Jeremy Clarkson recently published his bank details in an attempt to prove that you can’t get ripped off that way. He promptly got ripped off, and apologised for giving out misleading information. He’s come in for some abuse, and I find myself in the unheard-of position of defending him.
If you’d asked me yesterday I’d have said the same thing as Mr Clarkson (admittedly I might have double-checked before writing it in a newspaper). He might have been wrong about what was possible, but it’s pretty stupid that it’s possible to take money out of someone’s account using only their account number and sort-code. My details are on my debit card, my cheque book, and if anyone wants to pay by bank transfer (it being 2008, and all) I have to give them information that would allow them to take money from my account. That’s broken. Is the onus on us to only deal with completely trustworthy people? I’m aware that direct debits can be cancelled as required, but it’s a b0rked system that doesn’t allow anyone to pay you – by anything other than cash – without also letting them steal from you1.
Saying ‘how hard can it be?’ is usually asking for trouble, as the answer is often ‘surprisingly so’, but Paypal works, doesn’t it? People can pay me via email, and a one-way password encryption (although I don’t know if they use this) means no worries about them leaving everyone’s details on a train.
Privacy campaigners have made much of this. I’m always suspicious of anything that makes privacy campaigners happy, since they’re, generally speaking, mental. They make the occasional valid point, but it’s usually so mixed up in batshit crazy anti-government paranoia that I can’t be bothered listening any more. All too often it’s about making sure no data is ever revealed rather than minimising the risks of said data. That’s never going to work! Mistakes get made, that’s just how it is. The way to combat identity theft shouldn’t be to make sure you don’t reveal any details, it should be to make those details useless. This doesn’t work for medical records, or the threat of crazy people getting hold of your address, but it’s still, I’d say, rather important. I’ve no idea how easy it is to fix – surely biometrics will be eventually be able to solve the problem? – but the storage of personal details isn’t going to go away, and endless whining about the evil capitalist monopolies who want to (prepare yourselves for this) show you adverts (privacy campaigners die if exposed to adverts) and governments who might, at some point, do something unspecified but evil with your address and personal details, is unproductive.
Hmm. That somehow got ranty. Back to work.
- possibly only in roundabout direct-debit-y ways [↩]