[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "Drift net fishing," GAK, FBI, and NSA



David Lesher <[email protected]> writes:

> [credit card]
>
> Any thought of privacy is a joke. Just because Punk's, Ltd.
> control the issuing bank, the clearinghouses in the middle
> will gleefully collect all the data and sell it.
>
> That would include the holders transactions, address, you name it.

Well, there are two issues:

When Alice buys her groceries and pays with a credit card, there are two
kinds of information involved:
1. What Alice bought;
2. Who Alice is.

#1 might include the fact that Alice bought some fat-free yoghurt.
#2 might include the fact that Alice lives at 123 Main St and makes
 $150K per annum.

If these two pieces of information are combined and sold to a direct marketing
company, then Alice might get some junk mail or telemarketing calls advising
her of other exciting diet opportunities.

American Express does the most extensive analysis of purchases paid for via
its cards, and gladly sells the results of its analysis to marketers. (Yep -
stuff like "the list of people who bought over $10 worth of health food w/
AmEx" is present and real, not a potential threat to privacy).

I *don't think* (but I could be wrong) that Visa and MasterCard's clearing
houses do this kind of purchase analysis now, but they certainly have the
ability. Some large banks that issue Visa and MasterCard cards do sell
marketing databases similar to AmEx's (based only on purchases made with their
cards), but each individual bank is smaller than AmEx.

Therefore, AFAIK, right now one is relatively safe from blanket analysis of
purchases by staying away from AmEx and from VISA/MC issued by certain large
banks. (Hint: a certain unnamed bank that arose from a merger recently has
been touting to marketers the fact that it's so big that its purchase analysis
database is as good as AmEx's.)

I suspect that if one contacts one's card issuer and requests in writing
that the information about your purchases not be distributed to third
parties w/o a court order, they'd probably comply. But it's only a matter
of time before the clearinghouses start doing the purchase analysis, as
David said.

As far as #2 is concerned, I can safely predict that if a financial institution
tried issuing credit cards or secured credit cards or debit cards without
asking the holder's SS# and identity (e.g., paid via anonymous e-cash),
they'd probably have audit visits from
a) the Federal Reserve
b) the office of the comptroller of the currency
c) the IRS (SS# is needed because the interest paid on the card may be
   deductible)
asking to prove that no money laundering or tax evasion is going on, and
shutting down the operations until the negative is proven.

Now, suppose you open an institution that a) puts a phoney name on the credit
card, b) takes down your real name, address, SS#, etc for its files, but
promises in writing not to reveal the identify or the purchasing patterns
to anyone except LEO's with a court order.

It might sell... I might even get one...

[An interesting twist: The Wiz, a very nice electronics store in NYC, only
accepts credit cards in combination with a photo ID. :-) ]

Such an outfit would last until the first big dispute. "Dispute" as in, someone
charges a purchase to the card and I claim I never made it. Or, I buy a gizmo,
decide to return it, and the merchant refuses to take it. With anonymity, the
disputant is likely to get screwed; or the issuer; never the merchant.

Another possibility is to issue a charge card (payable in full at the end of
the month, getting revenue from the annual fee), rather than a credit card, so
it could claim not to be subject to certain Federal Reserve's regulations that
have to do with credit card disputes. But then it probably can't be Visa/MC and
can't use their clearginhouses.

---

<a href="mailto:[email protected]">Dr.Dimitri Vulis KOTM</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps