FC: Responses to "Why credit bureaus help society"

[Declan McCullagh <declan () well com>]

[Well, Dan Klein's essay sure drew some heated responses. --Declan]

**********

> Date: Mon, 11 Sep 2000 19:20:40 -0400
> To: declan () well com
> From: Ed Mierzwinski <ed () pirg org>
> Subject: klein posting
>
> Declan-- Several people have forwarded to me your politech () politechbot com
> post on "Why credit bureaus protect privacy, help society, by D.Klein." I
> debated Dan Klein back in the early 90s at the Cato Institute. I have a
> copy of an article somewhere from back then -- a libertarian journal
> reprint I think -- that I am sure this chapter is based on. He is certainly
> entitled to his opinions, which I disagree with pretty much 100%!
>
> Of course, after the Klein article came out, Congress saw fit to agree with
> PIRG and Consumers Union to make major changes to the Fair Credit Reporting
> Act in an attempt to improve credit bureau accuracy and privacy protections
> (although we lost ground in a few areas and admitted it at the time).
>
> I actually think, as far as it goes, that the FCRA comes closest of any US
> laws to implement MOST of the Fair Information Practices or FIPs. Where it
> falls short is mostly in circumstances where exceptions have been carved
> out by powerful special interests and where technology has made the law
> obsolete. As an example, credit and underwriting decisions are or will
> increasingly be made by massive financial conglomerates -- relying only on
> information generated from their own virtually unregulated in-house
> databases, not based on info from the highly regulated third party credit
> bureaus. These decisions will not be subject to the FCRA. This is one
> reason we need to enact an overarching privacy law that applies FIPs to all
> uses of sensitive consumer information.
>
> Anyway, I now wonder what the other chapters are like. Hope they've got
> some by people like Rotenberg!
> Ed Mierzwinski

*********

> Date: Mon, 11 Sep 2000 22:52:04 -0700
> To: declan () well com
> From: "J.D. Abolins" <jda-ir () njcc com>
> Subject: Re: FC: Why credit bureaus protect privacy, help society, by
>   D.Klein
> Cc: dklein () scu edu
>
> Declan, thank you for providing the URL to this interesting paper.
>
> In some ways, the paper reminds me of Stephen Nock's Cost of Privacy where 
> Nock traces the development of credentials including credit cards over the 
> past century or so.
>
> First, a quick mention of Nock's main concept for the book: Modern concept 
> of privacy is dependent upon being in a society of strangers. The 
> difficulty is establishing reputations (or trust) in a society of 
> strangers. So teh "cost of privacy" is surveillance in the form of 
> credentials (such as credit cards, credit ratings, degrees, licenses, 
> etc.) and ordeals (such as urinalysis drug tests, polygraphs, etc.).
>
> In an early chapter of the book, Nock traces the ancestry of modern credit 
> system to the credential of full membership in some US religious 
> denominations. Unlike most modern religious affiliation, earlier practices 
> in various churches was to require extensive examination and screening of 
> prospective members. The full membership attested to the current 
> trustworthiness of the person and the value of the status coupled with the 
> difficulties in regaining it should it be lost made the person a 
> relatively safe risk even though a clerk of a tavern owner did not know 
> the person directly.
>
> To hook a little bit into Mr. Klein's paper, the person lost a good 
> measure of privacy being investigated by the church (and these 
> examinations were far more intrusive than most people today would ever put 
> up with) and in return the person carried a credential of trustworthiness 
> allowed strangers to extend a measure of financial and other trust.
>
> To eliminate the initial loss of privacy, a person would either forgo the 
> credit and easier avenues of establishing trust or the person would have 
> to spend time to be know by others in order to establish a reputation. 
> That, too, entails, some loss of privacy.
>
>
> Spinning off to a different view of this subject, a year or so ago, a 
> private investigator on one of the surveillance tech lists I'm on posted 
> an essay on why he "invades" people's financial privacy. His basic point 
> was that the subject of the investigation initiated the process that lead 
> to the "invasion" by seeking another person to provide money or goods on 
> credit. If that trust was abused by not paying for the debt nor making 
> reasonable provisions, then it is fitting for the PI to use all kinds of 
> means to find the person and his assets.
>
> On still angle tangent, I might have missed it in the paper but I find the 
> non-directly-financial uses of credit info to establish reputation an 
> interesting borderline topic. Some employers for example use credit and 
> other financial information in hiring decisions. There is an obvious 
> connection with positions involving handling of finances. But there are 
> many other job situations where an employer may consider the info 
> valuable. In intelligence and similar fields, the potential for comprise 
> of the employee via financial inducements is important. Elsewhere, the 
> financial info might point to some questions about the person's character 
> and decision-making abilities. Then there is the stress factor. Can an 
> employee who is fending off creditors concentrate upon the job? Or did the 
> financial blemish come out of a problem such as gambling?
>
> In such considerations, the use of credit info can indeed seem like the 
> common notion of gossip. Yes, it can be painful for the person who has 
> difficulty getting a job because of bad credit and finds further financial 
> difficulties. Some people at this point would seek the government to do 
> something via regulations. This is a bad solution. First, there is the 
> freedom of the employer and others regarding speech. Second, the 
> government interventions short circuits some viable options for 
> difficulties that come out of stigmatized credit. For example,  the job 
> hunter can work on ways to compensate for the bad credit by presenting 
> skills and assets valued enough to offset the credit; by seeking job 
> positions that are less concerned with the credit info; by working to 
> repair the credit problem. One good thing about modern credit records 
> compared to some older forms of reputations is the limit of so many years 
> for most blemishes. One is not ruined for life.
>
> There are some things about credit info handling that I don't like (such 
> as the overuse of the SSNs) but the government regulation in the name of 
> privacy is going to cause more problems. One jumbled situation is Ron 
> Paul's bill to restrict the use and collection of SSNs. I hope it really 
> get applied to the government, one of the major overusers of the SSNs. 
>From the credit reporting agencies, this bill is considered a problem 
> because the SSN is considered an very useful identifier. As much as the 
> SSNs are problematic, the restriction on the sharing of the SSNs by 
> private entities once they have them is contrary to freedom of speech. A 
> better solution is to deal with the info on the collection end allow 
> people to refuse to give the SSNs and use other options for info 
> verification, etc. Thus people are free to speak and they free to select 
> what is disclosed.  The tricky part is that to maintain freedoms, private 
> parties retain the option of not providing services. Here, the customer 
> demands for options can work by encouraging some vendors to provide 
> optional identifier modes.
>
> Again, thank you.
>
> J.D. Abolins
> Meyda Online Infosecurity & Privacy Studies
> http://www.meydabbs.com

*********

> Date: Mon, 11 Sep 2000 19:00:22 -0400 (EDT)
> From: Jonathan Rowe <rowe () essential org>
> To: Declan McCullagh <declan () well com>
> Subject: Re: FC: Why credit bureaus protect privacy, help society, by D.Klein
>
>
>
>         Is this guy equating a magazine article which is open to all and
> to which subject can respond, to a credit report which the subject may
> never see?  jr

*********

> Date: Mon, 11 Sep 2000 22:52:04 -0700
> To: declan () well com
> From: "J.D. Abolins" <jda-ir () njcc com>
> Subject: Re: FC: Why credit bureaus protect privacy, help society, by
>   D.Klein
> Cc: dklein () scu edu
>
> Declan, thank you for providing the URL to this interesting paper.
>
> In some ways, the paper reminds me of Stephen Nock's Cost of Privacy where 
> Nock traces the development of credentials including credit cards over the 
> past century or so.
>
> First, a quick mention of Nock's main concept for the book: Modern concept 
> of privacy is dependent upon being in a society of strangers. The 
> difficulty is establishing reputations (or trust) in a society of 
> strangers. So teh "cost of privacy" is surveillance in the form of 
> credentials (such as credit cards, credit ratings, degrees, licenses, 
> etc.) and ordeals (such as urinalysis drug tests, polygraphs, etc.).
>
> In an early chapter of the book, Nock traces the ancestry of modern credit 
> system to the credential of full membership in some US religious 
> denominations. Unlike most modern religious affiliation, earlier practices 
> in various churches was to require extensive examination and screening of 
> prospective members. The full membership attested to the current 
> trustworthiness of the person and the value of the status coupled with the 
> difficulties in regaining it should it be lost made the person a 
> relatively safe risk even though a clerk of a tavern owner did not know 
> the person directly.
>
> To hook a little bit into Mr. Klein's paper, the person lost a good 
> measure of privacy being investigated by the church (and these 
> examinations were far more intrusive than most people today would ever put 
> up with) and in return the person carried a credential of trustworthiness 
> allowed strangers to extend a measure of financial and other trust.
>
> To eliminate the initial loss of privacy, a person would either forgo the 
> credit and easier avenues of establishing trust or the person would have 
> to spend time to be know by others in order to establish a reputation. 
> That, too, entails, some loss of privacy.
>
>
> Spinning off to a different view of this subject, a year or so ago, a 
> private investigator on one of the surveillance tech lists I'm on posted 
> an essay on why he "invades" people's financial privacy. His basic point 
> was that the subject of the investigation initiated the process that lead 
> to the "invasion" by seeking another person to provide money or goods on 
> credit. If that trust was abused by not paying for the debt nor making 
> reasonable provisions, then it is fitting for the PI to use all kinds of 
> means to find the person and his assets.
>
> On still angle tangent, I might have missed it in the paper but I find the 
> non-directly-financial uses of credit info to establish reputation an 
> interesting borderline topic. Some employers for example use credit and 
> other financial information in hiring decisions. There is an obvious 
> connection with positions involving handling of finances. But there are 
> many other job situations where an employer may consider the info 
> valuable. In intelligence and similar fields, the potential for comprise 
> of the employee via financial inducements is important. Elsewhere, the 
> financial info might point to some questions about the person's character 
> and decision-making abilities. Then there is the stress factor. Can an 
> employee who is fending off creditors concentrate upon the job? Or did the 
> financial blemish come out of a problem such as gambling?
>
> In such considerations, the use of credit info can indeed seem like the 
> common notion of gossip. Yes, it can be painful for the person who has 
> difficulty getting a job because of bad credit and finds further financial 
> difficulties. Some people at this point would seek the government to do 
> something via regulations. This is a bad solution. First, there is the 
> freedom of the employer and others regarding speech. Second, the 
> government interventions short circuits some viable options for 
> difficulties that come out of stigmatized credit. For example,  the job 
> hunter can work on ways to compensate for the bad credit by presenting 
> skills and assets valued enough to offset the credit; by seeking job 
> positions that are less concerned with the credit info; by working to 
> repair the credit problem. One good thing about modern credit records 
> compared to some older forms of reputations is the limit of so many years 
> for most blemishes. One is not ruined for life.
>
> There are some things about credit info handling that I don't like (such 
> as the overuse of the SSNs) but the government regulation in the name of 
> privacy is going to cause more problems. One jumbled situation is Ron 
> Paul's bill to restrict the use and collection of SSNs. I hope it really 
> get applied to the government, one of the major overusers of the SSNs. 
>From the credit reporting agencies, this bill is considered a problem 
> because the SSN is considered an very useful identifier. As much as the 
> SSNs are problematic, the restriction on the sharing of the SSNs by 
> private entities once they have them is contrary to freedom of speech. A 
> better solution is to deal with the info on the collection end allow 
> people to refuse to give the SSNs and use other options for info 
> verification, etc. Thus people are free to speak and they free to select 
> what is disclosed.  The tricky part is that to maintain freedoms, private 
> parties retain the option of not providing services. Here, the customer 
> demands for options can work by encouraging some vendors to provide 
> optional identifier modes.
>
> Again, thank you.
>
> J.D. Abolins
> Meyda Online Infosecurity & Privacy Studies
> http://www.meydabbs.com

*********

> Date: Mon, 11 Sep 2000 14:04 -0500
> From: "Tower, Peter A." <Peter.Tower () fiserv com>
> Subject: Re: FC: Why credit bureaus protect privacy, help society, by
>  D.Klein
> To: declan () well com
>
> I went looking in vain for the signpost that would tell me when the author of
> this conclusion was done with his tongue-in-cheek statements.  Let's see, 
> where
> should I start.  Perhaps my credentials would help.
> I spent 11 years in the collection industry, 8 of those managing disparate 
> data
> retrieval, data reporting and skip tracing tools for the 9th largest 
> collection
> agency in the country.  I lectured at seminars at Drexel University on
> information retrieval and how it affects indivudual privacy.  I invented and
> shopped an information retrieval tool for use in hospitals.
> On average, it is reliably estimated that 40% of the data reposited in the
> databanks of the 3 remaining national credit bureaus is either incomplete,
> incorrect or out-of-date.  To their credit, the bureaus spend a lot of 
> time and
> money to try to maintain the integrity of their databases, but concurrency is
> based on what various companies report to them and when they do so.  It costs
> man hours to assure that the data about your consumer is current and correct,
> and these days that emphasis has slipped.  There are various means of redress
> that a consumer can utilize to request correction or deletion of the data on
> their CBR (Credit Bureau Report).  If that fails, a note can be added
> explaining, briefly, their side.  Too bad that the companies requesting 
> the CBR
> never see it these days.  Most transmissions of this data are now electronic
> and utilize sophisticated rating algorithms that provide income to the
> bureaus.  The few people who actually will look at either a paper printout 
> of a
> CBR or have it on screen, are collection agencies and the like.  A bank loan
> officer will have most of the research done for them by their sophisticated
> data links in advance, thereby negating any possibility of any human judgment
> interfering in the loan qualification process.
> As far as the professor's conclusion that a stranger may gain assurance of
> trustworthyness via credit reporting references, they couldn't care 
> less.  Most
> of the time, the institution interested in your financial profile is 
> utilizing
> rating algorithms and electronically assessing risk, and an individual 
> doesn't
> have the means or the access to pull your CBR.
> In reference to the ratings promulgated by consumer magazines.  I would 
> rather
> learn from a user in the real world how a product functions than use a 
> computer
> model.  I wonder if a computer model would have had the information that
> Firestone tires were allegedly (have to be careful here!) underinflated to
> 26lbs in order to improve the lateral stability of the SUV being tested.  A
> programmers assumption would have been to utilize the standard norms for the
> industry (29+lbs) instead of  the variance that may have caused the 
> results we
> now have.
> Obviously the professor needs to take a stroll down reality lane and breathe
> the air there.  Perhaps his perspective will change, along with his
> conclusions.

*********

> From: Paul Sholtz <paul () privacyright com>
> To: "'declan () well com'" <declan () well com>
> Cc: "'dklein () scu edu'" <dklein () scu edu>
> Subject: RE: Why credit bureaus protect privacy, help society, by D.Klein
> Date: Mon, 11 Sep 2000 15:57:17 -0700
> X-Mailer: Internet Mail Service (5.5.2650.21)
>
> wow - this is wrong, so wrong..
>
> I have nothing against using personal information as an accountability
> mechanism. Trust is that which is essential to a communications channel but
> which cannot be transferred from a source to a destination using that
> channel. This is why we have open-source review of cryptography software. It
> is why employers check references on prospective employers.. and, it is why
> lenders will check the credit history of prospective borrowers -
>
> nothing wrong w/ that..
>
> what I have a problem w/, though, is using personal information for economic
> gain, via marketing, etc, w/o the notice or consent of consumers (and, as
> Mr. Klein observes, the credit bureaus do precisely this -- in fact, I would
> wager they get MOST of their profits in this manner).
>
> I'm not alone - many consumers have a problem with this. They would prefer
> that their personal information not be used in this manner; or at least if
> it IS used in that manner, than they should receive some form of
> compensation for it...  Corporations, in turn, would prefer that personal
> information be put to profitable, financial use.. so we have a conflict
> between two parties over their preferences in the use of information..
>
> For resolution of this conflict, I would turn to Dr. Ronald Coase, an
> economist with the University of Chicago -- Mr. Coase won the 1991 Nobel
> Prize in Economics for his observations and discovers on the significance of
> transaction costs and property rights for institutional structures, and the
> economy at large.
>
> Coase argues that in a conflict between the preferences of two parties (like
> we have between credit bureaus and consumers), the final outcome will be
> determined by an economic calculus and (assuming reasonably low transaction
> costs) will result in the same outcome regardless of the allocation of
> property rights.. So in this case, who should have rights to the property
> (i.e., personal information?) Coase argues that property rights should
> belong to party that can resolve the conflict at the lowest possible cost.
>
> What is critically important to understand about electronic networks (like
> the Internet) is that w/ the advent of electronic commerce, a reversal has
> occurred in which parties are in the position to act as the least cost
> avoider in the context of personal information. Before the Internet, you
> could plausibly argue that the transaction costs involved for consumers
> setting prefernces over the use of thier personal information was high, and
> that therefore corporate organizations (such as credit bureaus) should keep
> the property rights to this information.. w/ the Internet, it's no longer
> economically feasible to maintain this argument...
>
> I would also argue that the price of personal information is being held at
> an artificially low value due to the existence of a monopoly equilibrium in
> the privacy market, held in check by organizations such as credit bureaus,
> that have a strangehold on the flow of personal information - that's a story
> for another time..
>
> I would also like to comment on Mr. Klein's observation that the personally
> identifying information collected by credit bureaus isn't that "bad", i.e.,
> name, address, SSN, etc, and that it doesn't contain medical histories, or
> other "sensitive" things, and so that it's OK for credit bureaus to be
> trading this information..
>
> In general, privacy concerns, and the conflicts in interests over
> preferneces of its use, will arise whenever ANY personally identifying
> information is collected and used.. doesn't matter if it's a name or a
> medical history. Finally, that credit bureaus collect SSNs in the first
> place is wrong - SSNs are crappy numbers (an estimated 4-12 million are
> false, invalid or ambiguously assigned) for many reasons, including that the
> number has no checksum.
>
> I wonder which credit bureau "funded" this research??
>
> Paul Sholtz
> PrivacyRight, Inc. - www.privacyright.com
> Chief Technology Officer






-------------------------------------------------------------------------
POLITECH -- the moderated mailing list of politics and technology
You may redistribute this message freely if it remains intact.
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------