Hey, don't you people have private information laws that deal with this sort of 
stuff?

In europe, someone can't store your private information if you haven't 
explicitly allowed its storage and usage 
scenarios, let alone send it to third party.

Also, they have responsibility to keep your data secure.

There is even an agency to which you can report about possible violations of 
those laws that supposedly goes on 
inspections. I'm not sure how well this is handled in reality. I should do an 
experiment on this by reporting 
myself, but in any case, I use it to harrass people in situations like yours 
with no problems.

* Thor (Hammer of God) (t...@hammerofgod.com) wrote:
> I found this interesting, so I thought I would share it.
> 
> Over the last few years I had amassed quite a number of various gaming system 
> games that I never used anymore (if at all) so I decided to trade them in at 
> Best Buy (they do this for store credit).  Though $3 for a $50 game wasn't 
> exactly attractive, I figured I could get a free Blue Ray out of it, so why 
> not.
> 
> I showed up with a stack of games, and sat at the counter for about 30 
> minutes while the guy individually entered each title, catalog number, etc 
> for each game.  After all that, he finally said that he needed to see my 
> driver's license in order to give me my $73 credit.  I always question this 
> type of thing, so asked him why.  "In case these were stolen" he says, going 
> on to say it is store policy.  Whatever, I think, so I give it to him.  He 
> doesn't just look at it, but starts entering my info into the system - I 
> didn't care because it was an out-of-state license, but didn't like that he 
> was actually entering it into the system.
> 
> He then notices that my license had expired a month earlier.  I actually knew 
> this, but wasn't going to offer it up.  He says he can't take it, and I give 
> the obligatory "I'm not driving in the store, I'm just giving you games" bit 
> and the "it was me a month ago, so what difference does it make now" pitch.  
> He goes asks the manager, and sure enough, they can't take it because it is 
> expired.
> 
> So this is the point where I really start to wonder and ask more questions 
> about what difference it makes.  He then tells me that the reason he has to 
> enter so much information, including each individual title and UPC, is 
> because they have to send all this information to the Seattle police in case 
> any of the titles I turned in were reported stolen by someone.  I asked how 
> they expected to match up a stolen title with a redeemed one short of putting 
> 5 "Pimp My Ride" games in a line-up for identification, and of course the kid 
> didn't know and didn't care.  I then pointed out that even if I did steal it, 
> if the cops came around looking for it, I wouldn't have it anymore anyway 
> because it would be in the Best Buy warehouse.  More not caring.
> 
> While the overall process of wasting police resources on tracking games that 
> might have been stolen seems like a complete waste of time and money, what 
> really concerned me is that Best Buy was going to send my personal 
> information over to the police without disclosing anything to me.  There was 
> no mention of it anywhere, no fine print, nothing.  Had my license not been 
> expired, that info (which they would not have had) would be put into the 
> public system, and there would be no way I could control the information or 
> what they did with it.  This would have been particularly bad if I had to 
> explain why I had a copy of "Barbie's Horse Adventure" at some point.
> 
> As far as profiling is concerned, you would think they would be more 
> interested in the fact that I was going to use the $73 credit towards the 
> purchase of a couple of seasons of Dexter, but I have no way of knowing that 
> they wouldn't have sent this information anyway.  It begs the question as to 
> what other information Best Buy is sending to whom, and what kind of privacy 
> rights I am implicitly giving up by shopping there.  If they can report 
> personal information to government agencies without my knowledge, approval, 
> or any sort of notification, and in this case collected the information for 
> the explicit purpose of doing so, why else are they collecting?
> 
> AFAIAC, there is something seriously wrong with this.  Anyway, I thought I 
> would share this in case anyone found it interesting.
> 
> T
> 
> There's no reason to think "outside the box"
> If you don't think yourself into it.
> 

-- 
PGP 0x96085C00 http://lesh.sysphere.org

Attachment: pgpQVVl1cwWK2.pgp
Description: PGP signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Reply via email to