state’s privacy law affecting all levels of government. Hawaii has an Office of Information Practices. Sol Berman in the Office of Information Technology is the first chief privacy officer for the State of Ohio. Sallie Hunt, an attorney who is also executive director of the West Virginia Health Information Network, is state privacy officer. You will find the details you need in our constantly updated DIRECTORY OF PRIVACY PROFESSIONALS. NOTE: Our publisher, Robert Ellis Smith, serves as an expert witness in lawsuits involving all aspects of privacy. For a list of his engagements, write orders@privacyjournal.net. PRIVACY JOURNAL is also eligible for "cy pres" awards from class-action settlements so that we can further our advocacy and consumer education. Question: Is there any specific law that prohibits companies from asking for a Social Security number? I'm not sure where I saw it, but I remember seeing an article which states that the only agencies that can legally require an SSN are the Social Security Administration, the IRS, and the military.
- K.S., Portland, OR. Response: There are no such laws. You may have read advice from us saying that the only legitimate demands for your SSN are when some tax reporting is involved - like payroll, home purchase or sale, bank accounts. The federal Privacy Act prohibits government agencies but not businesses from demanding SSNs unless certain conditions are met. States are starting to pass laws prohibiting certain disclosures of SSNs by state agencies and businesses, but these don't affect whether state agencies may demand the number from you. RI law says merchants may not demand an SSN when a customer makes a purchase. ME disallows denying goods and services to a person who does not provide an SSN, but many industry categories are exempt. NM has a similar law. DON'T give up your number unless the transaction involves tax reporting or it's for Medicare. From Connecticut: Great newsletter. I look forward to it every month. and I learn something every month. Comment: I understand your point about needless concern about transmitting a credit card number through unencrypted email. I do agree that the chances are rare, but it's just as easy to publish a PGP key for all emails. This failure to take such a simple step concerns me. Check out this site that helps protect your privacy and reduce junk mail too: proquo.com. It's actually free... Inquiry: I'm looking for some research that identifies a person's preference for maintaining their location privacy. For example, is there anything that indicates that people are willing to let strangers know where they are with an accuracy of x meters? Response: Check our December 2007 issue for some answers. When the public figure Jackie Kennedy Onassis complained in the 1970s about stalking on the streets of Manhattan by a paparazzi photographer, who claimed protection by his First Amendment right to gather news, a federal court successfully barred him from “approaching within 100 yards of the home of her and her children, 100 yards of the schools attended by the children; and at all other places and times 75 yards from the children and 50 yards from her.” A state law in Massachusetts prevents anti-abortion protesters from approaching within six feet of a person who is within an 18-foot zone around an abortion clinic. The U.S. Supreme Court has declined to question the constitutionality of this restriction. It has upheld a 36-foot demonstration-free zone in Florida. On Nov. 13, Massachusetts expanded the prohibition to a 35-foot zone. From Rob Mayer, University of Utah: There are several studies in the U.S. that document the prevalence and consequences of ID theft. Have similar studies been conducted in other countries, or is ID theft not much of a problem outside the U.S.? Response: You need a copy of our March 2005 issue in which we documented that ID theft is mainly a phenomenon in the U.S., and we explained why. Credit bureaus in other nations don't use a Social Security number or its equivalent to confirm identities in their files. "Identity Theft Happens Mainly in America," PJ Mar 05. From a Reader: The March 2007 issue of PRIVACY JOURNAL states, at the bottom of page 5, that the PATRIOT Act ". . . merely requires banks to have a credible program for verifying identities of its new customers." Could you provide a reference in the PATRIOT Act that supports your statement? I have been having trouble with Washington Mutual over their statement that the PATRIOT Act requires a copy of my driver's license in order to open an account. -- Dan Durham Lacey, WA Response: It's Section 326 of the Patriot Act. Go to 31 U.S. Code 5318 in a law library or online and scroll to Section l (as in the letter L). See the regulation under the law at http://www.ustreas.gov/press/releases/js335.htm. Banks have discretion, but showing a drivers license is only one way to confirm one's identity. A drivers license is not specifically required. From Julie Komenda, Florida: I am working on a bill currently stalled in the Florida Senate -no one wants it heard - concerning privacy and computer repair. Can you site specific examples of states with that are on the books already? My story is that instead of fixing my computer, Circuit City installed someone else's files on mine and wiped mine out. The person whose files were installed had also had her hard drive (with files intact) sold. Microsoft, Banking institutions, and the FL Retail Federation among others is making a huge lobbing effort to impede our progress. Senate Bill S0718 is stalled and if you can help, I'd appreciate it. I will be subscribing to your site but I am in a time crunch--James B Rule sent me. Thanks.
|
|