Slashdot Mirror
Can You Sue Over Loss of Personal Information?
GreenCrackBaby asks: "My wife was at a mall about a year ago when she ran across one of those groups who were trying to sign people up for a Visa credit card. Since she didn't yet have a credit card, she decided she'd fill out the form. She had everything filled out and was ready to sign it when she noticed the draconian fine print that essentially promised that they would sell her personal data to anyone they could, so instead of signing the form she said 'no thanks' and tossed it in the garbage. That was a mistake she has been made to regret. Almost immediately SPAM to her university email address went from 0 to 20 a day, and has been slowly increasing since. Soon we started to receive a large number of telemarketing calls to our home (where before we had received almost none). Junk mail addressed to her went through the roof. It wasn't until the Visa card arrived addressed to her that we knew what had happened." It appears that someone fished this woman's application out of the garbage and submitted this anyways, without a signature. How is something like this even close to being legal?
"What has become clear is that someone selling those Visas fished her application out from the garbage and submitted it. We've managed to track down a copy of the form she had filled out, and in the signature area is a big 'N/A'. So now her personal information is being sold to every telemarketer, spammer, and junk mail shop in North America. What can she do? We'd like to sue the company who fished the application from the garbage and make a lesson out of them, but what is there to sue over? Is the loss of personal information even considered a tort?"
ASK A LAWYER :)
:)
Now watch that get amrked redundant
As soon as your wife threw the application in the trash, she made it public knowledge. She is lucky that all you are recieving is the spam.
I am in no way a lawyer, but isn't forging (or in this case continuing action with a required signature) considered fraud? Sort of like slamming?
If it isn't illegal, which I can't fathom, it certainly should be.
He tried to kill me with a forklift!
Plain and simple. Regarding her due diligence in protecting her personal information, no action can be taken in regard to disemination of the informatin on the page she 'carelessly' threw in the trash. At least that's what my legal sense tells me (IANAL)
But the submittal of the form for a credit-card is another matter. It indicates someone forged her signature (even if the signature doesn't look anything like your wife's sig) and submitted the form, or someone accepted the form without a signature. Both could lead people in serious trouble with the law.
I am the Barber of Seville.
Why do you think businesses like paper shredders?
Why do groups go dumpster diving?
Never throw out paper that has information on you that you do not want to get out. Plus tearing up the form would have felt good at the time. It is not legal because the form needed a signature. The company should have the form stored you might be able to request it as evidence in a suit but you need to talk to lawyer.
I think importantly people need to look at what happened here and realise, do not trust the law to protect you, in most cases the law needs to be broken before it can be used, and the deterents in this case are small compared to the profit. So protect yourselve with the best practices that you can. Don't throw out paper information unless you have torn it up, burnt it or shredded or are safe with it being found at the tip, dump, skip, bin, etc.
I was thinking of the immortal words of Socrates, who said: "I drank what?" - Chris Knight (Val Kilmer)- Real Genius
She didn't sign the form, thus there was no consent, thus there was no contract. So it's not legal.
Unfortunately you may have trouble doing anything about it at this point. Remember back when credit card slips used little pieces of carbon paper? I remember some customers demanding the carbons to carry home with them, or asking me to rip them up before discarding. And that was just a name attached to a number. Your wife probably left her SSN, address, phone number, etc. on that form.
IANAL but your first priority is to get a credit report and see if a card has been issued in your wife's name. Second, get ahold of this company (by the neck) and demand that your wife's name comes out of the files.
It appears that someone fished this woman's application out of the garbage and submitted this anyways, without a signature
That person was most likely the person who was trying to get her to sign up in the first place. They recieve a commission for each application, sometimes up to 50$ a piece. And since the application was submitted through them without an authorized signature, it's called Fraud. That's criminal. People have filed civil suits for less though. Give it a try.
The most important lesson here is that she probably had her social security number on that form, and should have taken it home with her instead of leaving her personal information in a public place. Someone with whose agenda wasn't limited to making a few extra bucks could have used the info to steal her identity.
However, this does bring to mind some things people should do to protect themselves from information fraud:
- Shred or finely tear any documents with personal information. If it's a mailing, shred the envelope and any advertising with it as well.
- Never purchase from a telemarketer, a TV commercial, or online stores. Telemarketing firms like to share information, and hire some pretty colorful people.
- Put as little information on your check as possible (name only is best, or name and address).
- Only use your credit card for paying bills.
- Get a P.O. box.
- Don't rent cars or purchase cell phones.
This is just a shortlist of information I've been told; basically, one has to be vigilant but also realize that much of this is beyond your control.Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
This would be a matter of Identity Theaft and Misrepresentation without conscent. I think the more interesting thing to consider is that since there is a credit card involved, this could constitute as wire fruad. That is a much more serious offense than the other two.
I would have to assume that if there is a disclaimer that Visa can sell the information, there would have to be a disclaimer saying they are not liable for the information's use once it is sold. However, if the actual volume is coming in like it is, an easier route would be harrassment class action suits against benefitting parties. Their information was gained illegally, and they are liable for that. So both Visa and the Spam companies could get burned bad, if this is pressed. The person who took the application could be held responsible as well, since they accepted and processed an application without proper verification of identity.
The fact that the person got a credit card is inconsequential, or that no one else took the information is just lucky. It would have been pretty easy to just copy it to a new application and change the address.
Europe's "Data Protection" directive & the corresponding national laws make this illegal under criminal law.
The company could be fined, and the directors could go to jail.
Then again, in the UK companies used to be required to provide a "please don't sell my personal data" check box ("opt-out"). I'm not sure whether this is still legal, or whether the European law has tightened this so it has to be a "please *DO* sell my personal data" check box ("opt-in"). So she would have been able to apply without getting spam.
#include "disclaimer/IANAL.h"
dont have a credit card do you....
you have to ACTIVATE it. Usually by calling a phone number and talking to a person (Platinum cards) I dont know about the lesser cards... some might simply use a automated system.
activating the card is your acceptance of the terms.
and dont think for a minute that a credit company can't easily outspend you and your entire family in court just for the fun of it.
Remember these companies use the most innacurate and insecure database in the world to make decisions on you... your credit report.
Don't do something stupid like use the card if you dont want to pay it back.
Do not look at laser with remaining good eye.
One day my brother got a credit card in the mail. And lots of spam and calls too. Unlike the article above however, he never had any contact with these people. He has no idea how it happened. He called the credit card company and they claimed they had a signed copy of the agreement. He asked them to fax it to him. They refused, but did 'cancel' the credit card. Spam and phone calls still come though.
Stuff like this makes you doubt the quality of our judgment when we put high tech into hands of the masses. Like handing a gun to a baby.
Some of the aspects of this story sound legally questionable. For example, a credit card company's acceptance of an unsigned credit card application, in general. But also, since there was no signature, your wife (although extremely careless and naive for throwing her personal information in a public trash can) never consented to the "fine print" which was the ostensible hook for the company to distribute her info to spammers, telemarketers, other vermin. True, if someone fished her info out of the trash and used it for spamming, she might not have much of a remedy - although some states have put anti-spamming laws into effect, they typically only give a remedy against the spammer, and they make themselves hard to find and identify - who do you sue? But it sounds, from your account, like you can prove the unsigned application was actually submitted to VISA, and may be able to prove that VISA sold her info to the pond scum with knowledge that she had not consented. If that were so, you might have some kind of remedy against VISA or the bank that issued the VISA. If you are in a jurisdiction like California which has a privacy right incorporated in its state constitution, your position might be even stronger.
I would recommend consulting a lawyer who is licensed to practice in your jurisdiction. If you don't know a lawyer, try contacting law schools in your area or your State Bar Association to ask if there are any referral services they would recommend to look at a case of potential privacy violation. This is better than picking up the phone book at random.
No, no, no. This is not a sig.
Well, not exactly the same thing, but here's what happened:
Same scenario, I applied for a credit card at one of those folding table operations where they have some crappy t-shirt or something that they'll give you for filling out applications. Anyhow, I needed a card, so I filled out an application for one of the three cards that this table was offering. They pushed me and asked that I apply for all 3 but I declined, saying that I only wanted one card, and didn't need three.
I went on my way and a couple of weeks later, I get all 3 of the cards in the mail. This pissed me off more than a little, as I am sure that there must be more than one law against falsifying financial documents.
I placed calls to the customer service numbers at the two cards that I had not applied for and told them my story. In both cases I was fed a line about the applications being un-trackable.
Now, this may or may not have been true, but the real information that I took away from the experience is that the companies didn't care about this kind of behavior. Disappointing, but you have to look at the angle - how will caring about this make them any money?
The people that run these tables are paid per application. If they are not made accountable for this kind of thing, why wouldn't they do it?
So good luck, but personally I'd just get a good spam filter and be glad that it was just false submission of your data and not identity theft or something like that.
+++ ATH0 +++
One day I got one of those myriad of credit card applications.
I did the following: wrote, in large black marker across the application, "DO NOT SEND ME MORE OFFERS". Nothing else. Crossed out the entire application.
A few weeks later, I get the credit card in the mail.
I asked them for a copy of my application; but all I got was a printout of the database record, which had the same information (name, address) that was there on the original application.
Even without my signature, they accepted the application and sent me the credit card.
There's _got_ to be some law against this.
The short of the matter is that they have probably pulled a copy of your wifes credit bureau report in order to issue the card. Since she did not sign the application, which they would have had to have forged, she did not give consent to have her credit report pulled.
Reference the FCRA (Fair Credit Reporting Act) 15 U.S.C. 1681. In particular reference 604 Permissible purposes of consumer reports [15 U.S.C. 1681b]. They have used the report in a manner not permissable.
The crux of the matter is that you may sue them for violating the FCRA. Reference 616 Civil liability for willful noncompliance [15 U.S.C. 1681n]. Since they forged her signature, they have wilfully broken this law.
You can also nail their ass with this:
> RUN UP THE BILL!!! You have no contractual obligation to pay them anything.
This is patently false, and following this advice could easily land you in jail for fraud. Because you didn't sign the form, you don't owe them anything for sending you the card, but if you use it, you are promising to conform to the cardholder agreement. If you claim after the fact that it's not valid because you never signed the form, you won't be held legally liable for the debt by the credit card company. The catch is that you presented the card to whoever you bought stuff from as a valid account, which it wasn't (and they can prove you did it on purpose because you know the cardholder contract isn't valid), thereby committing fraud for personal financial gain. Go directly to jail, and end up paying the merchant for the stuff directly anyway.
I say again, ignore this advice. It's criminal.
Virg
Your redirect goes to prepaidlegal.com - known spammers.
According to groups.google.com there are 200+ reports of their spam in the sightings newsgroup. The vast majority of spam isn't reported. Having that many reports is pretty convincing evidence. The reason I checked is because I recall having been spammed by them myself.
Despite your saying "I don't want this to be TOO much of a blatant advertisement.. :)" I see that you've posted a grand total of five posts to slashdot, and at least three of those were advertisements for prepaidlegal.com.