An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Topic Options
#42747 - 11/13/16 12:36 AM Cell/Smartphone Dangers
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||

Top
#42748 - 11/13/16 01:05 AM Re: Cell/Smartphone Dangers [Re: grelber]
artie505 Online


Registered: 08/04/09
Originally Posted By: NY Times
Yet the cellphone number is not a legally regulated piece of information like a Social Security number, which companies are required to keep private.

It never fails to amaze me that every tax and financial document I get displays only the last 4 digits of my Social Security number with the SOLE exception the 1099 I get from the Social Security Administration, which displays my entire number.

And further, Medicare cards also display their holders' entire SSNs, thereby putting seniors, who are most at risk of identity theft, at even greater risk.

Why isn't the government, too, required to protect Americans? (Yes, I've written to my elected officials. frown )
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#42749 - 11/13/16 01:53 AM Re: Cell/Smartphone Dangers [Re: grelber]
artie505 Online


Registered: 08/04/09
I've decide that appearing to wear my heart on my sleeve is a more viable approach to my personal privacy than is running a plethora of apps and ignoring reality.

So much of my personal data was collected before I began running privacy apps that the best I can do at this point is slow the hemorrhaging, which I don't believe can ever be stanched (and under any circumstances, I've never gotten the feeling that my data has been used to target me).

When the world thinks your life is an open book, you've got a secret, invisible wall behind which to hide those chapters you don't want written into the record - think, as do felons, terrorists, etc, throwaway phones and Tor - whereas when your entire life is hidden, people automatically wonder what you're hiding.

Edit: Not to say that I ignore privacy/security, rather I just don't go to extreme lengths to implement it.


Edited by artie505 (11/13/16 02:32 AM)
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#42750 - 11/13/16 03:30 AM Re: Cell/Smartphone Dangers [Re: artie505]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
Originally Posted By: artie505
... Medicare cards also display their holders' entire SSNs, thereby putting seniors, who are most at risk of identity theft, at even greater risk.

In Canada it is pretty much verboten for anyone other than financial agencies (including agencies such as the Canada Revenue Agency and the Canada Pension Plan) to ask for, much less demand, a person's Social Insurance Number (equivalent to the SSN in the US) — and that goes especially for health card ID. Of course, if you choose to give away that information, you may do so.

Top
#42751 - 11/13/16 07:27 AM Re: Cell/Smartphone Dangers [Re: artie505]
ryck Online


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: artie505
So much of my personal data was collected before I began running privacy apps that the best I can do at this point is slow the hemorrhaging, which I don't believe can ever be stanched (and under any circumstances, I've never gotten the feeling that my data has been used to target me).

That's what I figure. And it's underlined by the thought that bad guys were likely already doing what bad guys do, before we knew they were doing it. Like you, I haven't had any experience that would indicate they have my critical information.

Once people understand the environment, they must treat their on-line activities, phone usage and implementation of household internet-related devices, et cetera, the same as they treat any seemingly innocuous activity - there is always the possibility of danger, so take precautions.

I think of it as the digital equivalent of crossing the street. You look both ways before you make your move.


Edited by ryck (11/13/16 07:30 AM)
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS High Sierra 10.13.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Time Machine on 320GB OWC Mercury OTG Pro
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#42752 - 11/13/16 12:56 PM Re: Cell/Smartphone Dangers [Re: artie505]
joemikeb Online
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: Artie505
It never fails to amaze me that every tax and financial document I get displays only the last 4 digits of my Social Security number with the SOLE exception the 1099 I get from the Social Security Administration, which displays my entire number.

And further, Medicare cards also display their holders' entire SSNs, thereby putting seniors, who are most at risk of identity theft, at even greater risk.

Why isn't the government, too, required to protect Americans? (Yes, I've written to my elected officials.

You are probably too young to remember the vigorous debates in congress and in the press when the law was passed prohibiting the use of the social security number for a customer identification number. Medical records and tax records were specifically exempted from that law because of the absolute necessity of having a unique personal identifier. Medicare is NOT exempt from the requirements of that law. However, because of the immense burden and cost of re-issuing Medicare cards and changing all of the medicare health records, they were permitted to get away with adding a code letter to the SSN and saying that was sufficiently different to pass muster under the law. 🤔

At the same time the U.S. military, which prior to that point had its own system of unique identifying numbers, elected to switch to using the SSN with alpha prefix and suffix characters so that like the Medicare numbers it was technically different from the SSN although the SSN is a clearly identifiable component. 🤔🤔

Many institutions use a combination of first and last name and date-of-birth as a unique identifier, which usually is unique in a small enough population The larger the population the greater the odds of duplication. My name is not John Smith but at various times I have...
  • been arrested because someone who worked for the same company I did was wanted by the police in another state.
  • been denied a mortgage because a man in the same county with the same name had been assessed a multi-million dollar judgment for fraud
  • had to use my middle name for a hospital admission becausee there was another patient in the same hospital with my first and last name and date of birth. (Only one of us survived to be released).

I am convinced...
  1. a single unique identifying number is by definition a financial and security risk
  2. an absolute unique identifier is essential to health and safety in modern society
  3. the requirements of 1 and 2 are at odds with one another
  4. the only plan I have heard of that might be more secure (an un-modifiable chip embedded in the body) has privacy and other implications that may well exceed the benefits
_________________________
joemikeb • moderator

Top
#42756 - 11/15/16 05:19 AM Re: Cell/Smartphone Dangers [Re: grelber]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
Originally Posted By: grelber
In Canada it is pretty much verboten for anyone other than financial agencies (including agencies such as the Canada Revenue Agency and the Canada Pension Plan) to ask for, much less demand, a person's Social Insurance Number (equivalent to the SSN in the US) — and that goes especially for health card ID. Of course, if you choose to give away that information, you may do so.

iirc, the same basic laws exist in the USA. Years ago, when social security was new, the government drilled it into your head. There are only four people that need your SSN besides the government: (1) the person that does your taxes if you don't do them yourself, (2) your banker (and by extension anyone that does bank-liken business, like your stock broker, credit card company, that has to report income to the feds), (3) your employer (again for income reporting) and (4) your lawyer. Federal law prohibits anyone from being denied service for failure to disclose your SSN to them. They can ask, but you don't have to give, and they can't deny you service as a result.

Right now the only "fringe case" that I know of is credit report. If you want to get credit, you really need to provide your SSN. You can decline, and they WILL try to run a credit check on you, but you are guaranteed to get a fairly low number returned as a result. Your credit history is tied (via the banks and credit card companies, above) to your SSN so they have no other easy way to access your credit data. But in many of those cases they're going to be entitled to get your SSN anyway (if applying for a credit card for example) so it's not too surprising.

Story time: I was with my grandmother one day many years ago when we were at a clothing store, and as she was making her purchase they of course offered her a store credit card. She filled out the app and left the SSN field blank, just like she was taught so many years ago. This really threw the young checkers for a loop, and they went back and forth for some time arguing over it, insisting that was required to issue her a store card. Finally they were on the phone with corporate, and a few transfers later they learned that no, they cannot legally require her to give her SSN. They weren't running a credit report - they'd give a store charge card to pretty much anyone that applied. They had to dig into the rulebook on their end and were surprised to find they had this scenario planned for. They ran a program on their end that generated a unique number to use in place of the SSN. This was the first time anyone involved that day had encountered this scenario. Everyone there up to that date had just willingly given their SSN to the department store, which was totally unnecessary.

So I got to thinking about that. I looked at my drivers license. My license number WAS my SSN. And this is the ID that people were starting to ask for for stuff. Several places I'd written a check to wanted to see my drivers license before accepting the check. Most of them wrote something down off it onto my check. I realized at that time they were recording my SSN. **mind blow** Technically they could not legally require my SSN as a condition to accepting my check, but they COULD require me to show them my ID, which had my SSN on it...... hmf.

I asked the DMV next time I was in there and they said they could, on request, generate a unique number to use in place of my SSN on my drivers license. By the time it came around for renewal though, they were issuing those numbers to everyone, so no one's license had their SSN on it. I looked around and found that MOST states were doing that, but a few at that time were still using your SSN for your DL number. I think this was about the time that identity theft was just getting onto everyone's radar.
_________________________
I work for the Department of Redundancy Department

Top
#42812 - 11/20/16 01:44 AM Re: Cell/Smartphone Dangers [Re: joemikeb]
artie505 Online


Registered: 08/04/09
Originally Posted By: joemikeb
Originally Posted By: Artie505
It never fails to amaze me that every tax and financial document I get displays only the last 4 digits of my Social Security number with the SOLE exception the 1099 I get from the Social Security Administration, which displays my entire number.

And further, Medicare cards also display their holders' entire SSNs, thereby putting seniors, who are most at risk of identity theft, at even greater risk.

Why isn't the government, too, required to protect Americans? (Yes, I've written to my elected officials.

You are probably too young to remember the vigorous debates in congress and in the press when the law was passed prohibiting the use of the social security number for a customer identification number. Medical records and tax records were specifically exempted from that law because of the absolute necessity of having a unique personal identifier. Medicare is NOT exempt from the requirements of that law. However, because of the immense burden and cost of re-issuing Medicare cards and changing all of the medicare health records, they were permitted to get away with adding a code letter to the SSN and saying that was sufficiently different to pass muster under the law. 🤔

At the same time the U.S. military, which prior to that point had its own system of unique identifying numbers, elected to switch to using the SSN with alpha prefix and suffix characters so that like the Medicare numbers it was technically different from the SSN although the SSN is a clearly identifiable component. 🤔🤔

I'm old enough to have ignored those debates as having been inconsequential other than in their ultimate effect on my life.

1. There's absolutely no reason why a 1099 from the Social Security Administration needs to include your full SSN; they just couldn't be bothered with caring about the people whom they're supposed to care for.

2. Granted that reissuing all existing Medicare cards would have been an immense burden, not to mention the fact that the process would have been susceptible to all sorts of glitches that would have messed up people's lives, but I don't see any reason for they're not having made a change on an ongoing basis other than, again, their not having wanted to be bothered.

3. The military is the military, and who's to question military "wisdom"?
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#42814 - 11/20/16 09:50 AM Re: Cell/Smartphone Dangers [Re: artie505]
joemikeb Online
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: artie505
1. There's absolutely no reason why a 1099 from the Social Security Administration needs to include your full SSN; they just couldn't be bothered with caring about the people whom they're supposed to care for.

2. Granted that reissuing all existing Medicare cards would have been an immense burden, not to mention the fact that the process would have been susceptible to all sorts of glitches that would have messed up people's lives, but I don't see any reason for they're not having made a change on an ongoing basis other than, again, their not having wanted to be bothered.

3. The military is the military, and who's to question military "wisdom"?

You are overlooking government regulations our purchasing major assets like a Navy ship, an office building, a fighter or bomber, or a computer system (hardware and software) such as those used by the IRS, Medicare, etc]/I]. One of these requirements is a major asset must have an expected lifespan of at least twenty-five (25) YEARS. The intent of congress in passing those regulations was to save money by making sure the cost of an asset could be amortized over a long span of time. When those regulations were written in the '50s and '60s very few people were aware of the accelerating rate of technological change and even fewer could even imagine the unintended consequences of those regulations in the future. (NOTE: desktop and laptop computers are cheap enough they do not trigger the asset regulations and are therefore free of those constraints.)

Add to that the universally dismal performance of various government agencies upgrade programs, typically budgeted for five (5) YEARS and those routinely go over budget and over schedule by 100% or more. There are any number of examples of this including a fairly recent debacle at the IRS, and AFIK an ongoing debacle at the FBI or maybe it has migrated to DHS responsibility (and that IMHO is a disaster in and of itself).

Not all government appointees are a waste of space, and thank goodness there is no small number of dedicated and thoughtful senior civil service managers who are well aware of this problem and have taken what action they can to work around these regulations. One tactic is to "privatize" or contract out mass data management tasks and not always to U.S. companies either — the competition for those contracts can be fierce). But as the saying goes, "knowledge is power" and would you really want all of your tax returns under the control and management of Google or all your health data under the control of Microsoft? I am not that sanguine about the IRS having all that data about me, but I can't come up with an acceptable alternative.

If you were beginning to wondering if I was ever going to get to the point I have finished my lecture 🗣. Rationally, to you and to me, dropping all but the last four digits of the SSN from a 1099 appears trivial but the changes required in the IRS system alone would cost probably hundreds of millions of dollars and maybe five to ten years to accomplish (assuming congress would authorize the expenditure, which is unlikely). But that is only the tip of the iceberg. Last year my wife and I received...
  • 2 - 1099 Social Security
  • 1 - 1099 INT
  • 4 - 1099 DIV
  • 4 - 1099 R
  • 23 - 1099 MISC
  • and a variety of other tax related forms
all reported to the IRS by the originator either by USPS or electronically, all sent to me by USPS, all reported by me to the IRS electronically along with my form 1040, and all containing, at a minimum, my...
  • Full name
  • Legal address
  • Social Security Number
and in aggregate revealing...
  • bank account numbers
  • organizations and companies I do business with
  • enough information that in the hands of a malefactor could easily wipe me out financially
Given it is essential for the IRS to correctly link all these disparate pieces of information together, (by the way due to many legitimate reasons mention my name is not exactly the same on all the various documents) it is difficult to imagine how that could be accomplished without the SSN being out there and almost by definition vulnerable. I can conceive of schemes that would get around the IRS having to have a unique identifier for taxpayers, but I believe all of them would have unacceptable [i]unintended consequences
.
_________________________
joemikeb • moderator

Top
#42868 - 11/24/16 11:49 PM Re: Cell/Smartphone Dangers [Re: joemikeb]
artie505 Online


Registered: 08/04/09
Originally Posted By: joemikeb
You are overlooking government regulations our purchasing major assets like...a computer system (hardware and software) such as those used by the IRS, Medicare, etc]/I]. One of these requirements is a major asset must have an expected lifespan of at least twenty-five (25) YEARS. The intent of congress in passing those regulations was to save money by making sure the cost of an asset could be amortized over a long span of time. When those regulations were written in the '50s and '60s very few people were aware of the accelerating rate of technological change and even fewer could even imagine the unintended consequences of those regulations in the future. (NOTE: desktop and laptop computers are cheap enough they do not trigger the asset regulations and are therefore free of those constraints.)

I wasn't even aware that such a regulation existed, and I can't disagree with it in its essence, but while Congress can mandate that an asset's expected lifespan be 25 years, attempting to mandate its real lifespan is a silly exercise, and ignoring reality because it doesn't fit into a preordained pigeonhole is neither good business nor good government.

On the other hand, though, it is the government. frown

Originally Posted By: joemikeb
Rationally, to you and to me, dropping all but the last four digits of the SSN from a 1099 appears trivial but the changes required in the IRS system alone would cost probably hundreds of millions of dollars and maybe five to ten years to accomplish (assuming congress would authorize the expenditure, which is unlikely).

Again, beyond of my experience, not to mention mind-boggling, but I don't see why adding "-A" to my SSN, which increased the size of a pre-ordained field, wasn't a more complicated change to the system than working within the existing field size and printing "xxx-xx" in place of "123-45" would have been.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top

Moderator:  alternaut, cyn