One of my banks is threatening to freeze my account unless I disclose my residential address where I sleep at night (with proof! Thus all info that proof comes with). Their privacy policy starts with the standard “we take privacy seriously” then they go on to say deeper in the doc that they may share my personal info around to the full extent allowed by law (using weasel words that try to imply the contrary to sloppy/fast readers), vaguely to credit bureaus (who I have no contract with and who will share the data further, or leak it in a breach). This bank claims “regulations require…” No, they do not. The regs say they must collect residential address OR business address, or if those are not available an address to a family member. So the bank is bullshitting.
At the same time, another bank says in so many words: sorry to inform you we were breached. Cyber criminals have all your sensitive info. We take privacy and security seriously. We offer you a credit monitoring subscription to compensate you. If you are interested, you can share your sensitive info with that monitoring org, who in turn will share the info with their subcontractors. And anonymous access is blocked so you must also share your IP address.
In light of these two shitty¹ banks, I would like to give a big fuck you to those who say:
- “You don’t want your bank to know where you live? What are you hiding? What kind of dodgy shit are you into?”
- “You expect your bank to let you access your account from Tor? LOL. Why don’t you trust your bank with your IP address? Why don’t you want your ISP to know where you bank? What kind of dodgy shit are you into?”
- Bruce Schneiere: “cryptocurrency is a solution looking for a problem”
- “Cash is for tax evaders. You have no legitimate cause to demand cash payment or to pay in cash.”
- “A cashless society protects us from criminals & money launderers”
In the very least, we need a general right to be unbanked.
¹ I don’t mean two imply these to banks are exceptionally shitty. They are just like any bank. All banks, credit unions, etc, are shitty in the same way.
(edit) Bank B also waited several months after they knew of the breach to inform me. So I imagine there were months of backroom chatter: “can we hide this? Do we have to tell the press and the victims?” They must have spent those months debating about whether or not to tell victims. Makes me wonder how many other breaches I was exposed to by banks without my knowledge.
Indeed. That was my paraphrasing (note the lack of quotes).