<div dir="auto"><div><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Dec 18, 2019, 11:16 AM Alvin Starr <<a href="mailto:alvin@netvel.net" rel="noreferrer noreferrer" target="_blank">alvin@netvel.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
On 12/18/19 7:48 AM, Russell Reiter wrote:<br>
<blockquote type="cite">
<div dir="auto">
<div dir="ltr">
<div dir="auto">
<div>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Tue, Dec 17, 2019,
2:57 PM Alvin Starr via talk <<a href="mailto:talk@gtalug.org" rel="noreferrer
noreferrer noreferrer noreferrer noreferrer" target="_blank">talk@gtalug.org</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div> On 12/17/19 2:27 PM, Russell Reiter via talk
wrote:<br>
[snip]<br>
<blockquote type="cite">
<div dir="auto">
<div>
<div class="gmail_quote"><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <br>
| I wonder why, especially in this data
stealing age, the practice is not firmly<br>
| against the law?<br>
<br>
Yes. And the boundaries clearly marked.<br>
</blockquote>
</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">The problem is that its a matter
of private law. The government would
essentially fetter itself if it actually made
it illegal for you to give out your SIN
voluntarily. This might be the case in
settlement if someone has sued you, won and
now has the right to a full accounting of your
income and assets. </div>
<div dir="auto"><br>
</div>
<div dir="auto">Enforcing laws is expensive and
there is a threshold which is bounded by
economy of scale. As a general matter of
private law, caveat emptor (let the buyer
beware) is the rule.</div>
<div dir="auto"><br>
</div>
<div dir="auto">Its kind of like the government
is a national park with a grand canyon running
through it. The can put up signs which say
don't get too close to the edge or you may
fall in but they can't really stop you from
jumping off the edge. </div>
<div dir="auto"><br>
</div>
<br>
</div>
</blockquote>
Its not that I was giving out my SIN voluntarily. It
was a requirement of getting service from a telecom
provider.<br>
Yes I could have refused to fill out the the
application and walked out of the store.<br>
But then I would not have had the telecom service
that I needed at the time.<br>
</div>
</blockquote>
</div>
</div>
</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">Yes you did volunteer the information when they
asked for it. The law presumed you have a choice in the
matter. There are enough providers who don't collect SIN
numbers that you could have used one of them. You jumped into
the canyon by wanting services immediately. There is an old
saw that says decide in haste, repent at leisure. </div>
<div dir="auto"><br>
</div>
<div dir="auto">The law of contracts is offer and acceptance.
Getting a cell phone contract is not the same as applying for
a loan. The business may do a credit check and withdraw the
offer if you don't meet a credit threshold, but they don't
need a SIN number to do that. However having the SIN it makes
it easier for them to get access to your funds through the
court system if you owe them a significant debt.</div>
</div>
</blockquote>
Here is a bit of a thought experiment.<br>
<br>
Lets say I am interviewing to hire someone.<br>
I ask the person for sexual favors to get the job.<br></div></blockquote></div></div><div dir="auto"><br></div><div dir="auto">If you are a corporate employee that is grounds for sanction. You expose them to a lawsuit for sexual harassment. If you are a sole or small business proprietor, that's just plain creepy.</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
If they say yes then they have accepted my offer and we have a
contract.<br></div></blockquote></div></div><div dir="auto"><br></div><div dir="auto">This kind of agreement is not supported under contract law and the courts are enjoined to respect that fact and they cannot enforce it's terms.</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
So its a lawful transaction and the person providing the favors has
little right to suffer buyers remorse following your logic.<br>
As distasteful as the above example may be, it may still be legal.<br>
<br>
<br>
Contracts are funny things.</div></blockquote></div></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
<br>
Clearly if you beat someone to force them to sign a contract, the
agreement is unenforceable.<br>
If I gently say "Oh come on its a good deal" then likely the
contract would stand.<br>
Where is the line between force and gentle coercion, then add into
that a power imbalance.</div></blockquote></div></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
<br>
<br>
<br>
<blockquote type="cite">
<div dir="auto">
<div dir="ltr">
<div dir="auto">
<div dir="auto">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div> <br>
So now the Telecom provider has my SIN.<br>
Are they free to use as they wish?<br>
</div>
</blockquote>
</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">No, they have a fiduciary duty to you to
protect that sensitive information. It was collected as a
kind of trust article. <br>
</div>
</div>
</div>
</div>
</blockquote>
The only fiduciary responsibility is to the shareholders.<br>
Short of committing premeditated murder there is little that can
pierce the corporation other than doing something that deliberately
dis-advantages the shareholders.<br>
<br></div></blockquote></div></div><div dir="auto"><br></div><div dir="auto">A corporation has a fiscal responsibility to shareholders, they have fiduciary obligations to all the person's they contract with.</div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
<br>
<blockquote type="cite">
<div dir="auto">
<div dir="ltr">
<div dir="auto">
<div dir="auto"><br>
</div>
<div dir="auto">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div> Could they use it as my client ID and paste it
on the front the bills they send out to me?<br>
</div>
</blockquote>
</div>
</div>
</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">I think if they did that you could sue for
injunctive relief, assuming that they didn't reveal that was
their contractual policy at the outset. It would be on your
copy of the contract if they did.</div>
</div>
</blockquote>
It was an a bit of an extreme example but the point to be made is
what are the limits of the businesses use of that personal
information.<br>
<br>
Yes there is always the remedy of legal action but that in general
only happens long after the damage is done.<br>
<br>
<blockquote type="cite">
<div dir="auto">
<div dir="ltr">
<div dir="auto">
<div dir="auto">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div> <br>
Part of my concern was that enough personal
information for someone to completely steal my
identity was provided to a call center in a third
world country with little or no oversight.<br>
</div>
</blockquote>
</div>
</div>
</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">You don't have to live in a marginalized area of
the world to suffer from a lack of oversight in your own
actions. Just saying ...</div>
</div>
</blockquote>
I never actually said that I was hard done by or that I was taken
advantage of.<br>
My point is that the personal information gleaned is being badly
handled.<br>
Just saying ...<br>
<blockquote type="cite">
<div dir="auto">
<div dir="auto"><br>
</div>
<div dir="auto">How did that happen? You purchased the service
from a brick and mortar location, in Canada I presume.
Accounting and financial data are different than technical and
service information. It would be highly unlikely that a
service technician or even a first tier collection
representative would have access to your complete data file.</div>
</div>
</blockquote>
This was first tier support person who was asking for my SIN as a
proof of who I was.<br>
The information he had included my address, account information,
past bills and my SIN.<br>
The first questions were about my invoice/account and since I was on
a train I had not access to that information at which point I was
asked for my SIN.<br>
The conversation stopped quickly at that point because there was no
way I was reading out my SIN in a crowded public location over a
phone.</div></blockquote></div></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
<br>
This event occurred several(5-10) years after the initial purchase
through a bricks and mortar reseller.<br>
<br>
So if you believe that the first person you speak to on the phone at
Bell,Rogers et al does not have ALL your personal details on the
screen in front of them you are sadly mistaken.</div></blockquote></div></div><div dir="auto"><br></div><div dir="auto">I would hope, for billing and service inquiries, they would have all the personal information I provided to them. I wouldn't give my SIN to a phone provider tho. I don't ever remember giving it out to get a landline or cable service and the agents I use now never have asked me for a SIN in order start services.</div><div dir="auto"><br></div><div dir="auto"></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
<br>
<br>
<blockquote type="cite">
<div dir="auto">
<div dir="ltr">
<div dir="auto">
<div dir="auto">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div> <br>
The carrier should have an obligation of care with
my information.</div>
</blockquote>
</div>
</div>
</div>
</div>
<div dir="ltr">
<div dir="auto">
<div dir="auto">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div> But the only obligation that the carrier has is
to maximize the shareholder value.</div>
</blockquote>
</div>
</div>
</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">Cybercare of personal information starts with
the individual, unfortunately it's all downhill from there.</div>
<br>
</div>
</blockquote>
That is true and this was something like 30 years ago I was much
more naive then.<br>
<br>
The environment has changed in the intervening time.<br>
When I was a child access to personal information was controlled by
physical access to paper and security was a matter of locks and
keys.<br>
The rules around information protection are woefully inadequate in
today's hyper connected environment. </div></blockquote></div></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
<br>
For example I later this morning will need to start looking at what
of my information LifeLabs has leaked.</div></blockquote></div></div><div dir="auto"><br></div><div dir="auto"><span style="font-family:sans-serif">As you say times have changed. I only recently found out, in the recent past, that they don't even issue replacement SIN cards anymore. </span><br></div><div dir="auto"></div><div dir="auto"></div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
<br>
<pre cols="72">--
Alvin Starr || land: (647)478-6285
Netvel Inc. || Cell: (416)806-0133
<a href="mailto:alvin@netvel.net" rel="noreferrer noreferrer noreferrer" target="_blank">alvin@netvel.net</a> ||
</pre></div></blockquote></div></div><div dir="auto">--</div><div dir="auto">Russell</div><div dir="auto"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><pre cols="72"></pre>
</div>
</blockquote></div></div></div>