Slashdot Mirror

There is far more then just having a credit card with a low limit. Your credit score or FICO score is also based on having available credit, using that credit, and paying on that credit over time. Another factor is the limit compared to what your balance is. Showing a huge credit limit and your ability to maintain the balance low is a good thing for a house purchase. It shows disipline. If you ever looked at your credit report [*], you will see a line on most revolving credit lines that shows the max balance the account had for a certain time period.

Everyone in the US can get a free credit report from the big three with no strings yearly. See the info at the FTC site here for more info (or search Google for free credit report and follow the link to the FTC site if you do not trust my link)
Pay particular attention to the section called "A Warning About "Imposter" Websites" as there are many sites that try to mimick this FTC program but will charge you or give a hard sell for credit services in the process of providing your "free" credit report.

You can get a good idea of what info goes into making your FICO score and general tips for making it better from here. Many banking and money sites offer similar advice.

Now that that novel hack has been done, it's unlikely to happen again.

http://www.privacyrights.org/ar/DataBreaches2006-A nalysis.htm human/software incompetence took up 44% in the public sector, hackers 52% in higher education and theft(s) were 55 and 57% for private and medical respectively

Makes sense for a very little while, perhaps, and is legally permissible in most states to wait a short while if an investigation requires it, but after that you have to warn people.

Losses like this are a CONSTANT occurrence. See http://etiolated.org/ http://www.privacyrights.org/ar/ChronDataBreaches. htm, and http://attrition.org/dataloss. This stuff happens almost every single day. From etiolated: 76,357,930 records lost this year! A rate of over 7 incidents per week.

At least Ohio has been open about it. Companies like IBM, Disney, Johnson & Johnson have had breaches of potentially greater magnitude this year and haven't been a fraction as honest about it : http://attrition.org/security/rant/z/partialtruths .html (shameless self promotion of my rant, but worth a read)

An organization with this many SSN's should never have been allowed to have a policy in place where *anybody* was allowed to take home backup tapes of private data. This happens far too often. We need real laws that specify severe punishment for companies and institutions that allow this to happen with SSN's and other personal data. I've had my SSN lost in this manner twice already this year. One was at Northwestern University, who has a history of losing SSNs, but doesn't do anything about it because they apparently see no reason to. There is a Chronology of Data Breaches online that lists a large portion of the SSN leaks that have happened over the last few years. The sheer length of it should make anybody worried.

• 
  "Another product on the market is an attachment to the telephone called an "inbound call blocker." It allows only those callers who enter a special numeric code onto their touchtone phone pad to ring through to your number. This device is highly effective in preventing unwanted calls. However, you must be certain to give the code to everyone you want to talk to. Even so, you could miss important calls from unexpected sources, like emergency services.
  
  Several vendors sell such call screening devices. Check the web site of Privacy Corps (http://www.privacycorps.com) or call (888) 633-5777. Other sources include Command Communications (http://www.command-comm.com), at (800) 288-3491; and Avinta (http://www.avinta.com) at (800) 227-1782. No endorsements are implied. "

I think you're talking about the Telezapper A quick google search turned up a nice privacy page with useful, although fairly obvious recommendations: http://www.privacyrights.org/fs/fs3-hrs2.htm

You can easily stop junk mail, but most people don't take the time nor diligence to do it. I have stopped all junk mail. If you want to stop receiving junk mail just do what is prescribed on this web site: http://www.privacyrights.org/fs/fs4-junk.htm. It works.

Also I receive no spam. This has been over 3 years. How? One I have my own email server and it's at its own domain. But more importantly I can create aliases any and all lists I join that are then forwarded to my real address. That way I can track down where the address is getting poached and/or sold. Then complain and delete that alias. I only give my real email to people I trust. I also make sure that it doesn't get on to any web pages. All of you people with FREE email accounts like gmail, hotmail, yahoo....well you get what you pay for.

This happens every day.

Check out http://www.privacyrights.org/ar/ChronDataBreaches. htm.

> I'm not aware of any case in which someone whose identity was stolen ended up with out of pocket
> expenses
Then you're not looking.
http://www.privacyrights.org/ar/idtheftsurveys.htm

>and consumer victims reported $5 billion in out-of-pocket expenses.

Did you have a passport, EIN or was it before 9/11? The laws have changed recently.br>
Look Here for who can ask for SSN and what it is used for. To save you some time:
"Why do financial transactions require my Social Security number?
In 1961 the Internal Revenue Service began using Social Security numbers as taxpayer ID numbers (TIN). Therefore, SSNs are required on records of transactions in which the IRS is interested. That includes most banking, stock market, property or other financial transactions as well as employment records. Since your Social Security number must be included on all of these sensitive financial documents, it is important to limit other uses of the number. "

As I said before I am sure you can get around it but someone is watching.

A case in point. Look at all the data thefts that have occured over the past few years of unprotected government databases.

One or two look like an "oops."
But hundreds? Either there is a disregard for public records, or perhaps the Government WANTS the data released -- so that a private sector company can do what they can't with the data, and there is plausible deny ability about the source.

http://attrition.org/dataloss/
http://www.gcn.com/online/vol1_no1/40840-1.html

but when you look at the civil sector, it's not much better;
http://www.privacyrights.org/ar/ChronDataBreaches. htm

Of course, ChoicePoint is a part of the BushCo government. They helped rig elections in Florida and more recently in Mexico.

From the Privacy Rights Clearinghouse: Your Social Security Number: How Secure Is It?

On the page http://www.privacyrights.org/fs/fs6c-CreditScores. htm, the answer to the "Does it improve my score to pay off my credit card balance every month?" question is highly misleading, if not outright wrong.

In terms of FICO scores, although you always want to pay off your entire balance each month (to avoid finance/interest charges), when you pay that balance matters.

An example:

Person A charges $2,000 on his credit card each month. When he receives his credit card statements, they always show a total balance of $2,000. Each time, he pays off the entire $2,000 balance immediately.

Person B also charges $2,000 on his credit card each month. But each month, a few days before his statement period ends, he pays whatever his total balance is at that time. When he receives his next credit card statement, the total balance will be reflect only the charges he made on the last few days of his billing period (after he paid the current balance). He immediately pays whatever that total balance is.

Neither person A nor person B will have to pay any finance or interest charges. But person B's FICO score will be anywhere from 30 to 80 points higher than person A's FICO score.

Why? Because credit card companies send balance information to the credit agencies only once per month, and the balance information they send is the statement balance.

That means from the point of view of the credit agencies, person A is always carrying a $2,000 balance on his card, and person B is always carrying a trivially small balance ($0 or something close to it). Yes, person A is paying off the total balance each month. But the credit agencies can't know that, because the only data they receive each month is the statement balance, which is a snapshot in time. Fair Isaac & Co. looks at the credit reports and sees that person A is consistently carrying a higher balance than person B, and penalizes person A accordingly. (It's no secret that they do this; they flat-out tell you if you sign up for their credit report and FICO score monitoring service.)

I expect that the credit card companies and the credit agencies will eventually address this issue by communicating not just the monthly statement balance, but also the total charges and payments made each month. But until then, here's the bottom line: not only should you pay off your entire balance each month, but you want to do so before your billing cycle ends, so that the "total balance" amount on your statement is as small as possible.

Question to thread: Please post information about these "trade secrets" and "magic". It would be interesting to see real, cited references.

The exact formula of the FICO and other scoring models is a trade secret

Points are given or taken away based on the amount of available credit used. Certainly, using the maximum amount on your credit card and paying only the minimum each month can lower your score. But, using a large percentage of your available credit each month, even when you pay the bills faithfully, can detract points if you are carrying a high balance at the time your credit history is scored.

Argh. tddoog said: "Be careful what you wish for. Bulk mailing helps subsidize the current mail system. Without it, either prices would go up or there would be a reduction in service (mail delivery every other day). Remember the USPS is one of the few gov't organizations that supports itself without taxes. All of the bureaucracy and none of the pork."

Whaaat?! You're kidding, right? So we pay $$$ for stamps for what reason? You seem to be a bit factually impaired:

Those bulk obnoxious "Smart Shopper" mailouts are not affiliated with the USPS in any way! They are marketing spam sent out by private companies who are only interested in profits, and not the public message delivery infrastructure (beyond the enabling of their trade, that is..)

Ever get those newspaper-like ads, and nested in the middle of them is the "Missing Person" card? THAT is your culprit right there. Federal postal regulations require that ALL spammy mailouts must contain a reference to the actual company sending it out. Look for the card, contact the company who made the card, and request that they remove you from their marketing lists. Simple. And doing so does not hurt the USPS in any way.

The main companies responsible for the junk? ADVO Inc., PennySaver, The Flyer, Val-Pak. Note that none of these are the United States Postal Service. Again, I must point out the ever-inflating price of postage stamps. I remember when postage for a standard letter was only $0.23! If mail delivery is subsidized by junk mail, then where does my stamp money go?

Check out http://www.privacyrights.org/fs/fs4-junk.htm for more information, loads of facts, and many suggestions on how to reduce junk mail (in the US, anyway)

--Weasel

They are also pretty much unregulated - they are not a credit bureau, so they do not fall under these regulations.

http://www.privacyrights.org/fs/fs6b-SpecReports.h tm#6 and http://www.cbsnews.com/stories/2004/05/21/eveningn ews/consumer/main619029.shtml for more

The Privacy Rights Clearinghouse keeps a list called "A Chronology of Data Breaches Reported Since the ChoicePoint Incident." That list shows over 200 incidents reported in the last 17 months, totalling over 88,000,000 breaches.

You're right; it's not identity theft, it's identity fraud. Which, guess what, has its victims.

Is this some sort of natural outgrowth of MP3 downloading and software piracy? What are we going to pretend is "victimless" next?

http://www.privacyrights.org/ar/ChronDataBreaches. htm whoa is right

LAWS REGARDING WIRELESS EAVESDROPPING

Is it legal to intercept other people's cordless or cellular phone calls?

The Federal Communications Commission (www.fcc.gov) ruled that as of April 1994 no radio scanners may be manufactured or imported into the U.S. that can pick up frequencies used by cellular telephones, or that can be readily altered to receive such frequencies. (47 CFR Part 15.37(f)) The law rarely deters the determined eavesdropper, however.

This is a classic case of why consumers should have a private right of action to sue in court under the civil law. HIPAA does not allow individuals to sue a hospital or doctor for violations of the statute. (However, a stricter State statute or privacy or contract law might allow a suit)

There is a growing trend in U.S. Federal Law that grants people rights, but does not allow them a remedy if there is a violation of these rights. This is a direct outgrowth of 20 years of conservative Supreme Court rulings that have gutted the power of the Judiciary to provide remedies for violations of the law.

The thought process is "well, Congress said you have a right to have your information kept private, but didn't explicitly say that anyone besides the State can enforce this remedy, so oh well, your screwed if the government doesn't want to do anything."

This thought process is not only unjust, but goes against 500+ years of legal of Common Law. Where you have a right, you should always have a remedy. It is an axiom, and 20+ years of Republican Judicial Activists have destroyed this notion. It is not right, and it is not fair. And it is not conservative. It is radical and undemocratic, and goes against the rule of law.

See: http://www.privacyrights.org/fs/fs8a-hipaa.htm and http://www.healthlawtoday.com/hipaa/files/righttos ue.htm and http://www.abanet.org/buslaw/blt/2001-11-12/meade. html

Ditto. About once per month I get an email from headhunters for some company or another offering me an interview. They seem to alternate between SMB's / startups and mega-corps. Its nice to know my skill set is still (apparently) attractive. :-)

I can look at my server logs and see hits for "electrical engineering filetype: pdf" and so on on a weekly basis. I'm sure some of these are from folks looking to scavage and cobble together a resume (.edu domains are a bit of a giveaway), but I'm certain that I got two of the job offers I did because of my blog, and its contents. I mentioned some previous jobs and some of the neat things I was doing, and got offered a position mysteriously close to one of those.

I also would like to second the parent poster's comments. Google yourself, your email address, your IM nickname / game handle / whatever. See what comes up, and see what others are seeing about you.

On a slight aside while I'm thinking about it, you should also check your "real" identity as well. I've moved to several states for various jobs, and apparently am responsible for at least four different "Michael Hollinger" identities in the US. For each record, some piece of information is wrong (my middle initial seems to be the most common thing to screw up) but the addresses are all past addresses. Since this can affect credit applications (e.g. your next car, house, credit card rates, etc.) make sure this paints a positive picture of you as well!

Check a list of "Information Brokers" and see what they know about you (and if the info's correct!). - http://www.privacyrights.org/ar/infobrokers.htm

G'day,
~ Mike Hollinger

• 1. Opt out (http://www.privacyrights.org/fs/fs1aplus-cpni.htm )
• 2. Emails/call your local phone companies, and scream about it.
• 3. Ditto locateacell (http://locatecell.com/contact.html)
• 4. Complain to FCC (http://www.fcc.gov/cgb/complaints.html)
• 5. Write to your representative (http://www.house.gov/writerep/. I'm sure *they* wouldn't want to see their records out in the public either!
• ...
• n. And we all profit from increased privacy

My cell phone calls are my personal effects.

In the case of phone records, I think it would be more accurate to describe them as historical records, in which the telephone company, the caller and the call recipient have all played a role.

If the telephone company chooses to release the information about the call later, for profit, it doesn't seem like they under a strong ethical bond not to. Yes, it would be more discreet of them not to sell the information, but in this context, I don't think not being discreet should rise to the level of requiring legal penalties.

The reasons that this information gets out in this way would seem fall into two categories: a) the telcos are sloppy and allow access to the information, either directly from the outside, or through employees stealing it from the inside, b) the telcos are profiting directly by selling it to third parties.

If we ignore a) (but hope that the telcos do not) and focus on b), one way to deal with this would be for the telcos to offer a 'discretion' option on your account for a small fee. For example, you pay a dollar (or three or five) a year, and they make sure that nobody without a court order gets a copy of your logs (ignoring spies, the NSA, executive orders, and so on for the moment).

My guess is that the telcos would stand to make a lot more money from a lot of people paying a small amount than a relatively small number occasionally paying a few hundred dollars for records.

The people that paid the 'discretion' fee would feel better because they had a binding agreement with the companies not to reveal their (shared) history, except by court order. The people that don't care don't have to pay the fee and presumably won't feel outraged when their records are purchased by Sixty Minutes or their ex-boyfriend.

Why the small fee? Among other reasons, it would be an incentive for companies to make this a standard option that you can check off on your account, rather than something hidden at the end of the contract in small print, accessible only on obscure web pages, the location of which is traded around in lists by angry consumers.

Unfortunately, this issue is nothing new.

Lots of good info on this problem can be found here, courtesy of the good folks at EPIC.

And finally, you can choose to opt-out of the releasing of your phone data here (at least you can try...opt-out information isn't listed for many of the companies). Also, many of these data brokers employ less-than-legal means to obtain the phone data anyway.

• http://www.privacyatchoicepoint.com/common/pdfs/Da tadisclosures2005.pdf
• http://www.privacyrights.org/ar/ChronDataBreaches. htm

Hacking is just exploiting vulnerabilities in a system. The people who operate the system are also part of the system (whether it be: customer service agents who only need to hear a trivially-easily acquired indentification number before granting wholesale access to passwords, account settings, password information, billing details, etc; Or, web programmers who don't correctly implement good security policies, and allow common exploits to be performed on an account site in an automated fashion). "Hacking" a person who is part of the system is no different than feeding non-standard or unexpected malicious data to an API and achieving a result. If anything, "human" interfaces are more documented.

Assignment: The next time you call your cellphone company, listen to the key security questions they ask you and know that every organization requires the same pool of information.

Want to own someone? Learn their SS#, father's middle name, mother's maiden-name, name of their high school, and town of birth. Is this good security?

They're all available by public record.

Hmmm...

//J

I agree with most of your points, but please read this and this before concluding that Google actually adheres to its "don't be evil" policy.

Gmail is a bad example. Thirty-one privacy and civil liberties organizations have urged Google to suspend it. Also see EPIC's Gmail privacy FAQ.

Ok I was sorta right:
"How can a school use my Social Security number?

Publicly-funded schools and those that receive federal funding must comply with the Family Educational Rights and Privacy Act in order to retain their funding (FERPA, also known as the "Buckley Amendment," enacted in 1974, 20 USC 1232g). One of FERPA's provisions requires written consent for the release of educational records or personally identifiable information, with some exceptions. The courts have stated that Social Security numbers fall within this provision.

FERPA applies to state colleges, universities and technical schools that receive federal funding. An argument can be made that if such a school displays students' SSNs on identification cards or distributes class rosters or grades listings containing SSNs, it would be a release of personally identifiable information, violating FERPA. However, many schools and universities have not interpreted the law this way and continue to use SSNs as a student identifier. To succeed in obtaining an alternate number to the SSN, you will probably need to be persistent and cite the law. Social Security numbers may be obtained by colleges and universities for students who have university jobs and/or receive federal financial aid. In Krebs v. Rutgers, the court ruled that SSNs are "educational records" under FERPA (Krebs v. Rutgers, 797 F. Supp. 1246 (D.N.J. 1992)).

The FERPA text can be found at the web, www.cpsr.org/cpsr/privacy/ssn/ferpa.buckley.html. For the U.S. Department of Education's web site on FERPA, see www.ed.gov/offices/OM/fpco/ferpa/index.html.

Public schools, colleges and universities that ask for your SSN fall within the provisions of another federal law, the Privacy Act of 1974. This act requires such schools to provide a disclosure statement telling students how the Social Security number is used. If you are required to provide your SSN, be sure to look for the school's disclosure statement. If one is not offered, you may want to file a complaint with the school, citing the Privacy Act.

When the school is a private institution, your only recourse is to work with the administration to change the policy or at least to let you use an alternate identification number as your student ID."

You can find other info at :
http://www.privacyrights.org/fs/fs10-ssn.htm

Hope this helps. :)

Someone who has this information on their laptop loses it

Why was it on a _laptop_ in the first place? Regardless of who hangs in the end for the financial liability, damage is caused. The problem with your argument is the assumption of a "victimless crime"--assuming someone got hold of 100,000 SSNs, as well as associated data allowing you to assume the identity of an existing person, there's a good chance your $1,000 example would be multiplied quite a bit. Even _if_ the person whose persona was thieved were proven innocent, the result would be harm to everyone in the form of tougher loan criteria, higher fees, etc.

Think of it this way: a fair amount of what Visa charges you in interest & fees goes towards insuring them against credit card fraud. After the ChoicePoint exploit, one African gentleman was caught only after submitting loan applications under at least 40 assumed personas, and having received approval for quite a few of them.

The loss of the SSN is not the cause per se; it is the piss-poor awareness of data protection best practices that led the data to being on a _laptop_ in the first place, and the piss-poor system that led to a perceived requirement to collect that information in a manner not necessarily directly related to social security-relevant purposes.

Pardon me if I'm being thick here, but I am really having trouble understanding how I am not explaining myself. I believe the system is broken, for reasons I tried to state very clearly,
and I think the behavior (or lack thereof) that led to the theft of this information in such a manner being possible is equally broken.

Regarding your example, we're not just talking about loans here--here are a few random links on the topic of identity theft, with plenty of information on potential consequences.

Your argument is perfectly legit, no a strawman at all, except for the part about stealing money from Bill--of course not. But Bill's not Sam T. Gradstudent, so fallacy of equation there.

OK, agreed, tax & SS-related forms are legitimate.

Now: what abou the whole "credit check" thing? Let's ask a more fundamental question--why is the SSN required for this sort of thing at all? Or for transcript verification?

Simple answer: It's a unique identifier, you said it. Funny thing that, doesn't the Social Security Act specify that the SSN is not meant to be used as identification except for Social Security purposes?

You hit the nail on the head with the word "easy". It's easy. "Easy" is not always good, and in this case, it is shit. "Easy" is what made some plank store this sort of crap on a laptop, probably in Excel, probably unencrypted. "Easy" in this case is bad.

As this link mentions, one of the problems is that there is no law _preventing_ business (including schools) from requiring this supposedly private piece of information as a precondition for delivering services, without making allowance for an alternative.

So I think in this case we can replace "easy" with "unprofessional", "lazy", "unethical" even.

Start here.

And note:

Under Federal law (15 U.S.C. 1681g, available at 609 (e), www.ftc.gov/os/statutes/031224fcra.pdf), victims of identity theft in other states can also legally gain access to records from a business that relate to fraud based on identity theft (applications for credit, sales receipts, copies of checks, and other records). A victim of identity theft must provide a copy of the FTC affidavit (or other affidavit acceptable to the business), government-issued identification, and a copy of a police report. The business must provide copies of these records to the victim within 30 days of the victim's request at no charge.

http://www.privacyrights.org/ar/CPResponse.htm

According to ChoicePoint, their tenant rental history includes landlord debt, criminal, eviction, registered sex offender and FBI searches. Their employment background check report includes information on arrest and conviction history including fugitive files, state and county criminal record repositories, prison, parole and release files from state Department of Corrections, Administrative Office of Courts and other state agencies, in addition to credit history, employment verification, education verification, license credentials and certification verification, and business or personal reference verification.

There is only one reason by law a company can have your SSN#, and that is for paying taxes. If your relationship with the organization does not include paying taxes, then refuse to give them your SSN#. If they deny services, you can sue, it is illegal for them to force you to give them your SSN#.

Could you give some sources? I don't believe that your statement is generally true. It's true that there are only a few cases where you are required by law to give out your SSN (the N stands for Number, by the way--a SSN# is like an ATM Machine). However, that doesn't necessarily mean that it's illegal for other companies to ask for your SSN, or refuse you service if you don't give it out. All the sources I can find (this one for example) say that in most cases the most you can do is take your business elsewhere. Some states have laws preventing refusal of service in specific cases (such as utilities), but in general you have no recourse but to complain and/or go elsewhere.

Before people take your advice and start threatening to sue everyone for violating a law, they should make sure the law actually exists where they are and applies to their situation--otherwise they'll just end up looking looking silly. Besides, it's always much more effective to be able to quote a specific law a company is breaking instead of just making vague claims of illegality.

• 
  
• Those considering granting you credit.
  
• Landlords.
  
• Insurance companies.
  
• Employers and potential employers (but only with your consent).
  
• Companies with which you have a credit account for account monitoring purposes.
  
• Those considering your application for a government license or benefit if the agency is required to consider your financial status.
  
• A state or local child support enforcement agency.
  
• Any government agency (limited usually to your name, address, former addresses, current and former employers).
  

• Family Educational Rights and Privacy Act (FERPA),
• Gramm-Leach-Bliley Act (GLBA), and
• Health Insurance Portability and Accountability Act (HIPAA)

Wow. Apparently that number (888/5-OPTOUT) is valid [FTC] (see also here).

Opting out of pre-approved credit offers is not much, but it can be useful (and save you a lot of annoyance).

It's important to note that this toll-free number has a limited purpose - simply to enable consumers to opt-out of receiving pre-approved offers of credit. Nothing more.

As of 2001, the states of Wisconsin, Arizona, New York, Rhode Island, and Maryland prohibit using SSNs as student ID numbers. Hopefully, others will follow soon.

Asking about an alternative number is a very good idea, even if the process for obtaining an alternative identifier is not documented in an obvious manner.

From one of the first links listed in your google search:

Because of the federal government's reluctance to regulate location-based wireless services, consumers must carefully research the privacy implications of these services before subscribing. Individuals are encouraged to only subscribe to services that offer maximum user control. Not only must users be able to turn off location-tracking features, industry must ensure that the wireless devices come out of the box with location tracking turned off, with the exception of E-911 calls. Further, one's "locatability" and the receipt of targeted ads should be subject to an "opt-in," requiring the user's affirmative consent.

So, as I said, this feature can be turned off (it usually is), thus requiring active tracking.

IANAL, but this may in fact be the case. This FAQ is a little bit out-dated but it was the best I could find: http://www.privacyrights.org/fs/fs2-wire.htm#5

• It is against the law to make or modify equipment to eavesdrop on cellular phones, but the act itself appears to be illegal. (what a disgusting DMCA-esque law, eh?)
• It's illegal to eavesdrop with the intent to defraud. This seems redundant-- isn't fraud already illegal?
• In California it's illegal if you do so with malicious intent (whatever that means...)

This borders on the apocryphal.

Why would Bill Gates even have a credit card in his own name?

And why in hell would he use it online, instead of a one-time electronic transaction instrument?

And just what was he buying?

Just don't buy this brand of beer. Boycott them. Tell others to boycott them. Write letters to their CEO and upper management as to why you are not buying their beer. Write letters to the editors of newspapers. Post this on protect our freedoms.

The reality is that as long as companies get a free pass on violating our rights, we will continue to lose them.

It is not a requirement that you give your SS# to anyone except for government agencies.

When I recently moved, I established my phone, gas, electric and other utilities without giving my SS# to any of those utilities. A few of the reps said I could not establish service without the number. Speaking to a supervisor resolved that problem. A SS# just makes it easier and cheaper for utilities to make sure it is you who is creating the account.

Privacy Rights Clearinghouse has a good little FAQ on this, including a section called Do I have to provide my Social Security number to private businesses?

So you're OK with me putting all your cellphone conversations online?

Anyone talking on anything not hardwired SHOULD expect or at least understand that the transmissions can be intercepted. If you think it is secure then you have been fooled and/or misguided by the wireless service provider and the federal government. Instead of bringing this issue out in the open years ago, the FCC working with the wireless providers decided to mask the problem and attempt to create laws to prevent evesdropping instead of upgrading the technology and educating the consumers of the risk involved. It is a lot cheaper to pay a Senetor and hide the problem then to find a technical solution and lose potential customers.

Google can answer most of your questions with nifty links like this, or this.

Who would have thunk it?

Anyway, while some companies may deny services if you decline to give them your SSN, there are some restrictions on its uses. For more information check out privacyrights.org.

http://www.privacyrights.org/fs/fs16-bck.htm

Why is it that people don't feel they should make a link when they post a URL?