Want Your Personal Data? Hand Over More Please

Last November, I followed the Times' tip and requested my "Secret Score" from Sift.com. ["I Got Access to My Secret Consumer Score. Now You Can Get Yours, Too." (NYT, November 4, 2019] Your reporter didn't mention Sift's insistence that I first submit two facial photos taken on my iPhone while it was linked to its site — one capturing a neutral expression, the other depicting surprise — along with a shot of my drivers license. I was assured that my facial recognition images would be deleted in 24 hours. How they would be used or shared within that window remains vague, along with whatever other data Sift may have glomed onto while in my phone. Your reporter was sent some 400 pages. I received little more than a single page, mostly from the company handling my auto loan, apparently for their protection against fraud. All of the data was in code — long strings of indecipherable digits. Sift did not respond to my email request for clarification. Bottom line: It seems absurd that being online since 1985 would yield so little data, but learning that cost me facial recognition images that might remain linked to verified data for the rest of my life. I have compromised myself by surrendering virtual mug shots in a quest for transparency. It's not a good feeling.

When attempting to claim my rights under the bee California law I too found I was being required to submit government issued ID's and personal photographs along with other information like account numbers and log in info. I didn't comply. This law was written by big data lobbyists trying to head off a vote of the people by ballot initiative. Since the legislature these lobbyists have purchased made it virtually impossible to claim our rights, it's time for that ballot initiative to be resurrected and to go forward. We cannot trust big data or our elected representatives so we'll have to do it ourselves.

I would love to see some "templates" with the bulletproof wording to use to make requests for implementing the new CA privacy law. For example, I wanted to quit Grubhub but they "deactivated" me instead (and even that was not easy which only made me want to sever ties even more). So what kind of letter do I need to send them to cancel my account and delete all my information? I have been looking for templates and not finding anything. I agree with other posters, that the bar for deleting info should be much lower than the bar for getting info; should have been done already when I requested my account be canceled. Frustrating.

There needs to be a kiosk with an actual person. You show your identification to that person. They release the information to you. Never upload personal documents. Never let anyone scan your ID.

See http://solutionsny.nyc/privacy.html for a real privacy proposal. If enacted, this law would make all personally identifiable data about a person that person's private property. It would prohibit virtually all of the multiple objectionable practices that businesses engage in today.

Until we hold our politicians accountable for failing to pass a universal privacy law banning unwarranted surveillance, not much is going to change.

Asking-more-data-to-delete-data is a form of "dark pattern". It isn’t new or specific to CCPA/GDPR. If you’ve ever typed your name into a search engine you will have found endless "data brokers" making the very same sort of demands to erase you from their lists. I must say, smiling for the camera is quite the novel indignity. Make no mistake, these people know exactly what they are doing. It is a blatant attempt at following the letter of the law while spitting on its spirit. Want to avoid giving away information to the right people? Fine, make reasonable efforts to identify a person if they do a data request. But if they ask for data deletion you need to ask for less, not more. Generating brand-new ways to data-mine folks just when they are trying to quit this insanity needs to be criminalized.

A friend in the IT business told me how to get around this. He uses Apple at home for almost everything. BUT here is the clincher, he bought a inexpensive laptop with Google Chjrome installed. He and his wife only use that computer for any type of social media. They have also established email address that are not conected to them. How? Use a web based email service, make up a fake name and use pre-paid credit cards or purchase gift cards and never use your real name. They use a VPN and use a different router than the one they use with their Apple computer. [ they asked a neighbor if they could use their router, IP address, and she said sure ] Never log onto those accounts from your other good computer. They seldom even ever look at the email they get on those accounts. They just delete it all. This really does not give the data miners any really useful information, except on these made up people. It took them less than a day to set it al up. So, media marketers, advertisers and what not. Not everything you have is real. It is very fake with this couple. And companies, how do you know the data you are buying is real? You are wasting money on these fake people. And there are many others who have figured out ways to protect themselves. And when I try to correlate say sales with "hits" or usage of your web site, you are just giving your money to these people. Hits, viewers, followers does not equal sales or revenue.

“A lot of people don’t want to give more information,” Mr. Kirkham said. “Their assumption is that you will do something nefarious with it.” That, or you will end up losing it when you get hacked like Equifax.

We need to outlaw collecting the data in the first place. This is ridiculous.

So much of our information is already out there and that genie cannot be put back into the bottle. What we need are MUCH stronger laws holding companies accountable when they misuse or lose that information. When a company such as Equifax is hacked and loses personal information, they should be strictly liable for all consequential damages and expenses incurred to fix the problem and protect everyone affected. Money is the only thing businesses understand.

The company named Sift is one of these companies demanding photo ID and 3 photographs of your face. They then claim to have no data. They have no telephone contact, only email. Their website indicages one can establish an account, yet one cannot. I've turned them over to CA's Attorney General!

Between the intrusive constitutional violations that we are forced by corporations to accept to be a part of the modern economy, and the unaccountable credit bureaus who’s black box ratings can literally leave a person homeless, we find ourselves in 2029 living in a society that is more similar to China than it is to Norway or Denmark.