I noticed this as well recently while I was shopping for an SSD drive. A majority of listings are obvious frauds with no reviews.
What I also found out is that there is no way to report a listing for obvious fraud, probably to avoid deliberately flagging competitors’ products, but which could easily done by taking into account an individual customer’s credibility score/reputation/history.
I also tried to report some of these obviously fake 1TB drives about 6 months ago and found it incredibly difficult. I found the fact it was so difficult to report them more frustrating that the fact there were fake listings. I tried going through the hassle of contacting Amazon customer services. There's not option to report bad listings and the Amazon agent doesn't seem to even know what to do about it. Then eventually they say they'll pass it on to the relevant department and weeks later the exact same fake listing is still there.
Something very similar happened to me with Amazon. I used a new debit card from an online bank to purchase an expensive item and deliver it to a foreign address (which is admittedly suspicious). The payment bounced, Amazon immediately locked my account and requested to see a card billing statement sent to my home address to reactivate it. Upon login I am presented with a stern request for documentation, a pdf upload field, a tweet-sized text field for comments, and all communication comes from a noreply@amazon.com address. All my kindle/audible/etc media immediately became inaccessible.
I went through every possible channel to explain that the card does not send me a billing statement and I cannot possibly produce one, requesting to be called or at least emailed by a human, to no avail. After spending tens of thousands of dollars on Amazon over the course of fifteen years I couldn't even get a personal call from the case manager, and all my purchased media is gone.
To this day I have found no resolution, and the only next step is to contact them through a lawyer.
Stolen by Amazon. They have no incentive to get it back. Amazon hopes that you purchase it again.
Call the consumer protection services. Big tech companies are not the law, they cannot steal things from you. Even if you committed fraud in one transaction, they cannot take away your property. (Amazon will call it 'service', but accessing your property is not a service)
> Stolen by Amazon. They have no incentive to get it back. Amazon hopes that you purchase it again.
They are not the only company doing this in some ways. ISP's who provide a set top box for watching TV and downloading/streaming service to tv, do the same thing when you change you ISP. Its a form of lock in because whilst you can still get access to the purchased films, you have to jump through more hoops. Its all legal but I question the morality of it, when considering online piracy via torrent streams and then the "hacking" that companies have used to trace and prosecute the worst.
But I've learnt enough to know that everyone has their questionable practices to maximise profits/income, the lucky ones are the one's who would also be the expert witnesses in court or have been able to fly entirely the right side of the law.
There have been so many stories of users and developers losing libraries and livelyhood because they have been spurned from these "walled gardens."
The only real answer is to minimize our footprints in these closed places.
My current phone runs Lineage without a hint of Google. I keep an old Samsung for gmail and other services, but the death of "don't be evil" has meant the death of Google on my phone. They will never be back.
I have seen several people who sold on Amazon lose their accounts. I am not sure what provoked it, but the exchange is certainly not in favor of the smaller party.
And we all know what Ebay did.
I can't really say that any one abusive company's behavior is any worse. They are all tyrants with their "star chambers" and sundry courts of inquiry, and the less authority that you give them over you, the better your position will be.
We left this legal thinking behind long ago, but Apple (among others) has brought it back.
Which ISPs kill your purchased content when you leave?
At Comcast/Xfinity when you cancel all services your account still remains, and you can stream your purchased content the web or through their mobile streaming app when signed in on your account.
UK, so you purchase with a set top box you buy from them to use their additional services and then when you leave, they force you to purchase another device to watch those films like a computer to watch it on. You can no longer use the set top box to watch the purchase films on.
Well I wish that is true. But It isn't actually your property. You are only purchasing a perpetual right to use that item under the terms and condition. It is the sad state of things Silicon Valley decided ownership is no longer a thing and everything should be "service", so they gain the control of all asset management right.
There is some part of me that increasingly hate Silicon Valley.
> You are only purchasing a perpetual right to use that item under the terms and condition
To clarify for others: parent is not talking about subscriptions.
When you "buy" content on these platforms, they are not actually yours to take away for ever like a physical book. The software you consume them on e.g a Kindle or iTunes, is actually capable of remotely deleting "your" content at any time, and they are supposedly within their legal right to do so.
They have essentially hijacked the word "buy", it does not implicitly mean what it used to mean, you cannot really buy a copy of a piece of music or a book or a film from any of these large platforms today without removing the DRM and making a local copy (which is technically illegal).
My wife "purchased" a French movie on Amazon Prime Movies à few years ago (because it was pretty much the only way she could acquire it without piracy)
Recently she tried to watch it and Amazon just had "you can't access this content." Maybe Amazon didn't renew the license with publisher, maybe not, but in any case, Amazon really proved to me that no, we do not own digital content.
So, I pirated it for her. If doing things the "right/legal way" is going to screw us over because of fine print, then why bother?
This reminded me of pirating a Game of Thrones episode when I was a customer of HBO. My wife and I signed up for HBO max to watch the final season as it was airing. The quality turned out to be pathetically poor. During the Battle of Winterfell episode, the pixelation was serious enough to make the action difficult to make out.
I went ahead and torrented the episode the next day to rewatch it in all of its intended glory. Then a few days later, I got a letter from my ISP telling me that HBO was very upset with me and threatening to cut off my service. I felt compelled to send them a reply, explaining the situation and telling them to eat it.
> Amazon really proved to me that no, we do not own digital content.
Amazon does not make laws. If a thieve steals your car that does not prove that you don't own the car. The car ownership is still yours, but it has been stolen.
Would you download a car? advertisement has gone all the way around and now big companies are just stealing our property.
Part of me thinks that was the reason why Steve Jobs hated Music Subscription. He said "no" to Beats many times before his death. And why Apple ( at the time ) worked really hard to get rid of DRM in movies ( but failed ). And iTunes Music is DRM free. May be it is time to remind our self how we got DRM free music on iTunes, with Steve's "Thoughts on Music"
That's why whenever I buy a DRM-ed content like a book on my Kindle, I always download an un-DRM-ed copy from Librusec. If it's unavailable, I un-DRM it myself. This is for non-fiction where I'm likely to go back and read the book (or, more likely, its fragments) again, possibly many times. For fiction, I don't care that much - usually I read a fiction book once in a lifetime so if Amazon steals it from me or not it makes no difference. It's not like I can give it to someone like with a physical book.
Well you are not wrong, but pirating is not the answer but cracking. For example i regularly backup my Audible library and remove the DRM, not to redistribute them, but in the case Amazon closes the Audible-brand, change the Apps i can access my library, delete some of them etc (we all know what can happen and did in the past).
Same with games, if possible i buy them from HumbleBundle or GOG. And i never buy something that is bound to a platform that i really care for.
Look the audible drm is so easy to remove i am ok with it, if they change it and i cannot remove it anymore i will stop.
And yes i hate drm too, but since stallman is a extremist that supports un-free licenses (unlike the BSD and MIT) i will not listen to his wannabe rants, and i will never forgive him to change the GCC license to GPL3 only.
If i care for something i remove the drm, if i cant, i will stop buying it.
Those "unfree licenses" are the reason you're not forced to use Windows on desktops/laptops/phones/servers/toasters/supercomputers (it does none of these things well even now, imagine the world we would have if it didn't have any competition at all).
GPL puts the user's freedom first. Every developer is mostly a user anyway, unless you're writing absolutely everything from scratch like they do in SerenityOS. So I like that stance very much. If you don't, nobody is forcing you to interact with GPLed software in any way.
Exactly. Copyleft is more about "freedom for society" as a whole, ensuring all users (which includes developers) retain this version of freedom. Permissive licenses are more about "freedom" for the individual to do whatever they want, with the potential to take freedoms away from others as a result. I think the stupid anti-gpl sentiment mostly comes from American idealisms of freedom, and developer selfishness, but that's just imo. The GPL still lets you do whatever you want in the privacy of your own computer, but when you put that GPLed software into the public, you need to ensure that you give the same freedoms to everyone else to have within their own computers as well.
I think that's much more noble and kind.
But as long as it's free software, I'll still use it and be happy it is, regardless of the license.
And tbh it'd be nice if the small, loud minority of BSD lovers, GPL despisers would shut up. They give the BSD crowd a terrible look.
>Those "unfree licenses" are the reason you're not forced to use Windows on desktops/laptops/phones/servers/toasters/supercomputers (it does none of these things well even now, imagine the world we would have if it didn't have any competition at all).
BS, i use FreeBSD and no one ever forced me to use Windows, Linux on the Desktop does everything right?
They deserve the promotion, because they created useful software.
> BS, i use FreeBSD and no one ever forced me to use Windows
At some point, Windows was everywhere, you couldn't hide from it. Now, Linux provides a strong competition, forcing even Microsoft to include it into Windows. BSD, instead, served as free labor for Apple, who created a walled garden for users.
What exactly do you want to do with the code that GPL prevents you from?
This is still pirating. The fact that you don't share the cracked media doesn't change the fact that you violated the T&Cs. And I'm pretty sure they could sue you for piracy.
In the US, I don't think they could (but it may depend on the details of how you did it). They could sue you for contract violation, but would they? There's no upside for them to do so.
You have a right for a private copy in Germany too, but you are not allowed to use software who can "delete security mechanisms"...that's why it is such a BS law.
I want big corporations to abide to the law. To pirate is a patch that does not solve the problem. Let's fix that corporations do whatever they want with your digital property.
I want to buy digital movies, games, music, ... without being at the mercy of some algorithm that can automatically steal what is mine.
It's not your digital property. Look eg. at Netflix ToS, you're just buying a temporary membership in some club that will allow you access to some content, on their terms. That's not what ownership looks like.
I suspect it will be similar with all other consumer oriented content distribution services.
And so it should be considered an open-and-shut case of false advertising. The small print may not take away what is given by the large print. If the large print says "Buy Now", then the small print may not replace buying with licensing.
Yeah but if people keep pirating the corporations will groan and lobby for the sensible legislation for us. They will eventually figure out that they have no control and will ask for laws that grant rights to consumers that benefit them as well (people actually trusting them again). I think that's a good patch. We just need to incentivize them to do the right thing.
Or you can buy audiobooks from https://libro.fm/ or similar and support open formats and your local bookstores. Leave audible as a last resort, the more you buy from, the more you are 1) supporting them 2) telling then you don't mind DRMed media.
While I agree with you, it's not as simple as it seems. One of the crucial skills we have to learn in the digital age is to discard information. Historically, we have evolved as hoarders: keeping valuable things usually pays off.[0] With information, it's no longer the case. You don't have scarcity like with physical goods: there is more available than you can absorb during many lifetimes. So we need to develop the crucial skill of discerning between the top stuff you really want and need - and everything else that should be discarded. Based on my limited personal experience, this is not always easy but improves with time.
I don't get it, this is not a house with limited square footage. Discarding is of almost zero importance, in fact, you have it logically backwards because discarding incurs a cost of investing your precious time to make a decision. While retaining only requires you to have an amorphous blob somewhere, a non-event. This is especially true for things tens of megs to a few gigs. Of course not yet true for 4K videos, but we are approaching that point not year by year as cost per TB approaches 0.
By saving stuff, you future proof the high possiblity that it becomes completely unavailable anywhere online and you have the last copy. And you can easily find it by search, I have this happen all the time. In many cases the audio cassettes that accompany an old pedagogic text have been digitized by one person who shares a zip one time and then the link dies forever. Ten years later when I finally free up time to study the material, it will be too late.
The important skill: don't download or even browse crap you certainly won't use within your lifetime. It is a time sink. Develop a strong preference for only looking for things you'll immediately begin studying or have a concrete plan to study in the coming 6mos.
> One of the crucial skills we have to learn in the digital age is to discard information.
For some things yes, for TV shows and movies eh. For roughly the price of a year of netflix you could get a 14TB hard drive, which would hold six continuous months of high quality 1080p video. It's also really easy to keep those things sorted with negligible clutter and wasted time.
Information hording is not only concerned with information availability, also with information presentation, stability, liquidity (non mainstream information may be very hard to find later) etc.
It isn't always like that. If your data is on somebody else's platform (as for the author's data) your data is gone, possibly for good.
And by the way... onljne communities (and websites in general) come and go. The data you're relying upon today might not be there tomorrow (or it could get altered someway).
> With information, it's no longer the case. You don't have scarcity like with physical goods: there is more available than you can absorb during many lifetimes.
As much as this is technically true, anything not currently on your hardware can, and probably will, get snatched away from you, usually without warning, regardless of it you paid for it.
Absolute hogwash. Torrenting is easy as pie if you know the right places and know the bare minimum basics of torrenting like pick a torrent with more seeds in the quality you want. It takes less time to torrent something than find out which of the gajillion streaming sites has the thing I want to watch.
Yeah 10 episodes down a hole of anime season and you find the last ones don’t have English dubs resulting in an impending shit show to deal with because no one bothered to release it or there are no seeds for single episodes. Then there’s the subs written by someone who doesn’t know any languages apparently. Then there’s the shitty transcodes originally. Then the logistics of managing which one of the 5 members of my family wanted it and getting it to the device of their choice.
Then you find something is only available in x265 so you have to transcode it yourself so it’ll play on the kids 5 year old Samsung TV. Oh and that only supports certain very fussy audio streams.
Just no. I’m on the mark. I’ve been doing this shit for a decade and I’m tired and fed up with it. I pay ~£35 a month for all my services and that’s a bargain. It’s literally fuck all money to make the problems go away.
You could just set up a NAS and a Plex server to do the transcoding for you. In all my years I have personally never had any issues. I have had to struggle with x265 once or twice, and even then I just found a different non x265 torrent and went with that. Not that hard, there are often 10 torrents for a single show, each of varying compressions and qualities.
And I bet that you can find anything you could ever want on nyaa. If an anime/manga exists, it almost certainly is on nyaa, unless it is highly obscure in which case it may not even be there on paid streams.
Example: I want to watch the last season of Expanse. Ok, go to iTunes (Apple TV). Nope, not there (Australia). Hmmm, may be Netflix? Nope. I remember it was by Amazon or smth? Oh yeah, it's in Prime.
How much time did I just spend? And I also must pay for all of those?
Torrents:
- go to my favourite tracker
- search, find bunch of options from SD to HD with bunch of audio tracks and subtitles that not a single commercial pos offers
- copy magnet link
- paste in transmission UI
- done, took less than 3 minutes.
Whenever I feel like watching it, open Infuse on iPhone and watch it from my Emby.
When I want to stream something I go to justwatch.com, search, and then see which streaming services carry it either through subscription or for rent or purchase. Then I fire up that app or website on whatever device I like and watch.
Torrenting isn’t hard but these days neither is streaming.
Seriously it is some BS. I even spent like mabye an hour setting up the *arr tools and now anyone in my family can log into 1 site, find the tv/movies and hit download and it manages everything.
maybe you wouldn’t mind me asking: but how’s your setup work exactly?
also, for everyone: i have been looking for an easy way to allow my parents to browse torrents (via an app on their phones or tv or something), then select what they want to watch, and the movies/whatever are then downloaded on a remote pc that also hosts a plex server. they could watch whatever on plex in minutes, ideally. is there something that sreamlines this kind of thing?
Yep so I just run sonarr (for tv shows), radarr (for movies), jackett (a torrent search engine connector that the *arr apps use), deluge (for downloading things), and unpackrr (for extracting torrent rar sets) all on a single box
I have a little dashboard just providing quick links to sonarr/radarr that people can go to.
In radarr/sonarr they can search for movies and tv shows, add it to the application and it auto searches for the best download option through jackett and adds it to deluge
unpackrr will auto unpack it if it needs it
radarr/sonarr will automatically pick up the completed download and move it into the correct media directory
jellyfin/plex/whatever will pick it up and show it
everything is pretty easy to setup, i probably got it all running in 3 or 4 hours tops probably two years ago and honestly haven't touched it since.
I am a Datahoarder with almost 50TiB. I almost never delete things. I kinda view it as a mixed media library, the value is in the content youay want to consume whenever. Plus one never knows if something will be available at a later date and hard or impossible to find.
But you don't buy property anymore. You are licensed to use it under various T&C. The age of property is gone. I wouldn't be surrised to see our fav OS(ios, macos, win etc) stop working once the cloud account is suspended. For your own safety you may not use a different account either. People traded their freedom rights for apparent convenience so I guess we get what we deserve.
Kinda funny how they're driving us right back to piracy.
Digital content is not forever. If I can't purchase it and download it to my local hard drive, I'm not purchasing it.
Reminds me of those old anti piracy PSAs: "you wouldn't download a car." (note: yes, yes I would if I could).
But if the new car-buying process was "pay $20k for this Honda Civic, but just know that we are just allowing you to drive it, we can take it away from you at any time" you can be sure that either no one will ever buy cars again, or they'd just "steal" them.
If compliance is too hard or too inconvenient or just plain stupid or malicious, then people won't comply. Easy as that.
Makes me wonder what would happen with my Steam games if the publisher pulls it from the store, or what if Steam decides it won't support my system anymore (and I don't want to update).
I own a few games that got yanked from the Steam store. I can still download, install and play those games as much as I want to.
Generally this has only happened with games that are no longer developed, but if they got yanked for any other reason I believe Valve wouldn't distribute any new patches to me.
I feel like there were a few cases where this has happened, and Steam actually still had the game stored for people who had purchased to download, it was just that no one else could buy the game. Not sure if those cases were the publisher not wanting to generate bad will among its customers, or if Steam's contract with the publisher states outright that even when the game is pulled from the platform it must remain available for people who have already purchased it. Either way, it would certainly be the case that any future patches wouldn't be pushed to Steam.
On the other hand, many games (by number at least) on Steam do not have any DRM and you can back up the installed files as easily as you can back up a GOG installer. Many more games only need Steamworks which is easily bypassed.
Meanwhile Valve is actively working on making Linux gaming better (which I care about) while GOG/CDPR can't even be bothered to port their own games or their store client.
Alpha Protocol was removed from stores over music licensing issues. I freaked out because I didn’t have it downloaded, but it’s still in my library and I can download it. You just can’t even view it now if you don’t already own it.
I do this too. I don't want to have to resort to this, but I also don't want to risk Amazon taking away all of the books that I've paid for! All I want is to pay for DRM-free content.
I started buying huge stacks of DVDs from Goodwill. They are on my Plex NAS now, along with all of my music. All legally purchased. I was considering starting a donation chain where I give all of my DVDs to someone who wants to do the same, who in turn would give them to someone after they are done. It is a lot of work but my shows and movies are super fast, ad-free, and accessible from anywhere. A pleasant friction-free experience after ingestion.
Download logo’s, see how a statement would look, and create one yourself. Print it, fold it and make a photo. Always works for me when I am asked for a statement from a full digital service.
My energy provider used to perform an immediate change of address which would be visible on your latest downloadable PDF invoice. This allowed even people without the most basic computer skills to validate _any_ address.
Long story short, all those processes eventually depend on “proof” that is really easy to fabricate.
Dutch banks invented the iDin standard, some kind of oAuth with your bank that provides third parties with validated personal information, but it is not widely used and I am not aware of an international standard or initiative for this.
It's no wonder that ID fraud is so rampant in countries like the US and UK in comparison to countries like Norway that have a national ID service (BankID).
There is no way that my Norwegian bank would accept a utility bill as any kind of support of ID. Instead they send a letter to my registered address (national population register) with instructions to take it and my driving license or passport to the post office who will act as a notary and report to the bank that I am the person that the letter is addressed to.
From then on BankID (using a one time pad, SIM card, or code generator) can be used to log in to pretty much all banks and government services.
Norway is a bit unusual in the way it handles ID. In many parts of the world (including the US & U.K.) the idea of central government holding an accessible database of everyone’s identifies, and mandating participation, is cultural and political suicide.
We can argue all day about whether or not this is a good idea. But ultimately, it’s red lines we’ve drawn in the ground, and we’ve decided the trade off (such as identity theft) is worth it. In the U.K. at least, two World Wars have taught us to be wary of central government databases. We’ve seen how they can be abused people in power seeking to persecute part of a population, and even now we’re seeing it again with the U.K.s governments persecution of migrants.
At least in the U.K. there are clear and simple guidelines for undoing the damage caused by identity theft. If a bank account or loan was opened in your name, the bank has to close it and write off any losses, and they should compensate you for the trouble. If the mess you around, there’s a number of Ombudsmen and regulators filled with people waiting to take the financial organisation to task and make them really regret their obstinance (I’ve been on the receiving end of their wrath, it’s not much fun).
All of this creates very strong incentive for banks to prevent identity theft in the U.K. Unfortunately US consumer protection is lacking in comparison.
>In the U.K. at least, two World Wars have taught us to be wary of central government databases.
Speak for yourself. The anti-ID faction is basically hysterically scared of the idea of 'papers, please'. That's it, and that's why there is a specific statutory defence to not carrying your drivers licence while driving (the HORT1 'producer'), which itself has been made irrelevant by the fact that the PNC has access to the DVLA driver file database.
We need, as a society, an ID document. In the UK, we end up making it up through the use of a passport/DL and a combination of various other official letters. Young adults end up carrying their passports just so they can prove their age to go drinking - do you not see that this is a problem?
While I share concerns re biometrics etc, the idea that an ID card is somehow anti-democratic is ridiculous and, frankly, far fetched.
>At least in the U.K. there are clear and simple guidelines for undoing the damage caused by identity theft. If a bank account or loan was opened in your name, the bank has to close it and write off any losses, and they should compensate you for the trouble.
Which is fine for the consumer, if not a considerable amount of hassle, but is also the source of much financial loss. Fraud, in the UK, takes place on an industrial scale.
> the idea that an ID card is somehow anti-democratic is ridiculous
I don't think anyone invoked the spectre of 'democracy'.
A common fear of ID cards is that, once everyone is supposed to own one, some government comes along and decrees that you must carry one at all times. Then the police are given powers to arrest anyone not carrying ID; and finally, to stop and search anyone on the suspicion that they are not carrying ID.
Those fears are not "hysterical".
Also: the novel 1981 was written about a future UK.
>A common fear of ID cards is that, once everyone is supposed to own one, some government comes along and decrees that you must carry one at all times. Then the police are given powers to arrest anyone not carrying ID; and finally, to stop and search anyone on the suspicion that they are not carrying ID.
And can you point towards a European country that isn't in the grip of a totalitarian state where this currently happens?
It's typical British exceptionalism, like unarmed police and Brexit. We'll massively inconvenience ourselves out of principle, while sensible populations look on in bemusement.
>Also: the novel 1981 was written about a future UK.
I'll assume that you mean 1984, which is fiction. Orwell, after all, was English and you would expect him to write political allegories based here.
> It's typical British exceptionalism, like unarmed police and Brexit.
Odd thing to get worked up about. Not sure why you link brining guns into a potential heated situation is gonna make it any better. Most police offers don’t even want to carry a gun, I certainly don’t want police officers carrying a gun.
That got nothing to do with exceptionalism, I just think a police officers primary responsibility is to their community. We should rate them based on their ability to prevent crime through community relationships and diplomacy, not on their ability to rapidly deliver lethal amounts of lead into a situation.
We should stand up for our principles, and try and build a society to thats a fair and equal as possible, regardless of an individual quirks and differences. We shouldn’t be aiming to create a uniform society just because it economically more efficient, and removes the need for the majority to think about the needs of the minority.
Yes, of course, 1984! He was expressing his fears about the future of the UK, because he was British (and of course, because he was projecting a future, it was fiction). You are quite right.
> And can you point towards a European country that isn't in the grip of a totalitarian state where this currently happens?
No, but there are several European countries that are essentially totalitarian at the moment; and there are several European countries that are not currently totalitarian, that have required people to carry ID on pain of arrest during my memory. It's a reasonable fear.
> We need, as a society, an ID document. In the UK, we end up making it up through the use of a passport/DL and a combination of various other official letters.
A voluntary national ID could be useful, something that effectively the same as a driving licence, but available to all U.K. residents without cost. Not sure I agree we _need_ it, existing documents work surprisingly well.
> Young adults end up carrying their passports just so they can prove their age to go drinking - do you not see that this is a problem?
They can get a provisional driving licence instead, it cheaper than a passport. There’s also no requirement to use an in-date passport. Bars and pubs will happy accept an expired passport with it corner snipped, as long as the photo is recognisable.
> idea that an ID card is somehow anti-democratic is ridiculous and, frankly, far fetched.
I never made this claim. Democracies are just as capable of committing atrocities as totalitarian states, they just tend to do less frequently and with better PR. I personally think people should think seriously about who they hand their identity data too, examine what benefits it might provide, but also consider how it could be abused in the future. I like the fact that most databases in the U.K. are difficult to integrate because there’s no clear single identifier for a person, joining data requires a degree of fuzzy matching and creates opportunities to challenge government agencies.
> Fraud, in the UK, takes place on an industrial scale.
I’m well aware of the scale of fraud in the U.K., I’ve spent years developing systems to prevent it, and run full on into the issues caused by a lack of national ID. However I still believe the trade-off is worth it. I’ve seen to many examples private organisations effectively running a shadow judicial system that can prevent and individual from accessing essentials societal services, like banking, with no oversight or appeals process. A national ID would just make it easier to build these systems, and innocent people who get caught up will pay the price (for a fraudster, getting caught is just the cost of business, they go in with their eyes wide open).
The ultimate goal of society is not to produce the most efficient economic system. There are trade-offs to be made, and achieving zero fraud is far more problematic that having some fraud.
> many examples private organisations effectively running a shadow judicial system
This is exactly it. The abscence of a universally accepted identity creates an unregulated shadow system instead.
The European countries with stronger and more developed identity systems also tend to have stronger data protection laws, precisely because universally accepted identity data can be regulated.
Not really. A passport is expensive, a drivers licence isn't supposed to be a photo ID card and someone shouldn't have to pretend to be a driver in order to obtain one.
>They can get a provisional driving licence instead, it cheaper than a passport. There’s also no requirement to use an in-date passport. Bars and pubs will happy accept an expired passport with it corner snipped, as long as the photo is recognisable.
Some bars might. Others may not. In any case, you've still got to a passport in the first place, so that doesn't remove the renewal cost or the initial cost. It's also a multi-page book.
If we're going to run a provisional DL as a de-facto ID card, why not just have an ID card?
>I’ve seen to many examples private organisations effectively running a shadow judicial system that can prevent and individual from accessing essentials societal services, like banking, with no oversight or appeals process. A national ID would just make it easier to build these systems
If you're verifying someone's ID at all then those issues are going to exist. That's not a problem with having an ID card, that's a systems problem - if you use a DL, there's a URN. If you use a passport, there's a URN.
Not having a national ID card is, frankly, Stone Age. If you want to avoid the spectre of Papiere, Bitte then that is a legislative problem and not a technical one.
> Some bars might. Others may not. In any case, you've still got to a passport in the first place, so that doesn't remove the renewal cost or the initial cost. It's also a multi-page book.
Pretty much every bar does. I know this because I have several friends that used expired passports for years without issue. It’s also frequently done be foreign students, because most bar staff don’t recognise any form of foreign ID except a passport. So there’s no need to ever renew the passport.
> It's also a multi-page book.
So what? It no more difficult to carry than a small wallet or purse.
> If we're going to run a provisional DL as a de-facto ID card, why not just have an ID card?
Because the DVLA don’t want it to be an ID because it’s a pain in the arse for them. Which is good, because they go out of their way to make accessing the data difficult for any reason that isn’t driving related. Creates a nice little natural firewall against abuse.
> If you're verifying someone's ID at all then those issues are going to exist. That's not a problem with having an ID card, that's a systems problem - if you use a DL, there's a URN. If you use a passport, there's a URN.
The URNs change on each renewal or replacement, strictly limiting how long they can be used to track an individual. Additionally people can choose which document they use with each entity, and make it harder for different entities to match their IDs.
> Not having a national ID card is, frankly, Stone Age. If you want to avoid the spectre of Papiere, Bitte then that is a legislative problem and not a technical one.
Yes it is, just like paper voting. Thats a good thing, it shouldn’t be easy for future governments or corporations to track individuals without their consent.
With regards to Papiere, Bitte legislation solves nothing. It can easily be changed at a whim, our executive government almost always has a majority in the legislative house, make it trivial for them to amend legislation on whim as it suite them. Surely your not blind? You must have seen the numerous abuses of this powers from Boris’s Tory government over the past year. Just look at anything Priti Patel has worked on.
Throwing away natural defences against abuse for convenience is stupid and short sighted. There are plenty of innovative ways of working within our current ID system, while still offering a high level of convenience, without making it easy to abuse the data. Just look at any recent neo-bank to find half a dozen examples.
I find it strange that folks in the US and UK, given that these are championing modern dragnet surveillance, would recoil at the idea of government issued ID, thus forcing everyone to come up with error-prone workarounds enabling identity fraud. As a German, the idea of a bill proving anything at all is just wild.
> In many parts of the world (including the US & U.K.) the idea of central government holding an accessible database of everyone’s identifies, and mandating participation, is cultural and political suicide.
Is a very true statement. I am British but I live in Switzerland. If I want to do anything here, I send a copy of my residency permit. Bank statements wouldn't count.
The UK actually did experiment with ID cards under the Blair/Brown government. I never had one, they were only issued in a trial area. There was a campaign against it: https://www.no2id.net/ and the Cameron government (2010-brexit) scrapped the ID cards. The law was: https://en.wikipedia.org/wiki/Identity_Cards_Act_2006 .
One of the main objections was to the national identity register, which would contain biometrics and not need the card in order to query.
I'm on the fence about this. On the one hand, I'm not sure I trust the UK government to run any kind of IT scheme - they tend to pick huge consultancies, waste enormous sums of money and the result is late, 6x the price and doesn't actually work. Also the biometrics thing seems excessive. On the other hand, there are plenty of centralised databases already and if you ever want to drive a car, at least one of them prints out an ID-0 sized card with your photo on it. I would also, honestly, prefer an identity card over proving my identity with easily forged bank statements.
> n Switzerland. If I want to do anything here, I send a copy of my residency permit.
Even that would not fly in Norway. You have to close the loop with a trusted intermediary like BankID by providing a notarised copy of your ID then you can log in to other institutions using BankID's log in service.
> the idea of a bill proving anything at all is just wild.
It’s a little more complicated than that. KYC requirements aren’t that lax, but there are multiple ways of proving ID. Proof of address in the form of a bill is just one of many components that are used in tandem to prove identity. Rest assured you can’t open a bank account with just a utility bill.
As a Brit, I think the lack of ID* is fairly silly nowadays, however it's an orthogonal issue to the surveillance one.
Abuses of government power that the average person might experience here tend to come from lower levels like the civil service, police, tax office, immigration or councils. ID card databases could make that easier as they tend to be more accessible (of course, otherwise they'd not be useful). The other thing we don't want is for it to be easy for companies to demand ID for basic things knowing that everyone will have one, or future governments to be able to make carrying an ID card mandatory when in public, and for police - or anyone else - to demand to be able to see it. That situation is often derided as a Nazi Germany "papers please" police state. The idea of needing a permission slip from a state authority to breathe the pure English air is a line the majority of people would absolutely not want to cross at this point in time.
The secret services aren't something that most people think about. We don't typically worry about being mistakenly or maliciously classified as an enemy of the state. Unlike being maliciously classified as an enemy of a local councillor, which is fairly common. Also, you can be pretty sure your secret services are doing exactly the same things as ours, irrespective of what your law or constitution says.
(* Physical ID cards are a bit old fashioned though. We're planning on replacing physical driving licenses, non-citizen residence permits, etc. with digital versions. I suspect we'll end up with a national digital identity system by default without ever having a physical ID card. Some people are worried that will lead to another Windrush situation, however.)
> Norway is a bit unusual in the way it handles ID
No, it is the US and the UK which is a bit unusual in the way it handles government ID.
A functioning democratic government needs to know who is a citizen and who is not, in order to guarantee their citizen's rights. It may be a right to education, owning property and if not anything else then at least the basic right to vote.
All this require identity. You can not show up at the doorstep of the UK and demand a pension or unemployment benefits. You need to identify as a citizen with the right to this. You can not show up at the bank and demand money from an arbitrary account. You need to identify as the legitimate owner.
> We’ve seen how they can be abused people in power seeking to persecute part of a population
That's not it. All this information is available in government databases. It must be, and it is. It's just the identification that's handled differently in a select few countries.
It's not as if these countries have stronger data protection laws, to explain the weaker forms of identification. In fact, you'd be forgiven to think it is the other way around. Somehow it is only society itself which should use weak forms of identification, the same objections are not raised against certificates and two factor authentication by banks.
Having spend some time in one of the mentioned countries a number of years ago, my impression was that it is mostly a matter that this is a symbolic question of having a strong government. Contrary to popular belief, there are influential forces that desires an ineffective government, to bolster political ideas about the economy. Nowhere is this more obvious than in identification and taxation, perhaps the two most important mechanism of a modern Western democracy. This is probably not a coincidence.
The irony being that except for a register of addresses countries like the UK and the US have much more surveillance of their citizens than places like Sweden or Norway. The UK has about 1 surveillance camera per 11 citizens or so, I don't know numbers for Norway or Sweden, but from my own observations there are orders of magnitude less.
So yes the UK government might not have your adress in a register, but they know where you sleep, go to work, with whom you talk etc..
Lets not even talk about the extensive spying by the 5 eyes.
Yeah, that stat is very misleading. Those cameras are all privately owned, mostly by shops.
So unless you think there’s some great grocers government surveillance network (there isn’t, I’ve actually asked), then the government has no idea what your doing. To find out they would need to send a police officer with a warrant to every shop in the country to request the footage. Even then the footage is mostly crap (again I’ve actually seen what the police collect for investigations).
To claim that the mere existence of a camera indicates a surveillance network is just intellectual dishonesty. No one would ever claim that very laptop camera is monitored by the government, but apparently supermarket cameras are?
That is not true, there are a lot of police/government owned CCTVs in public places in the UK. They even had some initiatives, were some of those had speakers attached so the person monitoring the camera calls out "unwanted" behaviour.
I would say ignoring the fact that the US and UK have set up and are running (well the UK is really just tagging along) in the biggest worldwide surveillance operation on the planet is the intellectual dishonesty.
Also I never said that the existence of a camera indicates surveillance, that's a straw man. However, the existence of automatic licence plate tracking is definitely an indication of surveillance. The wikipedia article on UK mass surveillance is quite enlightening.
You should go and talk to some actual police officers trying to investigate actual crimes. I’ve talked to quite a few when working for a company that specialised in dealing with CCTV, and I was trying sell stuff to the police.
I can tell you with some confidence that U.K. CCTV infrastructure, both state run and private, is a complete joke, and almost completely useless. Try giving an officer CCTV footage of a bike being stolen, and you’ll quickly discover how useless it is.
> In many parts of the world (including the US & U.K.) the idea of central government holding an accessible database of everyone’s identifies, and mandating participation, is cultural and political suicide.
You mean like the IRS?
American here. Not having national ID is stupid. The government has an interest in knowing who it's citizens are.
It doesn't have a legitimate interest in knowing where I am at all times, however.
I don’t really have a super strong view either way. Here in the U.K. HMRC only knows about you if have a National Insurance Number (which isn’t mandatory) and get payed with PAYE (Pay As You Earn) where your employer collects your income tax on behalf of HMRC.
You can avoid both by only accept payments in the form of cash and bank transfers without a proper payroll. Legally dubious, but there are people out there who actually do this.
> The government has an interest in knowing who it's citizens are.
The government has an interest in many things. Doesn’t necessarily mean that individuals share that interest and should capitulate. Personally I don’t think mandatory government ID is a requirement for a well run civilisation. Interestingly Norways Bank ID is an example of how you solve the issue of ID without making it mandatory (Norway doesn’t have a compulsory National ID and only got a National ID last year), and banks in the U.K. are experimenting with something similar built on top of Open Banking.
Ultimately it’s down to the individual (in my view) to decide how much info they give to their government. But equally a government can request that info in exchange for government services, assuming that info is needed to provide that service.
> You can avoid both by only accept payments in the form of cash and bank transfers without a proper payroll. Legally dubious, but there are people out there who actually do this.
Well there's the issue, isn't it? The government has to know your identity unless you're committing a crime.
> The government has an interest in many things. Doesn’t necessarily mean that individuals share that interest and should capitulate.
This isn't an argument against the government knowing who its citizens are.
> Ultimately it’s down to the individual (in my view) to decide how much info they give to their government. But equally a government can request that info in exchange for government services, assuming that info is needed to provide that service.
Why should we be providing any service to anybody without having any information about them? So one person can show up and collect the same benefits 10x at the expense of everyone else?
At a BARE MINIMUM the government has to know your identity to determine your eligiblity to vote and to levy taxes. And both of those are so fundamental and important that I don't see how you can possibly argue that "shadow citizenry" is acceptable.
> Well there's the issue, isn't it? The government has to know your identity unless you're committing a crime.
Depends how much you earn. Below a threshold it’s entirely legal to earn income and report nothing to HMRC. Taking the stance that anyone not reporting to HMRC is tax-evading would turn the whole idea of due-process and “innocent until prove that guilty” on its head. The government should be forced to substantiate its accusations with evidence, and a lack of any record is not evidence of a crime.
> > The government has an interest in many things. Doesn’t necessarily mean that individuals share that interest and should capitulate.
> This isn't an argument against the government knowing who its citizens are.
Isn’t it? Governments should exist to serve their citizens, not the opposite (at least in a democracy). If a population don’t want their government to know who they are, that their prerogative. Nothing inherently gives a government a right to know who it’s citizens are, it might be useful and even necessary to provide certain services, but it’s for the people to decide what the trade off is, not government.
> Why should we be providing any service to anybody without having any information about them?
Yeah, that’s like my entire point. The other side of that coin is “why should citizens provide any information to government with they don’t want to use their services?”.
> So one person can show up and collect the same benefits 10x at the expense of everyone else?
Don’t know how you got to this conclusion. It totally reasonable for a government to make access to benefits dependent on providing basic identity information to prevent abuse. But if someone doesn’t want to access benefits, then why should they need hand over identity information? Equally if those benefits can be provided with collecting the information, then why should it be handed over? I should need to hand over my ID so an NHS doctor can fix my broken leg.
> At a BARE MINIMUM the government has to know your identity to determine your eligiblity to vote and to levy taxes. And both of those are so fundamental and important that I don't see how you can possibly argue that "shadow citizenry" is acceptable.
Sure, but if you don’t want to vote, or earn above the tax free allowance, then why should you need to identify yourself? And even if you do identify yourself, why should that process be centralised. Each organ of a government can figure out what they need to perform their function, and only request that data. Just because you want to vote, doesn’t mean the HMRC and the Home Office should automatically know who you are.
The UK and US are actually in the minority when it comes to compulsory national ID, albeit in good company. [0] I don't really have a value judgement on this, but would like to note, that both the UK and US have some of the most advanced surveillance states in the world, something that countries like China can only aspire to. If there is a red line drawn in the sand, you forgot to check your back.
> UK and US have some of the most advanced surveillance states in the world, something that countries like China can only aspire to.
I think that’s a little hyperbolic, the U.K. and US certainly have large surveillance states built in secret out of the public eye and public scrutiny. But China is on a completely different level, if you don’t think that’s true, then research the prevalent use of facial recognition, and the extreme forms of surveillance applied to minority populations like Uighurs. Everything in the U.K. pales in comparison.
Before you bring up the topic of CCTV and facial recognition trials, almost all CCTV in the U.K. is privately owned and inaccessible to the state without a warrant. It certainly isn’t networked into some super surveillance hub. And the facial recognition trials have been a complete farce, more a demonstration of police incompetence, than state surveillance.
China is indeed aspiring to copy western countries surveillance state, and taking it much further, but you are overestimating the infrastructure and data sharing already in place. The often discussed social credit system for example will start national operation soon, but in its absence, there is no national credit system. Ant Group was recently busted by regulators for not sharing credit data with the state [0] Facial recognition is very advanced in Xinjiang and first/second tier cities, but it is usually localized and data sharing between agencies seems very low. Life in China is full of legal grey zones, as is typical in developing countries, with things technically being not legal, but no one is there to enforce it.
I don't think that's quite accurate; I think it's true that the state can't compel access without a warrant, but in general shopkeepers quite like policemen, and will share their footage vountarily.
> the idea of central government holding an accessible database of everyone’s identifies, and mandating participation, is cultural and political suicide.
>In the U.K. at least, two World Wars have taught us to be wary of central government databases.
Well really it is a little more than a sort of Driving License. We might get away with it by calling it EuroClub Express.
> In many parts of the world (including the US & U.K.) the idea of central government holding an accessible database of everyone’s identifies, and mandating participation, is cultural and political suicide.
That's because the US and the UK are mentally ill cultures actually engaged in cultural and political suicide, so any practical, useful ideas like that are considered suspect.
> Unfortunately US consumer protection is lacking in comparison.
That's what happens when a whole country decided to mistrust their elected government and instead put their faith in corporations.
> There is no way that my Norwegian bank would accept a utility bill as any kind of support of ID.
It's not ID, it's proof of address, separate from proving identity afaik. Mtgox wanted to see ID, but because my ID doesn't say my address they also needed some somewhat official letter addressed to me on this address.
BankID with a digitally signed utility bill should be enough for AML/KYC.
I was developing one fintech app recently and I never heard of this requirement.
If I use BankID why would I also need to supply a utility bill? Or are you using the term BankID in some generic sense? BankID is the name of a company that provides a service of the same name: https://www.bankid.no/en/private/
As much as it might seem practically expedient, I'd advise not doing this.
I'm imagining a lawyer for the injured person hearing they resorted to fabricating evidence, lawyer looking sad or irritated, and telling the person there's nothing the lawyer can do for them now. At least not on the original problem, though now the person might have an additional problem.
Oh this is genius! Why aren't others doing it? My guess is that Banks have no incentive to do so? After all Auth and validated personal information is not their business anyway?
Email jeff@amazon.com. It'll hit the exec support team (even though he's no longer CEO.)
It's aggressively monitored. Jeff himself used to forward prickly ones with a ? to relevant parties, but at the very least, better than front-line support.
I hate it when companies use an "open secret" for important things like support. They're telling customers "Screw you if you're not part of the secret club!". That behavior is fine when you're a child, but for a trillion dollar company to do it just sucks.
Knowing that email address exists makes me less likely to shop with Amazon, and any startup that considers copying it should think very seriously about whether they actually care about their customers. No one should have to email the CEO to fix a basic problem.
But it's not a support trick, it's a "the executive team doesn't want to look embarrassed."
Writing the executive team isn't some trick to get real support, it's something that people figured out you could do and that executives would give vague responses to in order to save face; having seen the end result of a "write the CEO", usually the executive response is just a vague "make this go away", and the "how" of that is left to the imagination of the reader.
Please understand that it's highly doubtful that there is any official policy on what to do with support emails received at the executive level; the end result is that the person who wrote the email gets what they want, but it's not because the executive put any thought into the actual situation, it's because they just wanted an annoying person to go away and wanted to avoid bad PR.
That's all this is, a quick cost-benefit analysis of "what does doing nothing cost me here?" for some executive. For each story you read where writing the executive helps, probably there are a dozen (if not far more) met with radio silence. I've seen customers write the CEO when they were flagrantly and intentionally violating our licensing policy in hopes that the CEO would change something. I've seen them write our product VP because the customer felt they were entitled to salary compensation for the duration while an issue they had with our product was investigated.
Writing the CEO isn't a way to get basic problems fixed, it's a gamble that your particular issue and the circumstances around it are a big enough PR problem that the normal channels of raising concerns aren't enough.
> any startup that considers copying it should think very seriously about whether they actually care about their customers.
Presumably if a startup is copying Amazon it's because of their track record of making money, not their track record of showing they love customers, for the same reason companies aren't copying Google to achieve a bespoke customized nature of services and how they feel tailored to the individual.
That's exactly the point I'm making. Copying Amazon because they make a lot of money, without actually being Amazon and offering the price, range, and radical convenience of Amazon's service, is how a startup fails.
Copying any aspect of a much larger company without properly considering the impact of it on your customers when you're running a very different company is usually a terrible idea, but doing that for support and customer success is extra-terrible.
I would go as far as saying that customer service is not core to Amazon, it's purely a means to an end in some of their businesses. To my knowledge AWS isn't known for their amazing support, but it's entirely possible I'm just ignorant of it.
Not true - one can make a lot of money while being a good citizen. Not a hoard of billions, but quite enough to live comfortably on.
Yes - I slipped 'while' in as a substiutute for 'by'. Arguably the CEO of Oxfam is a 'good citizen' as part of his job, from which he earns millions. So he earns that 'by' being a good citizen. I meant that it's perfectly possible to have a well-paid job that doesn't involve exploiting people or the environment, or generally being a dick. FVSO 'well-paid'.
If 'making a lot of money' means becoming a billionaire, well, I don't think cornering the world's wealth is consistent with being a good citizen.
This also annoys me, and how people don't realize how fragile this solution is. But I think it's like moving your ssh daemon to a random high port: it doesn't change the nature of process, it doesn't provide any guarantees, and it's not the only/last thing you need to do, but it's believed to filter out enough problematic actors that it's worth doing, for both senders and receivers.
(But I get now your complaint isn't about that, and this isn't the best analogy. You're saying that this is a slap in the face to people who don't know that address; they shouldn't be likened to "attackers.")
No, they're telling customers: "If you're savvy enough to likely be able to sue us, we'll offer support."
The "open secret" approach is a high enough bar to filter out 99% of unprofitable support request, but a lower-tier than litigation. Most people will spend time with a search engine before shelling out for a lawyer.
You're thinking about this emotionally, rather than in terms of capitalism.
That's not exactly support though is it, it's just that you don't like their business model. Counterfeits are like half of what they sell these days. Hell that's what amazon basics is.
Amazon gets a cut of every sale even if a 3rd party sells counterfeits. Removing 3rd party sellers and their counterfeits means less revenue in the short term.
This has already happened with "Steve's" email address at Apple, which used to be monitored but is now mostly ignored, I suspect because of the sheer volume of traffic.
Sure, you'll get a response after emailing tcook@apple.com. But there's no guarantee that the customer service peep assigned to you will do anything to help.
I tried this approach when a client was having issues enrolling in Apple Enterprise to distribute an app in-house. Didn't work, took four months until we could release our app.
I secretly hope everyday that a competitor comes along who can produce hardware with a matching level of beauty.
Not sure why any existing hardware maker can't do it. Everyone else is producing plastic boxes of crap. That said I'll never have a mac, that whole mindset is so foreign to me.
I feel like this is extremely well known, at least 8 years ago I whined about the kindle case being shit (causing my screen to crack) and they reached out and got me a replacement
How does that work with the emails he actually needs to receive from his own internal staff though? Having a separate email that he actually uses for daily work ("notjeff@amazon.com")? I can't imagine having my customers and my colleagues bombard me at one email account and effectively staying on top of everything.
When he was actively CEO, he had an entire team devoted to sorting through those emails. They would filter the obvious spam and send the genuine customer complaints directly to him. Which usually led to the infamous question mark emails and a lot of people scrambling to resolve the issue and ensure it remained resolved. (The only time I've seen a question mark email have more than just question mark was when Jeff noticed this was a repeat problem from a previous question mark email.)
I think you'll find that quite a few senior execs don't actually handle their own email inbox. Just as they have an executive assistant to jealously guard their calendar and book all their meetings, someone is actively fielding their emails, dealing with the trivialities and junk, and only escalating the important stuf to the exec's attention.
Adrian Newey (cto of Red Bull Racing F1 team) famously has his emails printed off and then he replies in writing. His assistant types it out the following morning.
ceo's at this level have teams of executive assistants that cover all communications 24x7x365, for personal, work, and government liason. You don't think they actually read their own emails do you?
A former CEO of mine was known for keeping all his emails, forever. For this he needed special email storage arrangements from the IT team, including a laptop with a super-large HD.
If you ever turned up to a meeting and contradicted something you once said in an email, he'd be on to you in an instant.
My country of nationality, residence, and issuing bank are all different. On top of that, my name is odd for my place of residence and contains characters outside of A-Z (which makes names not match 100% on cards)
I get hit hard by anti-fraud systems.
If I budget 1-2h for any given online purchase, I have <50% success rate with Paypal and ~75% with Stripe. If I contact the bank and merchant, the issue is always with the payment processor. Trying to resolve through the payment processor goes nowhere. The only thing that can work is try again with another of my 6 legit cards (mix of visa/Mac debit/credit) and if I’m lucky it goes through. Sometimes the next day; I guess some cool down is in place.
This feels like discrimination or xenophobia with extra steps. If you’re international enough and have some bad luck, the systems will perceive you just like a scammer and will deny you service or require hours of intervention because of things like your name, location history, and nationality. (For those who haven’t noticed, sometimes PayPal will arbitrarily require you to create an account in order to complete a single payment. Nationality is required information in this step)
If it’s not something I really want provided only by a single seller, I will nowadays abort at merchants only accepting PayPal, and at the first failure of Stripe. It’s not worth the headache.
This reminds me... what about those who do not have a surname?
> Most Afghans have no surname; it is also common to have no surname in Bhutan, Indonesia, Myanmar, and the south of India.
They cannot handle patronyms, and for many people every local document (except passport and tax card) uses initials, for example. The problem is that the bank account name has initials (in many places for many people) which does not match your name.
My friend had an issue with Wise because they wanted the name to match that is on the passport, which was fine because it did. Then it started demanding that it matches his bank account name, which it cannot, because he has only initials there.
They are dealing with international customers. They need to understand these differences, but they do not.
I knew a guy with a single-character first name. He once bought an airline ticket but then got stuck at TSA who would not let him pass, despite all his ID etc saying the same thing.
A large number of web sites would not let him register at all.
Wow. This reminds me of my experience with Coinbase. I find it interesting that they don't see how troublesome all this is. There's a human on the other end of the technology, and shutting them out without a solid reason, or the ability to reasonable appeal is crazy.
As a dev I love seeing these. Makes me feel better about myself when these companies with seemingly infinite resources suck at engineering as much as I do
Yup, but when the age has been (let's say) 23 for an year and becomes 13, the software should smell a mistake.
Of course I have no idea about the actual UI. It's a bad idea to ask for the age because it doesn't update after the birthday. A birth date is much better but it's also personal data and maybe not necessary. If all a site wants to know is if you're 18, just ask it and store a boolean. If you suddenly declare that you're not >= 18 anymore, especially after using the site for a while, smell a misclick on a checkbox, ask for confirmation and explain what's going to happen.
It’s an engineering cost decision. I imagine they get single figure numbers of people making this change each year. The cost of having a developer design and implement a system to catch it, reject the change but save it in a state where it can be applied later, and automatically open either a support ticket or have an automated resolution system is far too high. Much easer to just lock the account and ask the customer to get in touch.
(Assuming there is a save button on the screen and it’s not an auto save on an input change, in which case yes it needs a confirmation dialog)
The software does smell something is off. Typically the policy in this case is that legal told them to deny then access, because they don't want to deal with the legal hassle of serving someone who just told you themselves that they're not 13 yet. (Lawyers are often unreasonably risk-averse.)
>Yup, but when the age has been (let's say) 23 for an year and becomes 13, the software should smell a mistake.
some years ago the Danish electrical company Dong (wonderful name they've since changed for 'reasons') sent me a message - give us a meter reading for your house or we will send someone around to do it and it will cost you some money, so I figured fine I don't have to do anything they do it for me for money!
next year, the same thing.
third year, the same thing. In Christmas of the third year when I was in Berlin I got an email from Dong, you owe us 15 thousand dollars (approx. translating from dkk in head), then later same day you owe us 18 thousand dollars, and finally next morning you owe us 20 thousand dollars.
So naturally I called them up and said I sure would like to know what you all are thinking (which was a lie, I didn't really want to know but I figured I better find out anyhow)
So they said they had sent someone by to read our meter and we had used more electricity and they wanted their money or they were turning it off. So I said you think I used 20 thousand extra dollars in a year?
No, the meter hasn't been read for three years and this is your fault because when we send you a notice to go read the meter you have a moral obligation to do that.
I asked what about their moral obligation to go read the meter when they said they would (which point they did not understand) but anyway since I was supposed to pay 3 thousand dollars a year (which is somewhat high for a Danish family of 3) and paid that it seemed highly unlikely that I had managed to use over two times more than I was estimated to use per year without an increase in population of the house.
It took a lot of arguing to convince them that somehow there was something fishy in the situation and they might have made a mistake, before they would put it to off closing the electricity and do an investigation.
Some months of investigation later, which involved me going to take pictures of my meter etc., it turned out they had read the wrong meter.
tldr: even obvious discrepancies that systems could easily be set to catch will not be caught and you will have to do the work to fix the problems of the organizations providing you services.
Even if it is policy, they can probably have a better lockout page or make it 'disabled' but still let you login to talk to support, get records, etc to fix things. AFAIK it's a complete lockout.
If you work inside these companies, you quickly realize that the amount of work is far greater than the amount of people to do the work, and triage is always happening. The bigger the company gets, the more there is to do.
Another falsehood programmers believe about dates. ))
When immigrants move across borders, often if there is no record of date of birth the date used is the first of January on a best-guess year, and sometimes even the year is wrong. Later this information could be updated. I know of a case of a man whose birthday (immigrant from China) went from January 1st, 1900 to some date in the late 1890s upon documentation being found, just slightly before his 100th (living) birthday.
There are, of course, also reasons for deliberately falsifying a birth date. Accessing an online service is one, false claim of benefits (e.g. pension) may be another, avoiding or enlisting in armed forces, purchasing age-restricted material, renting a hotel or vehicle, the list goes on. A robust system must account for these possibilities.
While there are relatively few people in this specific situation still alive, my grandmother was born in a country that still used the Julian calendar at the time.
Not at all. Just last week my government approved a plan to bring in thousands (I think 3000 or 9000) of immigrants from Ethiopia, a large portion of whom do not have personal documentation.
Yes, but you are designing a system based on a once in 100,000 edge case. There is no reason why such odd and rare requests can't be handled in a customer support request.
...If your customer service team are sufficiently well staffed, trained and have escalation points. In the article the customer service team couldn't even read a decision made by 'The Back End Team'.
A more realistic case for you: People make far more mistakes than you think. Having done genealogy recently, the number of documents with people messing up their own birthdate or name is staggering. On top of the much larger number of registers where someone else have taken the information down wrong.
You're seriously underestimating gow much this happens with current rates of immigration. 1 in 1000 to 1 in 5000 seems to be the correct rate in my country.
Besides, Even with 1 in 100k, with the US population of 330 million, you've created trouble for 3 300 people based on this edge case alone.
Modern example: my father, who is still living, driving, and traveling internationally.
When he was 15, his parents decided it was time for him to start driving his mother around, who never learned how to drive. They wrote down his birth year to make him appear 16. The Texas Department of Public Safety in the 60s wasn’t quite as strict about proof of identity as it is now.
Fast forward to the late 90s, and digitized driver’s licenses. Fortunately, my mother had an inkling that life for my dad might get a bit complicated with a driver's license that didn’t match his birth certificate, so she pushed him to get it corrected.
I imagine there are at least several thousand US citizens who have never lived elsewhere whose primary ID (driver’s license) shows a different birth year from the one on their birth certificates for similar reasons, and it’s a toss-up on which date they use for various purposes.
My grandmother "altered" her date of birth on her birth certificate so her husband wouldn't know she was older than he was.
That date ended up on their marriage certificate.
And then, after her husband passed away and she was approaching pension age, she realised she would only be eligible for the pension a few years later...
So DOB is not immutable.
(and another common source of DOB errors, mixing up the US MM-DD-YYYY versus the normal DD-MM-YYYY format used almost everywhere else...)
The US legal code doesn't give them a ton of flexibility here.
Coinbase has to push the boundaries of US legal code interpretation in plenty of other places... picking "letting pre-teens manage accounts" would be a dumb hill to die on.
Going into your profile on a trading app and saying "i am 12 and what is this", no matter the reason, seems like a reasonable signal that maybe you're not a customer I'm hugely concerned about retaining.
Quite common. On Discord, there are NSFW channels and before joining them, you have to provide your birth date (only once). If you set it to below 13, your account gets suspended/locked immediately.
Commonly the 1 unhappy customer might tell his story to ten of their friends or thousands+ of readers online. Fixing customer problems (especially drastic ones) carries large incentives, because those single stories will actually be observed, while the 1000 happy customers won‘t be mentioned.
The depressing bit is that they can make a rational decision to weigh that cost against the amount of money it takes to keep people happy (vs doing nothing). Not that I support it, but they might be following the financially superior option. There's a lot of incentive to get that answer "correct", so I suspect it's currently working out in their favour, even though it sucks for those of us caught on the shitty side of that equation.
While true that economies in their various forms can form unsympathetic relationships between producers and consumers, it seems that, broadly speaking, producers who align more strongly with consumer satisfaction tend to ‘win’ and those who broadly speaking don’t tend to ‘lose’ on a long-term basis.
To their credit, Apple seems to get this mostly right.
I was banned from Coinbase 4 years ago, and I am still unable, to this day, to create an account without it being banned within 5 minutes of creation and no one is able to give a reason as to why.
From having been behind the scenes of a web hosting company a while back: They almost certainly have decided that you're a scammer, and that any account you ever try to open is just an attempt to get around being banned for being a scammer.
The complete non-answers from support are almost certainly because they have that as a standard policy with people they've decided are scammers, because the genuine scammers out there are extremely good at manipulating literally any kind of even vaguely permissive support policy into enabling further fraud.
The bigger issue here is that when a company is actually good at this stuff (like that web hosting company I once worked for), there's a department specialized in handling these cases with knowledge of how to properly verify legal identities and filter out the scammers... but quite a few companies today both big and small have decided (possibly correctly, given how they're treated) that it's easier and more profitable to just skip that entirely and instead leave false positives locked out of the system permanently.
If it's in finance then unfortunately this is really just how it works in the US. If a bank has the slightest inkling that you're someone on a sanctions list (or that you have a connection to some "bad" country like Venezuela, Iran or Cuba) they'll drop you like a stone.
So yeah I agree it sucks, but the issue is not that every company which complies with OFAC is an incompetent loser. It's that the USA has declared a few countries as enemies and has some tough laws to enforce this both domestically and within its sphere of influence (foreign transactions with a "US nexus"[0] fall under OFAC). If I recall there's no upper bound on the fines for contravening OFAC and there's no leniency for accidentally breaking it even though you demonstrably tried to identify people, or were tricked. So these companies are incentivized to err on the side of extreme caution.
[0] - this is a fun one, iirc this can mean obvious things like "a company has a subsidiary or office in the USA", or "a transaction was conducted in USD" or even "an American citizen was in the room when the transaction was performed".
Traditional banks will cut you off as well. Move lots of money through your account, bounce it between a few accounts and back into your account. They'll cut you off.
In the UK I can raise this with my bank and if they don't resolve it I can raise it with the regulator, who has real teeth. Getting back on topic, who regulates Apple?
There are bank regulators in the US, it is heavily regulated. Businesses are still free to choose who they want to do business with. Banks will get smacked down by regulators if they helped laundered money so they error on the side of caution. The fact that is heavily regulated is the root cause.
That is correct. Yet it doesn't make it good. Customer focused communication even though some indicator tell you to terminate the account should avoid a "The process" situation. This is 2021, we have many amazing communication tools available.
At least in the UK, there are "tipping off" offences that make it very legally risky to tell people why they're suspended. Banks just tell their employees not to do it to avoid risk
It doesn't matter if they lose one customer by mistake if they screen out multiple fraudulent accounts this way. It's simply more profitable to do this in an automated way than to actually consider the human in the equation.
I'm not mad, I've still got my keys from 2014-ish. I only made a Coinbase account after a finance teacher in high school heard that I dabbled in crypto, and bet that he could build a better-yielding portfolio than I could. I logged onto Coinbase, spun up an account with $20 in it, and invested in Chainlink and Ether. Nowadays it's worth ~350 dollarydoos, which isn't absolutely necessary to retrieve. Honestly, it was worth it just to watch his enthusiasm crumble when his 30% APR high-risk portfolio paled in comparison to some dumbass high-schooler's prediction.
File a complaint with your state’s Attorney General, FINRA, the SEC, and NYDFS. Should help Coinbase along in recovering your account. Should take no more than an hour or two to file with all regulators I mentioned.
I'm surprised OP mentioned New York State Department of Financial Services (NYFDS), but this might be the local regulator if Coinbase's home state is New York.
I would still file with them, they can still escalate on your behalf since they are the regulator, or refer you to the agency you should file a complaint with.
My experience has been just opposite with Amazon at least their Web services. One of my account was hacked and since I don't use AWS any longer the emails and alerts were going to an email I never check. Don't remember how I discovered it but upon opening my AWS account I was stunned to see a $50,000 something bill. Amazon even raised a GST invoice for the same IIRC.
My heart sank and mind filled with questions and uncertainty.. What if AWS sues me, maybe they will settle it for half or 25%. But their customer support was more than kind to me. In every reply they assured me that I need not worry and they are working on my behalf to resolve this.
I cooperated with them in every way possible and After 16 days I finally got a reply that it was all taken care of and I owed them nothing and they didn't even suspend my account. God knows how the things would have turned out with any other hosting. I did leave them a suggestion to hard-cap the billing instead of just email alerts.
> I did leave them a suggestion to hard-cap the billing instead of just email alerts
Why would they do that? Enterprise customers are just going to pay the bill, and for small customers they get a lot of good will when they make a "special exception" and don't ask you to pay for charges that someone else fraudulently racked up.
The actual cost of providing the service to the fraudsters is probably so low that they don't have a lot of incentive to prevent the fraud, as long as there is a non-zero chance that someone pays for the fraudulent charges.
A few years ago, I was vacationing abroad, and ordered a gift from Amazon to be delivered in another country. The payment from Amex bounced for whatever reason, and Amazon permanently banned my account instantly. Difference is it says my login/password are invalid (they're not), there's no other message, no field for contact.
I lost more than 100 paid Android apps. Never took the time to recover that account, if this is even possible at all.
The damage would have been much greater with an Apple or Google account.
For traditional banks and credit unions, a physical branch is a major component in their 'anti fraud' device and systems.
Trained human experts will review documents and establish an identity.
However those systems also have financial hurdles to access. Someone with a very thrifty banking service, or someone with very little money (paycheck to paycheck poor) would have trouble utilizing such a resource.
This is unfair and systemically disenfranchising.
I would really like to see a solution to this issue from another part of 'the system' which must already validate someone's identity. A nominal and small fee should be attached, but it should be paid for by the corporation that wishes to ensure anti-fraud activity.
In such a circumstance the corporation would be compelled to also accept this validation, or optionally offer others that may be faster if a consumer agrees.
An individual under such suspicion would visit a nearby police department. Depending on the level of validation asked for said department might also try to actively contact the individual in other ways to cross-validate. If someone happens to be on vacation at the time this check would necessarily involve two departments (the place the person is at and their home area).
Such a system is costly in time for the consumer, and some money for the company. Ideally solutions that don't result in account suspension would be developed to prevent reaching this state; but a good standard for last resort default is necessary to ensure any other solution that survives is better.
If we’re talking radical changes, I’d really like to move from authentication-by-flesh to authorization-by-cryptography. Basically as opposed to have party A present identifying and (supposedly) hard-to-know information and biometrics until party B is sufficiently confident that they map to the same physical person.. authorization by cryptographic keys. Like using metamask for authenticating.
There will still need to an ecosystem of companies with the kind of services you’re talking about, but there would be a clear distinction between the “vouching” part (attest to a bank that you are who you say) vs “access” part (multi-party key custody and recovery services)
So many hairy problems (online payments fraud for example) stop existing in the same way if we move payments from pull to push and access control to utilizing cryptographic signatures.
I shouldn’t have to expose my entire identity in order for an online merchant to be sure I won’t bounce the payment. And the scenario OP is describing would never happen.
That solves the problem to one extent and makes it worse to another, and definitely doesn't solve fraud to any degree. With crypto, if a scammer cons my parent to hand over their private key, every company that relies on that key can claim that whatever account action occurs is perfectly legitimate and ignore attempts to correct problems -- after all how would you prove the transactions are illegitimate if they're signed? More to the point: how would we prove they're illegitimate better than we can now?
The way I've heard Europe handles banking (debit like) transactions with a monthly settlement list (default approval) comes to mind.
Everyone involved in a transaction would declare the perceived value of the transaction (which should agree within fuzzing to account for currency exchange). Everyone would also declare their risk aversion thresholds in advance, publicly (pushed through their bank). A maximum accepted threshold would also be declared by each party (E.G. must settle before X). An agreement of contract would involve the maximum thresholds being less than the cross-referenced risk level.
E.G.
Seller [ (< 3 days && RANGE_INCLUSIVE 0 USD TO 24.99 USD) || (< 7 days && RANGE_INCLUSIVE 25 USD TO 99.99 USD) || (< 14 days && RANGE_INCLUSIVE 100 USD TO 999.99 USD) || (<33 days && GREATER_THAN 1000 USD) ]
Buyer (happens to use the same default list as above because it's popular)
Purchase: 105 USD (laptop power adapter)
Among both lists that would fall into the 14 day category, so it would go on the books and 'clear' (like a check in the US today, but with a longer time period) in 14 days.
That gives someone 14 days to discover an identity compromise, publish the revocation certificate, and this SUSPENDS all contracts made by their key within the published clearance time windows.
They may re-sign the transactions they approve with the new "key" (accredited by certificate issuing authorities such as a state or federal government).
For any items / services not yet fulfilled suspension of delivery or limited use might be imposed if the contracts are not reauthorized.
All of the others would be part of a fraud case (or cases).
IMPORTANTLY: to change the published duration of a contract expiration to shorter would require waiting out the whole period, while lengthening it would be 'instant' as soon as the lending institution involved witnessed with their signature (and thus also published the new value).
I think that for most people, they would not be directly exposed to key material. They would rely on an enclave in their smartphone, and/or separate tokens a la yubikey. The actual private key used for each company would probably also be different.
The exact same thing happened to me, I added my own (new) card for billing and they immediatly locked my account and requested the docs, I got the same screen you described.
I had just moved countries and none of my new accounts had statements yet, by the time I got them I just get stuck in this repeat loop of upload docs, wait a few days, says invalid.
No way to get back in, all my purchases lost, no human to contact, I just don't use Amazon anymore. Very annoying
> to explain that the card does not send me a billing statement and I cannot possibly produce one
I'm sorry but this does seem extremely suspicious. I've never heard of a bank that does not provide any statements.
Sure, a debit card does not have a billing statement like a credit card, but the bank account that the debit card is linked to should provide a monthly statement where you can see the transactions. At least a downloadable PDF even if they don't send a paper one in the mail.
It's a simple top-up card, not connected to a bank account. I wrote "online bank" to simplify. What they offer is an online dashboard, a screenshot of which Amazon refused.
In any case, I didn't ask them to take me on my word, but to contact me and see if a different set of documents might be used instead.
I run an online store, we use Stripe for payment. 100% of prepaid cards issued outside of the UK (we are UK based) are declined, fortunately we have very very few of them. I have no idea if this is stripe or the issuing bank but I believe prepaid card and overseas transactions is MAJOR indicator of fraud.
Just because it isn't connected to a bank account as you understand bank accounts to be, doesn't mean it isn't connected to a bank account as banks understand them to be, and you're not entitled to request a statement.
Just because one is entitled to a bank statement as you understand this entitlement to exist, does not mean that the card issuer is obliged or interested in providing one within weeks or even months of the request, especially with the exact format that Amazon or another third party has decided to accept.
Ah I see, so you did realize that the bank responsible for your card would send you a statement, but they wouldn't send it in either the correct format, or within the necessary timeframe. Well that just sounds like a crappy situation all-around.
Here in New Zealand most banks no longer provide paper statements. I have a US Etrade account, recently they wanted a paper statement of any sort and I realised that I no longer receive anything that meets that requirement
(I could turn statements back on, I think the bank charges $5/month or some sort for that)
This is more common than one would imagine. Not all banks provide statements narrowed down to debit card usage. A bank statement does not always show the debit card number making it difficult to establish a link between the provided evidence.
That's why I don't have books with DRM in my digital library. It would be unacceptable to me that my books are no longer accessible to me by somebody blocking my Amazon account.
Hey, I'm not sure if you'll see this but I work at Amazon and can at least try to get a human for you. I can't promise magical solutions but I can get you some real person attention. Email me at my HN handle at protonmail dot com and we'll move the discussion to my work address from there.
Did you try to call their customer service? I ran into the exact same situation with Amazon once. I was trying to sign up a free trial on audible.com, and my years old account had been locked immediately. To make it worse, my AWS services is on the same account, and I was locked out from the AWS console to manage my servers. At the same time, ironically, I still got monthly bills from AWS which I can't even pay. I tried several times to provide as much information as I can on that stupid login page but with no reveal (my bank doesn't send billing statements too, it's all on their app). Finally, I found Amazon's customer service phone number on a purposely hard to find webpage, the woman on the phone was nice and said she will try to contact the relevant person for me. After hung up the phone, I made a final attempt by uploaded a photo of my credit card. The next day, my account was unlocked. I don't know which method finally worked, but it worth a try.
> I went through every possible channel to explain that the card does not send me a billing statement and I cannot possibly produce one
Offerers of online banking services take note: even if you don't mail statements to your customers, you should provide an option to generate such a statement that the customer can download as a PDF.
They probably do have a transaction log in the form of an online webpage or dashboard.
But Amazon wants a statement with a billing address and the card number.
That's one reason I only use my credit card on Amazon - it has such a statement available in case I ever need one, while most of my other cards do not.
> All my kindle/audible/etc media immediately became inaccessible.
gen.lib.rus.ec
Also lookup myannonymouse for audio books, have all the latest titles. Getting an account is pretty easy, they literally checks if you can read their account policy.
> card does not send me a billing statement and I cannot possibly produce one
I don't blame Amazon here. This is suspicios. All debit cards are linked to your bank account which always have a statement.
Also, I have found it very helpful to provide not just statement but the photos of the card, your ID and various other documentation in the PDF. It helps the support engineer realize that you are really you.
Amazon should totally be blamed. Their reinstatement process has taken a complete nosedive recently, with their review of documentation consistently inconsistent and devoid of any quality control.
I've sent them the exact documentation they requested (actually well over and above what was required) - all of it rexboxed and annotated, and each time they send it back saying the documentation is illegible or lacking in the details they require.
So what if it's suspicious? People pay hard earned money for content via services such as Amazon's. That these companies think they're justified in locking people out of the content they paid for because of some random suspicion is just insulting.
There'll come a day even the people who defend copyright won't be able to justify supporting this industry due to how badly it mistreats and abuses them. It's simply appalling how it's almost 2022 and paying consumers still get infeiror products and services compared to "pirates".
I constantly amazed how people are happy with or even try to defend practices with online purchases that absolutely no one would accept for real live items.
Just to give a car analogy, imagine your car is at your BMW dealer for repairs. While it is there you buy some new rims and pay with a credit card that is different from the card you used for buying the car. After that they refuse to give you back your car, because they say this is suspicious. Nobody would accept that.
I have an online dashboard, and Amazon won't take anything other than a card statement with my card number (all but the four last digits to be hidden) and the billing address on it.
DJI nailed the ideal form factor for consumer drones (and maybe for quadcopters in general) when they came up with the original Mavic Pro. Since then they've been experimenting with incrementally smaller form factors to find a price and size where the truly average Joe will decide to get a drone to bring on his holidays, but I'm not sure that decreasing size will unlock a large number of new customers.
On my personal wishlist for future drones are more sophisticated and precise physical controllers with better pressure gradients, and especially the ability to program flight routes to allow mixed human/automated controls – e.g. "Respond to flight controls normally, but when I press this button 1) increase altitude to 90m over the course of 15 seconds 2) rotate camera downwards by 30 degrees over 15 seconds 3) begin rotating aircraft left by 1 degree per second"
