What kind of personal information should I never give out and what are exceptions?
August 31, 2006 3:15 PM Subscribe
What kind of personal information should I never give out and what are exceptions?
Things like social insurance number (Canada), bank account info, credit card info, etc.
For example if someone wanted to make a deposit into my account I would have to give them my bank account number, branch number etc. But is there something I should hold out on giving up so they don't have enough info to impersonate me?
I know that just my name and adress is enough for identity theft so in a perfect world I should be tight with what info I let out, but I wouldnt mind knowing what info or combinations of info I should never give to the same person...
Things like social insurance number (Canada), bank account info, credit card info, etc.
For example if someone wanted to make a deposit into my account I would have to give them my bank account number, branch number etc. But is there something I should hold out on giving up so they don't have enough info to impersonate me?
I know that just my name and adress is enough for identity theft so in a perfect world I should be tight with what info I let out, but I wouldnt mind knowing what info or combinations of info I should never give to the same person...
I make up fake cities for "where were you born". My mother also has a fictious name. I make up favorite colors. I try to be consistent. When I go to a store that insists on getting my phone number for some B.S. reason, I make one up.
Does it help? I don't know, but it seems safer.
posted by 6:1 at 3:54 PM on August 31, 2006
Does it help? I don't know, but it seems safer.
posted by 6:1 at 3:54 PM on August 31, 2006
Look at it from a data sales perspective. Certain data is valuable because it gives the data owner abilities they might not otherwise have.
Be careful of combinations that can uniquely identify anyone and thereafter be used to cross-correlate data with other databases: postal code + name, address + name, birthday + full name, name + mother's maiden name, and phone number + name. These are called "primary keys" or "alternate keys" in database lingo.
Be really careful of things that can be used as a way of stitching different user databases together easily: social security and social insurance numbers, driver license and national ID numbers, and, to a lesser extent, credit card and bank account numbers. These are called "foreign keys" in database lingo. Once a data owner has a Social Security Number hooked up to your user record, it makes all the data they have easy and profitable to sell to other people who have Social Security Numbers.
Either kind of data can be used to buy nearly everything else about you, these days, if someone wants it bad enough.
My ears tend to perk up when someone's asking for my Social Security Number when they don't need it.
posted by maschnitz at 3:56 PM on August 31, 2006 [1 favorite]
Be careful of combinations that can uniquely identify anyone and thereafter be used to cross-correlate data with other databases: postal code + name, address + name, birthday + full name, name + mother's maiden name, and phone number + name. These are called "primary keys" or "alternate keys" in database lingo.
Be really careful of things that can be used as a way of stitching different user databases together easily: social security and social insurance numbers, driver license and national ID numbers, and, to a lesser extent, credit card and bank account numbers. These are called "foreign keys" in database lingo. Once a data owner has a Social Security Number hooked up to your user record, it makes all the data they have easy and profitable to sell to other people who have Social Security Numbers.
Either kind of data can be used to buy nearly everything else about you, these days, if someone wants it bad enough.
My ears tend to perk up when someone's asking for my Social Security Number when they don't need it.
posted by maschnitz at 3:56 PM on August 31, 2006 [1 favorite]
When I go to a store that insists on getting my phone number for some BS reason, I make one up.
Me too. Especially for supermarket loyalty cards -- all the data for mine is bogus. But once, when I was annoyed that a department store (Macy) requested my SSN as part of an application for store credit, I made up a number; and the clerk typing in my form looked up from her terminal and told me that number wasn't correct, and waited for me to try again. (The second time, I got it right... but now, I seldom use that card.)
posted by Rash at 4:38 PM on August 31, 2006
Me too. Especially for supermarket loyalty cards -- all the data for mine is bogus. But once, when I was annoyed that a department store (Macy) requested my SSN as part of an application for store credit, I made up a number; and the clerk typing in my form looked up from her terminal and told me that number wasn't correct, and waited for me to try again. (The second time, I got it right... but now, I seldom use that card.)
posted by Rash at 4:38 PM on August 31, 2006
Rash: that was probably because SSN, SIN and credit card numbers can have a formula applied to them to see if they could be valid.
The formula for Canadian SIN's is available on the net quite openly, and I wrote a little java class to generate SINs in a few minutes. Actually validating the SIN with the federal government is rare, and unlikely at a POS or front end validation on a web form.
posted by utsutsu at 4:56 PM on August 31, 2006
The formula for Canadian SIN's is available on the net quite openly, and I wrote a little java class to generate SINs in a few minutes. Actually validating the SIN with the federal government is rare, and unlikely at a POS or front end validation on a web form.
posted by utsutsu at 4:56 PM on August 31, 2006
When I go to a store that insists on getting my phone number for some B.S. reason...
... I say, "No, you can't have my phone number." Works every time.
posted by frogan at 5:20 PM on August 31, 2006
... I say, "No, you can't have my phone number." Works every time.
posted by frogan at 5:20 PM on August 31, 2006
I say "Do I have to give it?" and they always say no. It's so that they can sell more stuff to you, but they say it like it's non-optional so you'll give it. I always have a second of doubt that it might be to verify my credit card, but that's silly, signature or zip code do that.
posted by crabintheocean at 7:32 PM on August 31, 2006
posted by crabintheocean at 7:32 PM on August 31, 2006
"Can I have your phone number?" "I don't have one."
I try desperately to not give out my year of birth or my mom's maiden name. SSN can be more difficult, since most credit cards require it as well as banks.
Also - be aware- when you file a lawsuit (or are sued), and the suit includes any personal info (SSN, DoB, etc.), if it is filed with the Court/Clerk, it becomes public record. (This is true in NYS. Not sure about other states or the feds, but I'd make the guess that it's pretty standard.) Hopefully now that this is way too easy to correlate someone will come up with a standard where you can redact it before it is filed publicly or somesuch.
posted by Meep! Eek! at 7:40 PM on August 31, 2006
I try desperately to not give out my year of birth or my mom's maiden name. SSN can be more difficult, since most credit cards require it as well as banks.
Also - be aware- when you file a lawsuit (or are sued), and the suit includes any personal info (SSN, DoB, etc.), if it is filed with the Court/Clerk, it becomes public record. (This is true in NYS. Not sure about other states or the feds, but I'd make the guess that it's pretty standard.) Hopefully now that this is way too easy to correlate someone will come up with a standard where you can redact it before it is filed publicly or somesuch.
posted by Meep! Eek! at 7:40 PM on August 31, 2006
Simplify: cut down to one card for credit card transactions, one card for debit card transactions, and cash. Pay cash if you wish to leave a smaller purchase "fingerprint." Otherwise pay debit or credit, whichever is (a) cheapest and (b) one you won't abuse.
posted by five fresh fish at 9:34 PM on August 31, 2006
posted by five fresh fish at 9:34 PM on August 31, 2006
And, er, why are you being commonly asked for private personal information? I can't remember the last time that happened to me. Probably a twenty years ago, getting a driver's license.
posted by five fresh fish at 9:36 PM on August 31, 2006
posted by five fresh fish at 9:36 PM on August 31, 2006
five fresh fish: And, er, why are you being commonly asked for private personal information?
Many credit card companies want the info to identify you, online or off. Ditto if you're using a bank. For the longest time my (medical) insurance carrier used our SSN as our account number, printed on the front of the card which was required to be shown, sometimes photocopied, every time you went to a doctor.
Your SSN and your mother's maiden name are often used as magic words to prove you're who you say you are. Why this is has long escaped me. Many, if not most, of the people you know will be aware of your birth date. Possibly your mother's maiden name. SSNs are really not that difficult to get a hold of if you really want them. With the advent of information sniffers and the internet, it's really time for a new system to be put into place, but old institutions and their patterns take forever to change.
posted by Meep! Eek! at 8:41 AM on September 3, 2006
Many credit card companies want the info to identify you, online or off. Ditto if you're using a bank. For the longest time my (medical) insurance carrier used our SSN as our account number, printed on the front of the card which was required to be shown, sometimes photocopied, every time you went to a doctor.
Your SSN and your mother's maiden name are often used as magic words to prove you're who you say you are. Why this is has long escaped me. Many, if not most, of the people you know will be aware of your birth date. Possibly your mother's maiden name. SSNs are really not that difficult to get a hold of if you really want them. With the advent of information sniffers and the internet, it's really time for a new system to be put into place, but old institutions and their patterns take forever to change.
posted by Meep! Eek! at 8:41 AM on September 3, 2006
This thread is closed to new comments.
posted by aye at 3:20 PM on August 31, 2006