I feel like signatures are completely meaningless at this point. Applying a picture of someone's signature to a document they didn't sign is certainly shady, and I hope is found to be illegal. But I think we're pretty far gone on signatures being any sort of authentication mechanism. Already you can "e-sign" all sorts of legal documents with no verification of your identity whatsoever. (Meanwhile, one time my bank did check my signature when I was withdrawing what seems now like a tiny amount of money. They decided it didn't match, and then I had to submit a new signature sample before I could have my money. This was after showing them a driver's license, passport, and entering the PIN on my debit card in front of the clerk. Several years later, different bank, I wrote a check for $30,000 to a doctor by logging into my bank with an 8 character no-capital-letters-allowed password.)
I feel like the direction that the standard is going is that you are assumed to have signed something if you benefited from signing that document. So you can't slip through the cracks by not signing something, it's just assumed that you signed it now. This fake signature is just an acknowledgement that signatures are useless. "If we issued you insurance, you signed every form. Prove otherwise." And my feeling is they will probably prevail in court on that, because signatures died a long time ago.
>Already you can "e-sign" all sorts of legal documents with no verification of your identity whatsoever.
Well, not really. If you e-sign a document, it's not like there's no traceable provenance to the signature to establish your identity. To what email were the documents delivered? What computer/device were they signed from? At what location were they signed?
Sure, all of those things can be "faked", but they really only matter if the signature is disputed. In this case, that's happened, and it will be quite easy to prove he didn't sign the documents.
>This fake signature is just an acknowledgement that signatures are useless
This is a bit of a reach. Signatures are not meant to be a secure identity measure. If the story is as explained in the Tweet, it's fraud, and that fraud can be proven thanks to what was or was not actually signed. The story doens't end with the insurance company pointing to the signature and saying, "Look, there it is".
At least in Europe, when you 'e-sign' a document, you're doing it with the cryptographically secure identity cert embedded in your ID card.
You haven't 'e-signed' anything if you haven't used your ID for it. In some countries this is a requirement for almost all docs, including signing a mobile phone contract, or opening a bank account. You'll have the same if you get a fancy Estonian e-residence.
"It isn't meant to be secure!" is ahistorical, given the difficulty of forging someone's signature by hand in a way it would fool a professional questioned documents examiner, or even someone who knew they were looking for a forgery and had a legitimate signature to hand. Just because technology has overtaken signatures and everyone's politely declined to notice doesn't mean they weren't intended to be secure at one point.
In the US Military a lot of the finance, personnel action and evaluations are all e-signed. This requires your CAC (I'd card with embedded crypto) and your PIN. You insert the card into a reader and then type your pin. Document is then e-signed.
Signatures work perfectly well in the two usual cases: one, when the service is delivered properly and as expected, and two, when the service is not delivered as expected but no one disputes that both parties agreed to it.
Where they fall apart is where there's disagreement as to whether one party actually agreed to certain things, but that's not actually particularly common. Most court cases about contracts do not hinge on "did you actually agree to this whole contract?", they're about edge cases, or wording of the contract, or a clear breach that hasn't been dealt with yet.
An important part of the value of signatures is ceremonial. The act of signing something reminds you that you're making a serious agreement and not just having a casual conversation or carelessly clicking an OK button. As long as nobody disputes that you actually signed the document, then your signature shows that you really meant it. Perhaps nowdays clicking "I have read the T&Cs" also has that same value but I hope not because it's such a mindless activity.
I wonder if the bank telling you to correct your signature was so that if you somehow claimed that you didn't want to withdraw that money after-all and that the bank did it without your permission, they could point out that you used your "serious business" signature, not your joke signature. Hopefully it wasn't really for authentication.
Maybe, but you have to sign your signature to buy a pack of gum with your credit card, which is far from serious business. (Yes, I know this requirement has gone away, but not everyone has gotten the message.)
As for the bank... they really do allow and deny checks based on looking at the signature. My problem is that I can't consistently draw a signature. Different paper/pen/surface quality throws me off. And I don't really practice... I use a pen and paper like once a month.
It's phasing out in America too, usually only when tipping on the signed receipt anymore (though some of those are even moving to pre-swipe w/o signiture). It's mostly getting the word out to smaller businesses that the credit card companies no longer care about signatures and for older POS machines to be updated.
At my pediatrician's office the norm is to sign forms without seeing them at all. The receptionist has a computer screen; the patient has a signature pad with no display. They will say "please sign for permission to treat" then "please sign again for HIPAA approval" and so on. I think you could ask to see the forms, but it would be breaking the social norms to do so. You would instantly be a "difficult" patient.
My office asked me to sign a blank sheet of forms that the doctor would fill out after our appointment. When I asked to wait until after the appointment the receptionist person huffed and said I always signed them this way. When I pointed out it was my first visit, she looked agitated and argued that it was not my first visit.
I think she wanted it so she could start prepping my insurance submission. But it’s sad to me that trying to improve a burdensome administrative system makes it casual to have patients misrepresent. Similarly to being asked to sign a form saying I’ve read the medical privacy policy, but not being allowed to see the policy.
The assumption is that patients will sign anything, which kind of defeats the purpose of patients signing anything.
I have started to write "this form was blank when I was asked to sign" with the date and my initials diagonally across the page over the fields that would be later filled.
I've had this issue with other contracts as well. People act like you're a crazy person for reading a document before you sign it - "Well it's just the normal stuff".
I always pause, make strong eye contact, and go "Oh, so you normally sign things without reading them first?"
I read my last car document carefully and they tried everything they could do rush me through it. Told them if they kept interrupting it will just waste more of their time.
Buying my house was the same. They absolutely overload you with documents and not enough time to read everything. Luckily with e signing it makes it less stressful to read.
The home buying paperwork process has improved post-housing crisis. There is less total paperwork, and much of it changed to be easier to read and understand. I've done it 3 times, once before the crisis and twice after, and I've never felt rushed. If the closing company makes you feel pressured you should push back, they should appreciate the gravity of the process.
I bought a house just over a month ago. I never met the sellers, sellers' realtor, or anyone else involved in the transaction until the closing date in person. Everything was done digitally including near all communication. I was able to take as much time as I wished to read over everything I was signing. On the closing day it I met the sellers for about five minutes and was with the lawyers for about thirty minutes. The whole process is vastly improved.
I've signed mortgage documents several times in the past few years, and I've had the opposite experience. The first time they openly scoffed at me for taking the time to read it. Took about two hours to read >100 pages.
When I bought my house, we were taken into a room with the selling and buying agent, and they read the mortgage document aloud, and asked if we had any questions after each page that we had to sign.
They said that was the law in the area. It took about 3 hours, and every party went home with a copy with the 4th copy getting filed with the county.
When I bought my house, I absolutely compared forms. I had my laptop open on the table and went over the documents line by line. Yes, I had read everything before closing but I wanted to ensure everything was correct. I had found two mistakes, one in the mortgage document and one in the title company's math, prior to closing. It pays to review these things.
The handful of other people at the signing were mildly annoyed that I was being so cautious but I didn't care. It's my money. I'm normally a polite and shy person but if I had a question and everyone else was making small talk, I would just start talking.
A similar thing happened to me. They got my gender wrong on the preliminary form! Furthermore, after telling them, they didn't correct it on the final forms! We crossed it out, corrected it and everyone initialed it, but what a waste of time.
I always read things I'm about to sign, even if it annoys the staff. It's too much of a risk to just agree and hope all will be Okay. I'll not sign stuff that has clauses about binding arbitration or mandatory data sharing with other organisations.
I was signing up for a phone and started reading the T&Cs. Two pages of super small text. The staff member was surprised and said "No one reads that, it's just standard stuff". After a few minutes he starts pressing me to sign it as their system will cancel a signup not completed within five minutes. I doubt that 5-min timeout was a deliberate attempt to coerce people to signing up without reading the terms, but it certainly shows just how little people care about that stuff if they don't account for reading time in their signup process.
I always read everything before signing, and don't sign if I don't agree, unless I can make amendments. I have made a number of ammendment to leases. Most people don't even realize that is a possibility. Some companies won't accept any ammendment, others do.
I have gotten pressure to sign without time to read on many occasions. If the issue is pushed much, I get up and walk out, if that is an option.
One office had me sign a document confirming that I had read some policy of theirs. I asked for the policy that I was agreeing that I'd seen. It took several minutes of someone running around the office digging through drawers and file cabinets to find a copy. Obviously almost everyone affirms having seen it when they have not.
Funny enough my doctors office always asks me to affirm if I have read or been told about their policy. I always check "no", and they have never once followed up on that in the many years I have been with them.
With what is at stake I'm ok being "difficult". At the end of the day the person running the desk just ensures that you have the minimum required for treatment.
In the US, at least in larger cities, one of the signatures is often to share your data on an ERM network with all doctors/hospitals in the network. I never sign this one and it's never been an issue.
Same at my doctor. I asked to see what I was signing and the receptionist said no one had ever asked before. She had to get the manager to figure out how to print it.
I had the same experience. I find it hard to believe literally ever other patient was fine with signing sight-unseen. I don’t care if I’m being “difficult” signing without reading is not wise.
Usually if you're at a doctor, you're there for an illness or a health issue you want checked. I don't think most people make their way to the doctor's office, after taking PTO or an extended lunch to go there, to then decide not to finish signing in because they couldn't read the paperwork.
One time I was having some imaging done and they had me sign forms on a tablet. One of the signatures was stating that I had received a physical copy of the forms I was signing. I asked for a physical copy before signing. They said they couldn't do that until I signed. I refused to sign.
Thirty minutes later they figured out how to print it (it took the whole office to work out how). Then I signed.
I disagree that it break social norms. If I am agreeing to something, I want to know what I am agreeing to. If I get treated like I am "difficult", I would say you should be shopping around for a different pediatrician.
The definition of social norm is what most other people think. Do you not realize that most people will just sign the form without reading or checking? That is the norm.
A social norm is what other people expect from you. It arises from commonalities within the group, but has an additional component of expectation. Not every deviation from typical behavior violates a social norm.
I don't think it's a relevant concept here, because even if the rest of the patients don't read the HIPAA documents, they also don't care whether you read them. The staff don't care either, even if they have to do a little extra work so you can.
Shouting loudly in the waiting room would be a good example of violating a social norm--people generally expect each other to speak normally/quietly in a medical office.
I was reading through the privacy forms at a local medical office before signing them, and I found they were unfinished. Many parts were blanks with instructions to "Enter contact for head of privacy here."
Same, although mine was missing the second page! It cut off in the middle of a sentence. I asked for the second page before signing and they said they didn't have it, that that was the whole thing.
The office also ignores most HIPAA regulations, leaving workstations logged in in private rooms, no screen locks, and sharing a single account amongst all staff, no 2FA.
Health privacy regulation in the USA is a joke because it's mostly unenforced. Most people just sign away 100% of their rights, and if you don't, the office will simply refuse to serve you as the forms are all integrated and non-negotiable.
Now that you mention it, POS signature pads are often the same way. They generally give you a terse summary such as "I agree to pay [grand total]" above the input box, and then they print a verbose receipt with your signature at the bottom. Although in this case, I guess your signature is really just saying that you agree to pay the grand total, not that you agree with every fine detail of the receipt.
I don't understand how this kind of situation is legal. Like isn't the whole framework that the office is making people enter into contracts so non-conducive to the premise of a legal agreement that it nullifies it?
If being made to sign a contract that you can't read doesn't go against the premise of a contract than what does?
In contract law you have to reach mutual assent so if you’ve never read a contract but they signed it with your signature it would be thrown out in court and probably grounds for a tort suit if nothing else
Sometimes I think about starting to read every word of everything I sign. When I'm in line and asked to sign something that's 50 pages long, just stand right there and start reading. Probably won't accomplish anything except to make my life more difficult though, which is why I don't do it.
Same at mine. I can see how optimizations like this at least make the most sense at a pediatrician's office, where you're likely to be holding a cranky baby in one arm as you try to check in.
This just happened to me. I wonder if the contract is enforceable at this point. I didn't agree that I'd read or agreed to the terms, they only asked for my signature.
What social norms are you talking about? I always ask to see and read anything I'm asked to sign, and I don't think I'm being "difficult" in any way. Why on earth would you sign something you've never read?
I had this happen to me at a gym once. They had a promotion where it was a fixed price for a month of access. I handed over my card, signed on the payment pad, and walked out the door. When I got home, I found an onerous contract in my inbox with my signature plastered all over it from that signature pad agreeing to automatic payments, absurd cancellation requirements, BS involving my credit, etc. Fortunately, my state had a three day right of recision, so I was able to instantly nullify it despite their protests that it must go through the cancellation process.
A few months ago I had the option to sign up for two gyms: One right by my house for $15 a month, another much farther away for $120 a month. I decided to go with the more expensive gym, not because any of the facilities were better, but because the $15 a month gym had a ridiculous number of stipulations in the contract, a 6 months notice for cancellation, minimum 1 year contract with auto renewal, ambiguous "service fees" and electronic payment fees, etc. etc. etc. The more expensive gym is month to month, cancel anytime for no reason at all, no bullshit. Well worth the extra money to not have to deal with any nonsense.
It’s funny to me that, in a society where we buy takeout to avoid having to cook, we discount the energy expenditure for the “cheaper” option in so many other contexts.
And extra $20 bucks and I never have to think about this again? Yes, please. An extra 40? Okay. I’d have to think hard about $100 though.
Oh, I was well aware. I only accepted because this was presented as a one time purchase. The fraud was when they presented the signature pad as your standard payment authorization and then transparently forged my signature on documents I never saw or was made aware of before signing.
Restating this for folks in the comments who didn't read:
When I applied for a policy, my agent provided me with an electronic signature pad at payment time. I understood that I was providing my consent to apply for coverage, and to pay for that policy. I do contract review as a part of my job, and read legal language carefully before signing.
Just before I left the building, they provided me with a folder full of informational material--a bunch of ads for state farm services and disability coverage in general, some policy overviews, etc. I set it on the counter when I got home, and planned to read it later--work was incredibly busy that week.
It turned out that State Farm had applied my payment signature to additional forms without my knowledge: a HIPAA authorization form and consent for State Farm to draw my blood and test it for HIV. I was provided neither verbal nor written information prior to signing that I was agreeing to either of these terms. I was not given a chance to review these agreements prior to signing. I didn't ask to see them, because I didn't know they were even a thing.
State Farm started pulling my health records from my old doctors. One of them thought it looked sketchy, and called me to confirm. My reaction was something like "What the fuck". They emailed me a copy of the forms, and that was the first time I learned I'd "agreed" to disclose my health records. Sure enough, they were in the folder: buried behind the ads and policy information. If I'd flipped through the folder in full before walking out the door, I could have run back in and insisted they cancel the authorization.
I immediately called State Farm, informed them they did not have my consent, and demanded they destroy any records they'd obtained. They said they'd do that. I've been waiting for them to confirm they've destroyed those records since, uh... May, I guess. The folder's still on top of my desk; I've been meaning to follow up with a HIPAA complaint. Started getting the state regulatory bodies involved, but haven't finished that process.
I had a detailed conversation with my agent at State Farm where we talked about the importance of informed consent and presenting people with paperwork prior to signing. He actually told me that not only was this standard procedure, but that he didn't actually know how to get a copy of the forms to show to customers so they could review before signing: the workflow State Farm designed didn't actually produce forms until the signature was already in place.
I don't fault my agent specifically for this; I fault State Farm's training and workflow. My understanding from talking with state regulators is that I'd have to initiate a complaint specifically against my agent, which is less than ideal. I like him and I don't want to fuck up his business, and he didn't understand that contracts require a meeting of the minds. This is, IMO, a systemic problem requiring better training and software design, and those are both State Farm corporate issues.
Don't you just have to report it? I get that this poor guy's name is attached to it but if that's the only means to fix this egregious violation of user rights, I think we have to think about what will benefit society the most overall.
As a public service, they should file a grievance against this insurance agent, and include State Farm as well. Because, if this is true, is forgery along with various HIPAA violations.
While I very much agree that how they did it is incredibly shady, the person applied to long term disability insurance. I correct me if I am wrong, but isn't it a reasonable thing that an insurance company would want to look at your medical records as a condition of you signing up for one?
My point is I really am only hearing one side of the story. If true, I wholeheartedly agree.
However, my experience with those "payments" is closer to "I have read the contract, agree to terms, etc." I am given the oppritunity to see the contract to review before I sign it, and walk out with it signed.
Also, my point is common sense tells me that state farm would want to see my medical records to make sure I am not lying about previous disabilities (we are talking about disability insurance, not car or renters insurance), and usually you sign a contract for insurance.
From a flow standpoint, I can see why state farm would only do one signature if it is all digital versus making the person sign five times, when all it says is "I have reviewed form X and agree." But if someone doesn't actually review all of the documents, then something like this happens.
No one is confused about why State Farm wants the data. The reason you're not hearing about why they want the data, is that why they want the data is irrelevant. That's not "the other side of the story", that's irrelevant information that doesn't justify State Farm forging signatures to fake consent for privacy violations.
There aren't two sides to every story, and this appears to be a case where there is only one side to the story.
Do you think that anything you've said justifies State Farm forging signatures to fake consent to violate clients' privacy? If not, why are you polluting the conversation with irrelevant information?
Being blunt, I think the poster has no idea how insurance works, and didn't bother to read anything while signing up. Now they are upset because they actually read it.
Or being less charitable, they did understand the process, and wanted to create fake outrage about it.
But the story does not add up to me at all taken at face value.
If we just start assuming posters are lying, why should I assume you aren't lying? Were you really trying to be nice to the poster, or were you defending a company that forges documents to fake consent to violate your privacy? It sure sounded like you were defending State Farm's actions, and like what you're saying now is a backpedal. What motivated your decision to stop being nice and accuse the poster of lying?
I don't see much reason to disbelieve what the poster said, given this is just a logical next step from sneaky behavior I've already seen lots of companies engage in.
I in general try to assume good intentions for someone else, and before I go accusing someone of being dumb or malicious, I like to hear others opinion.
I suggest you try that sometime. I find life to be much better when I just don't go accusing people of bad intentions like you just did to me.
> I in general try to assume good intentions for someone else, and before I go accusing someone of being dumb or malicious, I like to hear others opinion.
Is that what you think you were doing when you said,
> Being blunt, I think the poster has no idea how insurance works, and didn't bother to read anything while signing up. Now they are upset because they actually read it.
> Or being less charitable, they did understand the process, and wanted to create fake outrage about it.
> But the story does not add up to me at all taken at face value.
Let's unpack this gem:
> I suggest you try that sometime. I find life to be much better when I just don't go accusing people of bad intentions like you just did to me.
You realize I was just turning what you said back on you? My point is: it doesn't feel good does it? So maybe don't do that?
There is no problem with the fact that they want the information. However, if they want this information, they have to get his consent to obtain it. They faked that consent by putting his signature on a document he didn't sign. That's the problem.
For long-term disability insurance in Germany, they can ask for permission to get information from your doctors for conditions you've revealed during the application process, and deny coverage if you do not give them permission.
Omitting said conditions would be grounds for non-payment of benefits if what made you unable to work is in any way related to a condition they asked you about and you didn't reveal.
For private insurance in Europe you have to sign disclosure documents for all your doctors and medical history, at least in all 5 countries I have insight in. It's perfectly legal and standard.
This information is required for them to evaluate your risk and give you a price for insurance which is their core business. As a result, as I understand it, under GDPR you can refuse but they can also refuse to give you insurance as a result.
GDPR (that thing that happened in Europe) was highly focused on consent and the use of your data. IANAL but it's highly likely that you could claim you had not provided consent for the actions taken by State Farm in this case (though I wouldn't be surprised if their small print allowed such things).
Of course, just because they have attached your signature to an unseen document will likely still require a legal case to affirm that it was illegal or unethical (probably little to no case law in this area).
Playing devil's advocate, why would I as an insurance company want to insure you if I don't have access to your medical records to verify preexisting conditions?
I say that because then a person could have a preexisting condition, sign up for insurance, then go on long term disability due to the preexisting condition.
Just because a company has a financial interest in learning a piece of information doesn't make it legal to acquire that information in any possible way. Pasting a signature onto a different document sounds like a clear cut case of fraud.
I'm asking because I'm only hearing one side of the story. I have had to E-sign documents before and they always say the documents are available to reading, to which I always ask for it. I've never had an issue with that, especially with insurance companies.
Furthermore, the insurance the person is asking for is disability insurance. Common sense dictates that they will ask for medical records, and therefore need a HIPAA disclosure document.
If what the poster alleges it true, I agree wholeheartly that it should have been more clear in signing up for it, but it seems odd that the poster didn't think that state farm would ask for medical release forms for disability insurance.
TL;DR, I think there's more to the story than what is alleged here.
But why not state that rather than question begging? To everyone else, it seemed you were hammering away at some important point but without any context.
Honestly, though, so many ads for insurance say you don't need a doctor visit, or health checkup, or whatever. I could easily see customers getting confused thinking they wouldn't need to give over health documents because the ads are deliberately misleading.
Just because a business's practice is obvious to itself and those in the know, doesn't mean customers can get fleeced because "they should have known better". Caveat Emptor is kind of bullshit with such high information asymmetry.
Being blunt, I think the poster has no idea how insurance works, and didn't bother to read anything while signing up. Now they are upset because they actually read it.
Or being less charitable, they did understand the process, and wanted to create fake outrage about it.
You don't have to "be in the know" to get how insurance works. Nor to understand that an insurance company will want to do it's fact checking on someone as a condition to insure them.
The poster was not presented the forms in order to read. The poster points out that he read and reviewed everything he was given access to before he signed it. This was the insurance company not disclosing these terms.
If I'm an insurance company, it would be best for my bottom line to not pay anyone that got sick and immediately terminate their "insurance".
Literally the only thing that is stopping insurance companies from doing that is a contract, so if an insurance company is forging consent for a contract, that should be somewhat worrying.
The insurance company is well within their right to not provide coverage without that consent. They are not within their right to forge that consent, which is the issue here.
I want a million dollars. Wanting a million dollars is perfectly reasonable, lots of people want a million dollars. It's not reasonable to walk into a bank and cash a check with Bill Gates' forged signature on it.
Which is exactly what State Farm did. That's not shady, it's fraud, and it's very illegal.
This doesn't seem shady, the form the tweet posted explicitly said it authorized state farm to request his medical, employment, and other records on his behalf.
The only "shady" thing might be not sending the authorization form he signed with their HIPPA request to show the source of the signature, but revealing he's seeking a long term disability claim could also be a HIPPA violation itself...
Regardless, the form says he authorized state farm to do exactly what they did: request his medical records without further approval from him (otherwise he might have needed to fill out each additional requests manually, which perhaps was an option if he declined this, we don't know)
You seem to be repeatedly missing the point: he claims to have never seen nor signed this form. The "signature" is decidedly pixellized. The claim is that the insurance company put his name on this form without showing it to him, which both defeats the point of the form and is a crime (forgery) in the US.
As I stated in the immediately following tweet in the thread, I was not presented with those forms at signing time. I had no idea they existed or that my signature would be applied to them.
Yeah, but who issues those? The government is the obvious answer, blah blah blah Estonia blah blah, but that causes so many other issues... we already have debates over states issuing drivers licenses to “illegals” and “big brother” etc., so I don’t see this idea going over well.
At the end of the day it would require that the US government issue an ID to every citizen, green card holder, visa applicant, long term visa holder, etc., illegals be damned...
Even if that somehow happened, we now have the single largest hacking target in the world... are you comfortable with that? I’m sure not.
No we don't. Have the government HSM sign a separate key for each state for each month. Have each state HSM sign a separate key for each county for each month. Have each county HSM sign a separate key for each DMV, housing association or whatever, also only valid for a month.
No big hacking target because they keys can be locked up or reverted pretty easily and the HSM are on military bases or whatever.
I think that is remarkably ignorant. Yes, it works the same way the Chain of Trust does in your browser, but it also means that, at least for <insert time period>, there is a single point of failure.
Hardware keys being on military bases doesn’t really fix that, the weak link is still a crappy government server.
You also skipped over all the hurdles of recognizing a “person” that we will issue to anyway. Sure, we could ignore that... but then Montana doesn’t recognize signatures from Oregon.
I think you completely lost the context of the conversation, we are talking about improving signatures.
Everything you said against using private keys, apply to physical signatures.
Sure hacks will surely happens, but they already do happens with signature. At least now you'll get much more traceability and be able to invalidate what needs to be.
> You also skipped over all the hurdles of recognizing a “person” that we will issue to anyway. Sure, we could ignore that... but then Montana doesn’t recognize signatures from Oregon.
Recognizing what? You are the only one here talking about this being a proof of citizenship. Does your physical signature prove that you are a US citizen? Does it need to? I certainly hope not.
For each subsequent argument, please just ask yourself whether this issue apply to physical signature too in a way first.
More context: further tweet explains that this was all after he signed on a signature pad. E.g., it's not some sort of conspiracy against him, but what appears to be a "normal business practice", as sad as it is.
I think those signature pads are beyond creepy, especially with the way that they're being run by all these companies, where the order in which they give you the documents for examination and the order in which you actually sign them are basically reversed. I've dealt with a few of those pads myself (I think it was at a local municipality and a bank), prompting me to:
This problem is one of the aspects of IT as utilized by the business world that I straight up abhor. Never before in the history of mankind has the bureaucracy taken primacy over getting stuff done.
Unfortunately, we seem to have scaled way outside of the capacity for the typical act of contract signing to be anything but fraught with danger. At this point, If I don't have someone to talk with authorized to make and act on contractual amendments in the room, I'm reluctant to sign anything. Hell, even if they are there, I have doubts any amendments would actually be honored given the difficulty and scale of assumptions built into most forms of business automation systems.
There has to be a way to get things back on track, but I'm clueless on where to start. Legislation? Public Awareness? Education? What?
Would have been nice if they said what State Farm was. A Wikipedia search led me to this article about state owned farms in the Soviet Union: https://en.wikipedia.org/wiki/Sovkhoz
Doing some more searching it seems to be an insurance company in the US.
I wonder why no one has tried to build an AI around TOS and other contracts. It could be trained on 1000s of documents and learn what clauses people want to be made aware of, and/or provide a score from 0-10 on how bad it would be to sign it.
To head off the objections: no, it would never be perfect. Yes, there is some risk. But it could be way better for 99% of the population that doesn't read anything they sign.
Everything is legal until someone with authority says it isn't. The way the US system is set up, unless someone has violated criminal law and you can interest a government prosecuting attorney to take interest in the case, you have to hire and pay a lawyer out of your own pocket to threaten/bring a civil case. Most people do not have a civil lawyer on hand, and the costs for even beginning such a thing easily run into the thousands of dollars. Carrying something through to completion can be $20-50k in the best of cases.
There is a tremendous power imbalance between private people and large corporations with civil lawyers on staff.
Imagine signing in the hacker news with only a username and no password... That's what credit card numbers are. Passwords / pins aren't even a good solution either: some sort of pki/cryptographic signatures are.
As always it is all about intent. Did the OP agree to have his information disclosed in return to getting disability insurance?
If they did then there is no problem here.
It seems that people are getting hung up on the wrong issue. Filling in and signing endless pieces of paper at the doctor's office is the most annoying experience. I wish my signature was applied directly.
Of course, I would like to be informed of what I agree to in simple brief terms. Putting massive documents in front of me that will sign automatically anyway makes no difference.
There is actually a major problem. Signing is not (anymore, at least, hopefully ...) (JUST) an authentication mechanism. It's a legal / contractual device that embodies the notion of consenting to something at some point.
Importantly, when you sign anything, there's not just the text of the contract or agreement. It also features the date (and usually place) of the signing. How does that square with the insurance company using someone else's signature on their behalf? Ignoring all else, the mere presence of the date on the document presented on that tweet implies that it is a claim that soandso signed the document on 05-16-2019.
The law is not all about intent. Lawyers carefully worded a contract with a lot of very specific details. The lawyers' employer clearly intends to enforce that specific contract, and they attached a signature in a way that in my opinion, does not prove he agreed to that contract.
If there's intent to be discussed here, it's State Farm's intent to enforce a one-sided document as though it was a legally binding contract. If they pull that off, unfortunately the law starts caring an awful lot about the actual content.
So fuck them and fuck anyone who defends them. This is exactly what is wrong with the US health system and we don't talk about it enough.
The first few bullet points scream "you authorize SF to get your medical information and history". This is an application for long term disability, so they are trying to prove he's medically disabled by getting documentation from an authoritative source, which could only be accomplished by going to the doctors offices and insurers directly.
Isn't this basically power of attorney? He signed a form that explicitly stated he authorized SF can get his medical information (along other things). What's the purpose of such a form except to NOT go back to him to sign 12 documents from different companies to release info one by one?
My interpretation was that this document was what he signed, since his tweet talked about his signature being on a form authorizing more specific things
I feel like the direction that the standard is going is that you are assumed to have signed something if you benefited from signing that document. So you can't slip through the cracks by not signing something, it's just assumed that you signed it now. This fake signature is just an acknowledgement that signatures are useless. "If we issued you insurance, you signed every form. Prove otherwise." And my feeling is they will probably prevail in court on that, because signatures died a long time ago.