Privacy and Security - In the Public Record

The security regimes for personal interaction at some US financial institutions are instructive to where we can expect to go, since our illustrious government follows the US whether through the looking glass, off a cliff, or to a party, and legislates to enable or disable accordingly; deep concern for their donors and special interests not withstanding.

No particular point excepting prurient interest for ringing in, and that Experience 1 is illustrative of the differences in privacy and the pervasive information available to the public between the US and Australia. There are lots of US companies that will sell you a veritable lifetime dossier of personal information for a few tens of dollars, but never in a collection guaranteed to enable a bad person to respond to Experience 1.

Experience 1 - the process to speak with an agent includes entering the last 4 digits of the social security (tax) number and the last 4 digits of the account number. That matches to an account. Prior to actioning anything the agent presents multiple choice questions from ‘items in the public or their own records’. Over a few calls these included addresses from 1988, 1990,and 2015, year of birth, car make and model from 1996, mothers maiden name, and relatives’ first names. The randomness would likely stymie any but the most resolute well-studied imposters.

Experience 2 - as an opt-in, and after authoritatively establishing my identity to their satisfaction, their systems recorded a voice password, “At [company name] my voice is my password.” When subsequently ringing in I enter my account number and say the phrase, and all is done. No voice password? Go through myriad questions every time you call.

Experience 3 - if the caller-id matches the number of record and you correctly enter the last digits of your social security number, you are in.

If caller-ID doesn’t match or shows ‘private number’ they augment their routine security questions with some about the account such as last transactions, balances, when opened, and so on.

3 Likes

Any readers live in Canberra - this topic started by @PhilT seemed like a bit of an orphan even though it brought up one of my favourite topics - privacy - now I don’t actually believe it exists anymore, at all, but thats not to say I don’t wish it did, and while I hold that view I’m not going to mock people who want more, I just think the battle is (all but) lost …

On to the article I read earlier - I suspect a bit of a beat up but none the less its an interesting topic - and of course who’s to say what is actually behind it, or who is actually behind it :wink:

3 Likes

This thread has not been very popular, but with related threads about privacy in the My Health Record fiasco and others, this related exposure by a Qld policeman, and the Qld government response to a suit, should be concerning.

5 Likes

It would be very interesting to hear the justification Queensland Police used not to press charges …

3 Likes

A different aspect of security (and a good reason not to rely on anyone but yourself to maintain your information).


Where I can’t avoid IMAP, I set up my email client to download copies of emails.

4 Likes

The Guardian is on the ball with this… what privacy is that again?

4 Likes

Combining the last two stories … there are positive aspects of a “catastrophic” destruction of data. For the majority of users of that service no doubt it was negative but for some it was a positive because that puts the data beyond a subpoena from the courts, beyond coercion from the government. In the absence of a right to forget, a right to delete, catastrophic destruction may be the only way. :slight_smile:

1 Like

A huge failure by Labor to stop legislation when they could and I would say should have. If it was so important to address the issues then it should have been done right then or it should have never got through. I think the broad powers that the law allows was the intended aim from the beginning and like any promises in politics it was only a good promise until the words left the mouth of the one saying it.

4 Likes

Not to forget that their primary motivation in not blocking this obscene legislation was in order to win the next election. How did that work out for them? Lose-lose. They lost. We lost.

4 Likes

It’s only gone from the perspective of VFEmail - probably still archived/indexed/whatever by ‘others’ :slight_smile:

I’m not sure any side of politics wants to in any way limit their ability to gather information - those that truly claim to just haven’t been convinced yet …

It’s just a concept. Always has been, to one degree or another, but no more so than now - and the wedge is getting thinner. Just laugh, ‘this won’t hurt a bit’ …

4 Likes

I suppose that includes the video of my recent colonoscopy?
The suggestion is there is no desire to limit what is gathered. Perhaps there is one?

Hopefully they find it more pleasurable a production than the patient did?

2 Likes

Seriously - nothing would surprise me, with ‘My Health Record’ etc. As an aside, I hope the outcome was good or at least manageable for you …

1 Like

Thank you for the concern.

Nothing to see here!
Which are reassuring words when coming from the Gastroenterologist, ( gap payment excluded)!
But perhaps less reassuring when spoken by a government, (privacy excluded).

P.S.
I don’t believe MyHealth is sophisticated enough to hold video records. However there are always other concerns re how each practice protects and shares records.

2 Likes

This is almost funny, in a dark sort of way. I posted it here because it is much broader than Huawei’s problem with the US.

5 Likes

For just $US60, a company registered in New York state is selling the data of over 2,000 Australian women who have signed up for online dating services.

4 Likes

Here is another aspect. Identity theft does not seem to be high on the government’s agenda, but how about when government applies the wrong identity (eg it is not stolen)? Apparently a government apology for staff not properly identifying two similarly named and aged women is enough to make it “I’m all right, no worries” so no problems for them. One has to wonder how much information about ‘the other’ went to ‘the other’ in one way or another.

It makes the concept of privacy curious in this and similar cases, and it appears government continues to struggle to get it right, at the citizen’s inconvenience and expense.

3 Likes

One would think that if the ‘system’ has two people with the same names and DOB, that they would interrogate personal data further to ensure that they were speaking to the right one…such as asking for postal address, tax file number etc. Such would preserve one’s uniqueness.

2 Likes

Yes, which is the problem. They want us to think that regardless of what they apparently do not do. I had a TFN back in the 70’s and went back to the US for ~27 years. When I returned in 2002 I needed a TFN and filled out the form that I had one but did not know the number.

The ATO rang and asked what my last address was in the 1970’s. I got the city correct but not the street address. Their conclusion was my name is uncommon and thus close enough was good enough and I was reunited with my original TFN. But rather than ask me questions for my answer they provided the answer and asked if it might be right. Top security, that approach, not.

4 Likes

Don’t worry, soon you will be microchipped with your TFN. Problem solved. :slight_smile:

2 Likes

Will that be read by a Chinese or American device? :rofl:

2 Likes