Slashdot Mirror
Can You Sue Over Loss of Personal Information?
GreenCrackBaby asks: "My wife was at a mall about a year ago when she ran across one of those groups who were trying to sign people up for a Visa credit card. Since she didn't yet have a credit card, she decided she'd fill out the form. She had everything filled out and was ready to sign it when she noticed the draconian fine print that essentially promised that they would sell her personal data to anyone they could, so instead of signing the form she said 'no thanks' and tossed it in the garbage. That was a mistake she has been made to regret. Almost immediately SPAM to her university email address went from 0 to 20 a day, and has been slowly increasing since. Soon we started to receive a large number of telemarketing calls to our home (where before we had received almost none). Junk mail addressed to her went through the roof. It wasn't until the Visa card arrived addressed to her that we knew what had happened." It appears that someone fished this woman's application out of the garbage and submitted this anyways, without a signature. How is something like this even close to being legal?
"What has become clear is that someone selling those Visas fished her application out from the garbage and submitted it. We've managed to track down a copy of the form she had filled out, and in the signature area is a big 'N/A'. So now her personal information is being sold to every telemarketer, spammer, and junk mail shop in North America. What can she do? We'd like to sue the company who fished the application from the garbage and make a lesson out of them, but what is there to sue over? Is the loss of personal information even considered a tort?"
ASK A LAWYER :)
:)
Now watch that get amrked redundant
As soon as your wife threw the application in the trash, she made it public knowledge. She is lucky that all you are recieving is the spam.
While she was at it, she should have signed a bunch of blank cheques and power of attorney forms and just threw them away.
Why didn't she rip up the application? Or write void on it? Atleast then she could go back and say 'I didn't sign anything, prove it'
I am in no way a lawyer, but isn't forging (or in this case continuing action with a required signature) considered fraud? Sort of like slamming?
If it isn't illegal, which I can't fathom, it certainly should be.
He tried to kill me with a forklift!
Plain and simple. Regarding her due diligence in protecting her personal information, no action can be taken in regard to disemination of the informatin on the page she 'carelessly' threw in the trash. At least that's what my legal sense tells me (IANAL)
But the submittal of the form for a credit-card is another matter. It indicates someone forged her signature (even if the signature doesn't look anything like your wife's sig) and submitted the form, or someone accepted the form without a signature. Both could lead people in serious trouble with the law.
I am the Barber of Seville.
Why do you think businesses like paper shredders?
Why do groups go dumpster diving?
Never throw out paper that has information on you that you do not want to get out. Plus tearing up the form would have felt good at the time. It is not legal because the form needed a signature. The company should have the form stored you might be able to request it as evidence in a suit but you need to talk to lawyer.
I think importantly people need to look at what happened here and realise, do not trust the law to protect you, in most cases the law needs to be broken before it can be used, and the deterents in this case are small compared to the profit. So protect yourselve with the best practices that you can. Don't throw out paper information unless you have torn it up, burnt it or shredded or are safe with it being found at the tip, dump, skip, bin, etc.
I was thinking of the immortal words of Socrates, who said: "I drank what?" - Chris Knight (Val Kilmer)- Real Genius
She didn't sign the form, thus there was no consent, thus there was no contract. So it's not legal.
Unfortunately you may have trouble doing anything about it at this point. Remember back when credit card slips used little pieces of carbon paper? I remember some customers demanding the carbons to carry home with them, or asking me to rip them up before discarding. And that was just a name attached to a number. Your wife probably left her SSN, address, phone number, etc. on that form.
IANAL but your first priority is to get a credit report and see if a card has been issued in your wife's name. Second, get ahold of this company (by the neck) and demand that your wife's name comes out of the files.
It appears that someone fished this woman's application out of the garbage and submitted this anyways, without a signature
That person was most likely the person who was trying to get her to sign up in the first place. They recieve a commission for each application, sometimes up to 50$ a piece. And since the application was submitted through them without an authorized signature, it's called Fraud. That's criminal. People have filed civil suits for less though. Give it a try.
The most important lesson here is that she probably had her social security number on that form, and should have taken it home with her instead of leaving her personal information in a public place. Someone with whose agenda wasn't limited to making a few extra bucks could have used the info to steal her identity.
However, this does bring to mind some things people should do to protect themselves from information fraud:
- Shred or finely tear any documents with personal information. If it's a mailing, shred the envelope and any advertising with it as well.
- Never purchase from a telemarketer, a TV commercial, or online stores. Telemarketing firms like to share information, and hire some pretty colorful people.
- Put as little information on your check as possible (name only is best, or name and address).
- Only use your credit card for paying bills.
- Get a P.O. box.
- Don't rent cars or purchase cell phones.
This is just a shortlist of information I've been told; basically, one has to be vigilant but also realize that much of this is beyond your control.Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
That's fraud. It will only turn the focus on her and nobody will want to hear her story anymore.
This would be a matter of Identity Theaft and Misrepresentation without conscent. I think the more interesting thing to consider is that since there is a credit card involved, this could constitute as wire fruad. That is a much more serious offense than the other two.
I would have to assume that if there is a disclaimer that Visa can sell the information, there would have to be a disclaimer saying they are not liable for the information's use once it is sold. However, if the actual volume is coming in like it is, an easier route would be harrassment class action suits against benefitting parties. Their information was gained illegally, and they are liable for that. So both Visa and the Spam companies could get burned bad, if this is pressed. The person who took the application could be held responsible as well, since they accepted and processed an application without proper verification of identity.
The fact that the person got a credit card is inconsequential, or that no one else took the information is just lucky. It would have been pretty easy to just copy it to a new application and change the address.
Europe's "Data Protection" directive & the corresponding national laws make this illegal under criminal law.
The company could be fined, and the directors could go to jail.
Then again, in the UK companies used to be required to provide a "please don't sell my personal data" check box ("opt-out"). I'm not sure whether this is still legal, or whether the European law has tightened this so it has to be a "please *DO* sell my personal data" check box ("opt-in"). So she would have been able to apply without getting spam.
#include "disclaimer/IANAL.h"
dont have a credit card do you....
you have to ACTIVATE it. Usually by calling a phone number and talking to a person (Platinum cards) I dont know about the lesser cards... some might simply use a automated system.
activating the card is your acceptance of the terms.
and dont think for a minute that a credit company can't easily outspend you and your entire family in court just for the fun of it.
Remember these companies use the most innacurate and insecure database in the world to make decisions on you... your credit report.
Don't do something stupid like use the card if you dont want to pay it back.
Do not look at laser with remaining good eye.
One day my brother got a credit card in the mail. And lots of spam and calls too. Unlike the article above however, he never had any contact with these people. He has no idea how it happened. He called the credit card company and they claimed they had a signed copy of the agreement. He asked them to fax it to him. They refused, but did 'cancel' the credit card. Spam and phone calls still come though.
Stuff like this makes you doubt the quality of our judgment when we put high tech into hands of the masses. Like handing a gun to a baby.
"I find this whole tale a bit hard to believe."
Always a doubter, one in every crowd.
"Spammers have no trouble trolling the web for millions of addresses - why would they buy them from a credit card company?"
They don't buy them from THE credit card company they buy them from the information collector. Addresses off of credit card applications are especially useful and valuable to spammers for the following reasons.
1) The are most likely real AND their personal email addresses as opposed to generic spam dump boxes at hotmail or yahoo. Do you trust electronic credit card correspondance to hotmail or your own email provider of choice? Remeber people filling out authoritative forms are more likely to be truthfull.
2) The spammer knows that the applicant has a credit card and the recipients credit history AND likely income bracket. But it gets better because the spammer also knows the applicants gender, age, location, phone number, and marital status etc.
In short these addresses and the information behind them are infinitely more valuable than a generic address fished off a webpage and spammers will pay money for them and them sell them to every other company that will pay for them to recoup their purchase costs.
"And why would anyone include their email address on a credit card application in the first place?"
Many of these companies collect as much information as possible on their forms because said information makes them more money. See above.
"And why would they bother fishing it out of the garbage?"
Reps signing people up get paid by comission the money can vary from $25-200 dollars per application. Would you go into the trash in a public resepticle for say $50? No. Can you be sure that no one else would? Remeber some people make their living off of signups like these although turnover is high.
"And why would they issue a card without her signature?"
The rep likely forged the signature which could be as simple as scribling lines across the signature lines for the money.
"And why would someone so concerned about the loss of her personal information throw the application away right next to the potential thieves?"
Because they were so caught up in the moment of saving their personal information from said potential theives. Also the bin could have been a good 50 feet away but in line of sight.
"And why would someone who gets 1/10 of the spam I get have anything to complain about at all?"
Would you like it if I added another quotient of spam and junkmail to your addresses? Please just post all your financials and address essentials in a reply below and I am certain you will get all your quotient and the grief and MORE. Act now this is a limited time offer.
"Considering the complete lack of non-hearsay evidence, whether it's actionable doesn't matter. You couldn't win anyway."
Fraud is fraud better to try than take it in the teeth without action or complaint.
pngmeep
Some of the aspects of this story sound legally questionable. For example, a credit card company's acceptance of an unsigned credit card application, in general. But also, since there was no signature, your wife (although extremely careless and naive for throwing her personal information in a public trash can) never consented to the "fine print" which was the ostensible hook for the company to distribute her info to spammers, telemarketers, other vermin. True, if someone fished her info out of the trash and used it for spamming, she might not have much of a remedy - although some states have put anti-spamming laws into effect, they typically only give a remedy against the spammer, and they make themselves hard to find and identify - who do you sue? But it sounds, from your account, like you can prove the unsigned application was actually submitted to VISA, and may be able to prove that VISA sold her info to the pond scum with knowledge that she had not consented. If that were so, you might have some kind of remedy against VISA or the bank that issued the VISA. If you are in a jurisdiction like California which has a privacy right incorporated in its state constitution, your position might be even stronger.
I would recommend consulting a lawyer who is licensed to practice in your jurisdiction. If you don't know a lawyer, try contacting law schools in your area or your State Bar Association to ask if there are any referral services they would recommend to look at a case of potential privacy violation. This is better than picking up the phone book at random.
No, no, no. This is not a sig.
The quick way out (assuming that nobody has used the credit card - use would serve as "ratification" of the contract for the card) is to demand a copy of the signed credit aplication from the card issuer. If the application for the card had a signature that was not that of the woman reported here then all this arises from a forged signature on an application for credit.
The forgery might well require the testimony of a questioned documents examiner, but the forger is liable for damages.
The legal matter is fairly easy to understand: the woman decided not to accept or agree to the terms of the contract and no contract was made. Thereafther the actor or actors who made use of the incomplete contract started violating the law.
We don't know where this happened, but California has a state constitution that includes a right to privacy. If the jurisdiction where this happened has a similar statutory right (there are unfair trade practice statutes as well as identity theft statutes) there may me other forms of relief available.
Here's what I would do ...
- Order a 3 in 1 credit report and check if fraudulent accounts have been opened in her name.
- Put a credit alert on her SSN with all 3 credit reporting agencies, make it that much harder for fraudulent accounts to appear on this account.
- Sign up for one of those services that notify you whenever there is any change to your credit file. (I use Credit Secure from Amex).
And please people, if you dont shred personal information before you toss it into the garbage, there is no sense it complaining about unethical businesses. Hell, I even shred credit card offers that come in the mail that I did not fill out, call me paranoid.Well, my 2c worth.
All you touch and all you see is all your life will ever be
...isn't even worth what you pay for it. (Yeah, it's free of financial charge. And it's worthless. So one might think it'd be worth exactly what you pay. But you're also probably investing time reading all the responses to your request for info, and as long as the value of your time is higher than zero, that makes this a negative-sum proposition.)
Lots of people have said ask a lawyer. Yeah, do that, if you know any lawyers who aren't already so sick of giving you free legal advice that they got caller ID specifically for the purpose of ensuring that you always go to voice mail. Alternatively, if this is so massively annoying that you're willing to pay for legal advice, do that.
Whether free or paid for, the _best_ news you can expect to get is that even if this is a tort of some kind (IANAL and I'm making no claims one way or the other...merely stating a hypothetical), it will cost more to sue than the aggravation you're enduring could POSSIBLY be worth.
Change phone numbers (consider going with one of the VoIP providers...that's how I got rid of a phone number that used to belong to a fax machine). Get a Mail Boxes Etc box, use that as your primary mailing address, and throw away anything sent to where you actually live. Get your email address changed (or, if you can't, abandon it in favor of a new one). And next time be a bit more careful about throwing away personal data in public wastebaskets while standing a few feet away from people whose own fine-print tells you in no uncertain terms that they have no intention of respecting your privacy.
These are annoying things to have to do, but you don't need a lawyer to tell you they'll be a lot easier and a lot cheaper than filing a lawsuit, even if it turns out that you have credible grounds for one.
Well, not exactly the same thing, but here's what happened:
Same scenario, I applied for a credit card at one of those folding table operations where they have some crappy t-shirt or something that they'll give you for filling out applications. Anyhow, I needed a card, so I filled out an application for one of the three cards that this table was offering. They pushed me and asked that I apply for all 3 but I declined, saying that I only wanted one card, and didn't need three.
I went on my way and a couple of weeks later, I get all 3 of the cards in the mail. This pissed me off more than a little, as I am sure that there must be more than one law against falsifying financial documents.
I placed calls to the customer service numbers at the two cards that I had not applied for and told them my story. In both cases I was fed a line about the applications being un-trackable.
Now, this may or may not have been true, but the real information that I took away from the experience is that the companies didn't care about this kind of behavior. Disappointing, but you have to look at the angle - how will caring about this make them any money?
The people that run these tables are paid per application. If they are not made accountable for this kind of thing, why wouldn't they do it?
So good luck, but personally I'd just get a good spam filter and be glad that it was just false submission of your data and not identity theft or something like that.
+++ ATH0 +++
One day I got one of those myriad of credit card applications.
I did the following: wrote, in large black marker across the application, "DO NOT SEND ME MORE OFFERS". Nothing else. Crossed out the entire application.
A few weeks later, I get the credit card in the mail.
I asked them for a copy of my application; but all I got was a printout of the database record, which had the same information (name, address) that was there on the original application.
Even without my signature, they accepted the application and sent me the credit card.
There's _got_ to be some law against this.
This is the Court of Chancery, which has its decaying houses and its blighted lands in every shire, which has its worn-out lunatic in every madhouse and its dead in every churchyard, which has its ruined suitor with his slipshod heels and threadbare dress borrowing and begging through the round of every man's acquaintance, which gives to monied might the means abundantly of wearying out the right, which so exhausts finances, patience, courage, hope, so overthrows the brain and breaks the heart, that there is not an honourable man among its practitioners who would not give--who does not often give--the warning, "Suffer any wrong that can be done you rather than come here!"
Charles Dickens,
Bleak House Chapter I
In the land of the blind, the one-eyed man is king.
The short of the matter is that they have probably pulled a copy of your wifes credit bureau report in order to issue the card. Since she did not sign the application, which they would have had to have forged, she did not give consent to have her credit report pulled.
Reference the FCRA (Fair Credit Reporting Act) 15 U.S.C. 1681. In particular reference 604 Permissible purposes of consumer reports [15 U.S.C. 1681b]. They have used the report in a manner not permissable.
The crux of the matter is that you may sue them for violating the FCRA. Reference 616 Civil liability for willful noncompliance [15 U.S.C. 1681n]. Since they forged her signature, they have wilfully broken this law.
You can also nail their ass with this:
There is much more to it than that, but I don't want this to be TOO much of a blatant advertisement..
In a situation like this, you could simply call your attorney and they could give you real legal advice and coud even help you out without it costing you anything other than your monthly membership...
p.s. IANAL
One would THINK you'd be correct in this case, but I'm not so sure. I've been fighting something similar for well over a year now, with very little success.
A (now defunct) credit card company, NextCard, issued my wife a VISA card via the Internet, based on some spam email she got that basically said "You have a pre-approved card waiting for you, if you just click this link to visit our web site and tell us where to mail it."
She did so (never actually signing anything), and got the card. She proceeded to charge it up, and then ended up getting sick and lost her job. The card went unpaid, and shortly after that, NextCard went belly-up. Some credit ageny must have been appointed to do collections for them anyway though (by the FDIC, I guess?).
Well, the agency conveniently changed the records to show that *I* applied for this credit card myself, and started going after me, personally, for the debt. I argued that this card was never legally signed for in the first place, and challenged them to show me a copy of ANY form they had on file showing what either my signature or my wife's signature looked like. (Someone said they'd mail me a copy of the application form so I could see where it was signed - but of course, nothing ever arrived.)
Well, to make this long story a little shorter - this still stands as a bad mark on my credit history, and every so often, someone calls trying to collect this debt. (It seems this debt is being passed around from one collection agency to another. The last people calling to collect it couldn't even tell me which card it was for. They kept mentioning some other bank I never heard of that I supposedly owed it to. I assume it's some bank that bought out NextCard...)
I refuse to pay this off, on principle, at this point. (Even if I did, I highly doubt they'd ever get things straight, paperwork-wise, to make sure it was taken off my credit report.)
> RUN UP THE BILL!!! You have no contractual obligation to pay them anything.
This is patently false, and following this advice could easily land you in jail for fraud. Because you didn't sign the form, you don't owe them anything for sending you the card, but if you use it, you are promising to conform to the cardholder agreement. If you claim after the fact that it's not valid because you never signed the form, you won't be held legally liable for the debt by the credit card company. The catch is that you presented the card to whoever you bought stuff from as a valid account, which it wasn't (and they can prove you did it on purpose because you know the cardholder contract isn't valid), thereby committing fraud for personal financial gain. Go directly to jail, and end up paying the merchant for the stuff directly anyway.
I say again, ignore this advice. It's criminal.
Virg
What you do is you take the form away with you and shred it into itty-bitty pieces. If they don't like it you tear it up right in front of them. Paranoid? Sure, but if you'd seen the number of dumpster-divers that go through our alley in any given day you'd be paranoid too! I wouldn't trust ANYONE to not use the info on the form even if I wrote VOID on it, especially if they had stated up front that they were harvesting info. Sure it might give you a legal lever to apply but who wants the hassle?
I don't even like tossing ATM receipts in the garbage...they come home and get run through the (confetti cut) shredder.
You're using her as bait, Master!
Find out where they're currently pushing cards in a public place like the mall.
Hate to break it to you, but a mall is not a public place...it is not "commons". It is private property owned by some corporation and so your "rights" don't apply there! They would likely get the mall security to toss you out (if they didn't charge you with something first). Think about that for a minute...we as a society have exchanged our "commons" and all the activities that were fought for by our forefathers (free speech, assembly etc) for mindless consumption in a corporate-held space where we have few rights at all! Where do people go when they have free time? To the town square to hold assemblies discuss their issues/concerns/greviences with their neighbours? Does such a thing even exist anymore? Where are all your neighbours...at the mall right? Try engaging in one of these "freedoms" in a mall and see how far you get!
You're using her as bait, Master!
Maybe You're New Here, or you weren't paying attention the numerous times this has been gone over, or you've just read too much mainstream news.
Copyright Infringement != Theft.
Say it again, and pay attention this time.
Copyright Infringement != Theft.
Copyright infringement is a civil tort. Theft is a criminal offense. They're very, very different. No matter what some asshat from the RIAA or MPAA says.
--grendel drago
Laws do not persuade just because they threaten. --Seneca
I am a paranoid person.
When someone asks for my name or address, I usually decline, when I have a form/receipt/etc that has my name on it I rip it up into small pieces. Garbage cans are public property (police can obtain your DNA from cigarette butts, soda cans, etc that you throw away; yes I watch a lot of court TV)
I look at credit card receipts that the merchant has and if my CC number is listed I blackout parts of it (there is no need for them to have num CC number, they have transaction #).
If I get a call from telemarketer, I say no thanks and just hang up before they say anything else. If someone calls and starts a sales pitch I ask whom are they looking for, if they do not know exact name I just hang up.
All important papers get shredded and thrown out in the same bag as catbox litter.
There are people who prey on others out there, who will sift through your garbage and try to get info about you. Identity theft is very real.
It may prove cumbersome, and who knows if it works in any way to reduce your junk mail, but god, it's satisfying.
"It's an erotic, spectacular scene that captures the thrusting, violent, vibrant world Bohemian spirit..."