Sometime during the week, I got a notice from Experian that my personal information may have been compromised. This notice was sent to T-Mobile customers who applied for T-Mobile service, and includes info such as birthday, social security numbers, name, address, etc. In consideration of my information being exposed, Experian offered me two years worth of credit monitoring for free. Almost certainly, legally speaking, if I accept the credit monitoring, it would be considered a legal settlement and I can't pursue it further. After all, the monitoring mitigates the damage.
Here's the problem- I am not a T-Mobile customer, have never been a T-Mobile customer, and don't even have any cell phone contract. I'm a month to month customer, as is my son, and there's no credit check for a month-to-month service. I am not exaggerating- I think the last time I had a cell phone contract was in the 1990s.
So why am I getting this letter?
There's a few possible explanations. First, my son's cell phone service is through a carrier that uses the T-Mobile network. Before that, his carrier decided to stop offering cell phone service and recommended that all of their customers switch to T-Mobile. I find this possibly the most likely choice, but it's problematic (I will get to that in a moment).
Second possibility: my ex-step-daughter has used T-Mobile in the past, and I have evidence she has not switched her license since moving out over a year and a half ago. This may have released my address, and possibly my name. Depending on what information the credit reporting agencies get, I suppose it's possible that my social security number is linked with that address. So when she turns 18 and gets a cell phone plan, they ask for her ID and run a credit check. The address gets pulled up and possibly my social security number (again, depending on the info they get), and when the info was breached, it included my info, despite my never having anything to do with T-Mobile directly. I find this less likely.
Third, it's a mistake. Because my son's cell phone carrier uses the T-Mobile network, it auto generated this letter. However, since I'm not on contract, my info wasn't actually released. This is another likely possibility.
The reason the first explanation is so problematic is that it means I truly have no control over my info. Even when I choose to not deal with a company, my info is sold to that company and I can't opt out. In other words, I don't have the option of avoiding the risk unless I completely refuse to have a cell phone. If my info is sold and I cannot opt out by refusing to have a cell phone contract, then my information is at risk simply because I own a cell phone. To phrase it even more succinctly- I don't have any real risk mitigation options in the modern world.
As a future lawyer (specifically one focusing her practice on information privacy/cyber-law), this disturbs me greatly. The law is big on determining who should have the blame. In certain states, if you are even one percent at fault for something bad that happened to you, you cannot recover*. That leads to an obvious question- am I at least one percent at fault for owning a cell phone? After all, I could have opted out. It's not something I was forced to accept, and I willingly purchased my son a phone and paid his monthly service fee. I believe there is a good chance the court would see me as at least 1% responsible, which means I can't recover anything.
Let that sink in for a minute... I refuse to enter a contract with ANY cell phone carrier because I don't want to share personal information. The business isn't profitable enough for them, so they sell what info they do have to another company as part of a buy-out. If I accept the credit monitoring, I can't later complain that they never should have had my info to begin with. And if I decide that I'd rather complain about that, I can't recover anything because I willingly had a cell phone- like almost every other non-Amish citizen of the United States.
*This is fairly rare these days, but quite a few states do still bar recovery if you are more at fault than the other party.
References:
Finkle, J. (2015, October 1). Millions of T-Mobile customers exposed in Experian breach. Retrieved October 26, 2015, from http://www.reuters.com/article/2015/10/02/us-tmobile-dataprotection-idUSKCN0RV5PL20151002
No comments:
Post a Comment