The security regimes for personal interaction at some US financial institutions are instructive to where we can expect to go, since our illustrious government follows the US whether through the looking glass, off a cliff, or to a party, and legislates to enable or disable accordingly; deep concern for their donors and special interests not withstanding.
No particular point excepting prurient interest for ringing in, and that Experience 1 is illustrative of the differences in privacy and the pervasive information available to the public between the US and Australia. There are lots of US companies that will sell you a veritable lifetime dossier of personal information for a few tens of dollars, but never in a collection guaranteed to enable a bad person to respond to Experience 1.
Experience 1 - the process to speak with an agent includes entering the last 4 digits of the social security (tax) number and the last 4 digits of the account number. That matches to an account. Prior to actioning anything the agent presents multiple choice questions from âitems in the public or their own recordsâ. Over a few calls these included addresses from 1988, 1990,and 2015, year of birth, car make and model from 1996, mothers maiden name, and relativesâ first names. The randomness would likely stymie any but the most resolute well-studied imposters.
Experience 2 - as an opt-in, and after authoritatively establishing my identity to their satisfaction, their systems recorded a voice password, âAt [company name] my voice is my password.â When subsequently ringing in I enter my account number and say the phrase, and all is done. No voice password? Go through myriad questions every time you call.
Experience 3 - if the caller-id matches the number of record and you correctly enter the last digits of your social security number, you are in.
If caller-ID doesnât match or shows âprivate numberâ they augment their routine security questions with some about the account such as last transactions, balances, when opened, and so on.
Any readers live in Canberra - this topic started by @PhilT seemed like a bit of an orphan even though it brought up one of my favourite topics - privacy - now I donât actually believe it exists anymore, at all, but thats not to say I donât wish it did, and while I hold that view Iâm not going to mock people who want more, I just think the battle is (all but) lost âŠ
On to the article I read earlier - I suspect a bit of a beat up but none the less its an interesting topic - and of course whoâs to say what is actually behind it, or who is actually behind it
This thread has not been very popular, but with related threads about privacy in the My Health Record fiasco and others, this related exposure by a Qld policeman, and the Qld government response to a suit, should be concerning.
Combining the last two stories ⊠there are positive aspects of a âcatastrophicâ destruction of data. For the majority of users of that service no doubt it was negative but for some it was a positive because that puts the data beyond a subpoena from the courts, beyond coercion from the government. In the absence of a right to forget, a right to delete, catastrophic destruction may be the only way.
A huge failure by Labor to stop legislation when they could and I would say should have. If it was so important to address the issues then it should have been done right then or it should have never got through. I think the broad powers that the law allows was the intended aim from the beginning and like any promises in politics it was only a good promise until the words left the mouth of the one saying it.
Not to forget that their primary motivation in not blocking this obscene legislation was in order to win the next election. How did that work out for them? Lose-lose. They lost. We lost.
Itâs only gone from the perspective of VFEmail - probably still archived/indexed/whatever by âothersâ
Iâm not sure any side of politics wants to in any way limit their ability to gather information - those that truly claim to just havenât been convinced yet âŠ
Itâs just a concept. Always has been, to one degree or another, but no more so than now - and the wedge is getting thinner. Just laugh, âthis wonât hurt a bitâ âŠ
Nothing to see here!
Which are reassuring words when coming from the Gastroenterologist, ( gap payment excluded)!
But perhaps less reassuring when spoken by a government, (privacy excluded).
P.S.
I donât believe MyHealth is sophisticated enough to hold video records. However there are always other concerns re how each practice protects and shares records.
For just $US60, a company registered in New York state is selling the data of over 2,000 Australian women who have signed up for online dating services.
Here is another aspect. Identity theft does not seem to be high on the governmentâs agenda, but how about when government applies the wrong identity (eg it is not stolen)? Apparently a government apology for staff not properly identifying two similarly named and aged women is enough to make it âIâm all right, no worriesâ so no problems for them. One has to wonder how much information about âthe otherâ went to âthe otherâ in one way or another.
It makes the concept of privacy curious in this and similar cases, and it appears government continues to struggle to get it right, at the citizenâs inconvenience and expense.
One would think that if the âsystemâ has two people with the same names and DOB, that they would interrogate personal data further to ensure that they were speaking to the right oneâŠsuch as asking for postal address, tax file number etc. Such would preserve oneâs uniqueness.
Yes, which is the problem. They want us to think that regardless of what they apparently do not do. I had a TFN back in the 70âs and went back to the US for ~27 years. When I returned in 2002 I needed a TFN and filled out the form that I had one but did not know the number.
The ATO rang and asked what my last address was in the 1970âs. I got the city correct but not the street address. Their conclusion was my name is uncommon and thus close enough was good enough and I was reunited with my original TFN. But rather than ask me questions for my answer they provided the answer and asked if it might be right. Top security, that approach, not.