I received a thoughtful letter from a large accounting firm informing me that they had been counting the acquired beans of a former employer of mine and that my personal data (name, home address and SSN), which had been lying around on one of their employee’s laptops minding its own business, had been liberated by a kind soul who had released it from its imprisonment, namely the trunk of the employee’s locked car.
Graciously, the accounting firm and former employer had partnered with the holy trinity of credit agencies to provide me, free of charge, a service that would let me know exactly when the triumvirate started libeling me and my credit rating. All I needed to do was provide my personal information and the super-secret promotional code on an easy-to-complete web form.
After I had provided my becoming-less-personal-by-the-minute data and the code, I hit the Submit button. A terse message appeared, stating that my humble request for an account could not be processed and that I should email their customer support group (whose domain name didn’t match the website with which I had been interacting). I did so. A coldly automated reply (from yet another domain), which labeled my supplication as spam, said that I would be helped in the order in which my email was received.
I contacted my former employer’s amazing efficient HR department. Together, a cheerful HR rep and I embarked on a journey of exploration through divers call centers that supposedly supported these credit bureaus. The first support person, who wished to be known only as “Joel”, insisted that I provide my full name, mother’s maiden name, SSN, phone number, and email address just so he could do a database lookup. He was able to locate my information in “another department’s database” but could not grant me access to it since he worked in “a different department”. He provided another 1-800 number to which he could _not_ transfer us and told us to call them directly. At that number, “Jay” was better at verifying my personal data without demanding that I give all of it to him first. However, he was also unable to help and gave us yet another 1-800 number that we had to call directly. After I provided “Eileen” with my “personal” data, she was less helpful, insisting that I must have created an account, but it wasn’t in the database yet, and that I should try again in two hours. The HR rep said that she would escalate the situation internally and with the accounting firm and call me back.
An hour later, the HR rep had managed to find a rare beast – an expert who was local to this continent and was willing to provide his full name and direct phone number. Huzzah! Mayhap he could clear whatever database/web glitch had foiled my previous attempts to initiate this valuable fraud protection service. I would be able to complete the account creation process! Hope glimmered.
And then faded. He wanted to “walk through the web form” with me and speculated that I had given myself the “wrong” username, since they had 4 million users, you know, and I probably picked a username that already existed. Or perhaps I had filled out some other field incorrectly. That was probably it. I couldn’t possibly know my own address, mother’s maiden name, or SSN. And if I did, surely I must have mistyped it. And their databases, with their complete and accurate dossiers on me, would know and reject my pathetic attempts to authenticate myself.
Wearied, I asked them just to snail mail any appropriate forms. I would interact with their broken web forms and databases no more.
Six hours later, Customer Care responded to my original electronic entreaty with yet another 1-800 number.
At least six more people on the planet (three of whom were using call center pseudonyms) have my personal information, and I have not yet enabled this wonderful fraud monitoring system to “protect” myself from inappropriate appropriation of my data.