Most of the managers have wireless phones with cameras built into them, although they are prohibited. Employees who do not need access to a phone are allowed to carry cellphones with them, and even though you’re not supposed to use them in “production areas”, nearly everybody does. Many employees have to use computers to handle sensitive data, many of them are also allowed to use MP3 players which can be connected to their workstations, those MP3 players can also be used flash drives to copy data from.

It is frightening that I could very easily compromise the security of hundreds of people every day right within my workplace, and not only have little fear of being caught, but little fear of being detected or stopped in the first place. In fact, the more hours that I work, the more hours I could spend doing this, and I would be looked at by my employer as a hard worker, and earn bonuses for doing it. Names, addresses, social security numbers, drivers license info, insurance data. The only thing stopping me, in all honesty, is the fear of God and a healthy respect for people’s privacy.

The reasons commercial databases concern me are:

First, that government can tap into them without having to abide by the Privacy Act of 1974, as amended, or get search warrants, or give even a nod to the goddamned piece of paper which is supposed to be the highest law of the land.

Second, if a company does lose or misuse my information, the government limits my legal recourse against such a company. The most I can hope for is to have my credit history restored. The company is largely shielded from liability. In a free market, I could hold the company liable for such a breach.

If the government loses my information, I have no recourse at all, except whatever they want to give me, which is even worse. Don’t think that because I go after the greater evil first that I’ve forgotten about the lesser evil.

Too glib. Implies you’re not also concerned about the commercial databases and the failure to secure them. A company who collects information about you, then fails to secure it, is just as big a privacy violator as a government. In fact, since there are thousands of companies with terrabytes of info on us, it’s logical to assume the greater ID theft will occur out of their unsecure files.

You can’t be a “Bank” in this country unless the governement says so. Since the Government can revoke (or at least make renewal difficult) a bank’s permit to operate, of COURSE they are going to do whatever is asked with gusto.

How many people, when stopped by a cop for speeding, say “I want to know the law that says you have a right to stop me, and I want to know what legal authority you have for asking for my ID, and which statue empowered you to break the speed limit to catch me without being arrested yourself,” etc..?

no – we say “Here you go, officer” – because we don’t want him to cite us for the fuzzy dice on our windshield or the cracked tail light. The credit union was responding to a request from an organization that can, quite literally, ruin them. As a manager, I would probably say “send em everything”, too.

How about the Credit Union who failed their customers by forwarding all of the info to the government instead of going through and only sending the pertinent records.

Sorry, brought back an example from my early fraud-fighting days. I called a bank (named after a large MA metropolis on the bay) while investigating a possible fraudulent charge. I asked the security investigator to contact the cardholder, but was informed that they could not perform outbound calls. Instead, I was given the cardholder’s name, address, phone, Social Security Number and mother’s maiden name so I could verify the charge with them myself.

Corporations can be just as culpable as the government when it comes to being careless about people’s data. They do things in the name of efficiency, but efficiency does not mean accuracy or safety. It just means that you have saved enough money to make a profit and pay the attorney bill when you get caught.