back to article 7-year-old faces M&S Inquisition

Calls by the Information Commissioner for organisations to stop hiding behind the Data Protection Act (DPA) fell on deaf ears this week as Marks and Spencers insisted on a seven-year-old giving official permission before an operator could talk to his mum. The Information Commissioner’s initiative was timed to coincide with the …

COMMENTS

This topic is closed for new posts.
  1. Stef
    Thumb Down

    Ahem...

    "because of 'data protection laws'."

    Jesus H Christ, what is wrong with these morons. Are these the same data protection laws that prevented the examiner giving reasons as to why my work colleague's son failed his driving test? Yup, they wouldn't tell him or his driving instructor why he failed his driving test because of 'data protection laws'.

  2. Anonymous Coward
    Stop

    Idiots in control

    WTF does that operator think - the boy bought the suit as a secret surpise for himself?

    Please, please, please stop using the DPA as a cudgel to beat people senseless with idiotic suggestions that people cannot talk about stuff cos of DPA. If you come across this, please throw the person out of the window (if on first floor, take stairs to achieve useful height)

  3. dervheid
    Unhappy

    "a gold mine for lawyers "

    Sums it all up, really!

  4. Matthew Bartlett

    I remember this...

    When I was involved in a car accident and was in a coma. My Mum was sorting things out so my bills continued to be paid (I always take out cover for this sort of thing).

    The credit card company was a pain. My mum was on the phone to them for 4-5 hours until they finally sorted it out.

    The reason? We need to talk to your son before we can do anything. They would not accept the fact that I was in a coma meant I could not come to the phone but that my bills still needed paying.

    In contrast the car insurance were no problem at all and helped my Mum to sort out everything and I had money for a new car waiting when I got out of hospital.

  5. AC
    Flame

    good old daily mail.

    I find it quite funny in a bizarre sort of uncomfortable ironic way.

    The mail story made me laugh though,

    the M&S operative even admitted "he had even had to speak to a four-year-old before."

    yet M&S say "It was a one-off human error" ... sounds more like at least a two-off to me.

    Perhaps they need fire this idiot and employ some people who have at least one brain cell? At least we know what gordon clown's next job won't be.

  6. SynicNZ

    The kid is 7

    By law he s too young to give consent!

    One must be 16 to give consent to anything

  7. Tim Spence

    Lucky kid

    I wish I could get a free Hulk outfit every time a call centre pisses me off.

  8. Richard Harris
    Paris Hilton

    What's good for the goose...

    Why is OK for the police to use laws for purposes they were never intened for, such as using terrorist laws to spy on dog owners and give teenages criminal records for having a fake ID so they can by a bottle of cheap cider. Yet it's wrong when companies use the DPA for purposes it was never intended for?

    I don't agree with the misuse of the DPA, but laws are being misused all over the place

    Paris, because if she used the DPA, there'd be nothing worth watching on the Web!

  9. Anonymous Coward
    Thumb Down

    Jees

    Better not buy any nappies from M&S or you could be waiting till your kid learns to talk before you get any customer service.

  10. Roger Pearse

    Lack of civil rights

    This wouldn't happen in the US; because the little lad's mum would reach for the nearest lawyer who would promptly bill M&S a fortune for violating the boy's constitutional rights. But in this country, only the rich and pressure groups have any access to the law. Consequently it doesn't matter what legal rights we might or might not have; none of us have any means to enforce them. We must plead with some petty official to protect us, and they mostly can't be bothered.

    We need a way to enforce our rights. Empower us, not officialdom.

  11. P.Nutt
    Paris Hilton

    Call centers as useless

    I am not surprised this sort of things happens, I am only surprised it is not reported as often. I opened a savings account for my new baby daughter and proved her date of birth etc as you usually do. About a week later the phone rings from the bank asking to speak to my daugter. Eventually I found out she was calling to offer my girl car insurance!

    Paris as even she can read date of birthday!

  12. Alex Walsh
    Thumb Down

    Par for the course

    My wife received her first statement for a HSBC credit card last week but hadn't received the card. A simple matter of calling up and telling them it hadn't arrived.

    Unfortunately not. It took 4 people over 20 minutes to sort out something this simple. First of all they wanted to card number, something she couldn't give as she has never had the card. Then they wanted they last couple of transactions, of which there weren't any as she has never had the card. And so it went on. And on and on.

    She's never called them before so has no telephone banking password set up, not accessed her account via the internet, so has no internet password set up.

    How can major organisations get things so wrong?

  13. Anonymous Coward
    Paris Hilton

    Not just overpriced stupidity

    But M&S overpriced stupidity

    Paris .. even she gave up on M&S and its dumb ads

  14. Anonymous Coward
    Thumb Down

    Vodafone are just as bad

    I rang Voda as I needed a phone number retrieving from a past bill - as I had deleted it but knew I had rang it at a certain date and time.

    When I got through, I authenticated myself with the usual PIN number, account details etc. I was then told I couldn't have the number off my own bill, as it was against Data Protection. When I tried to explain that I obviously was who I said I was because I authenticated myself, the call center monkey just said "sorry, I'm not willing to break the law for you".

    Classic.

  15. Allan Dyer Silver badge
    Flame

    Outraged!

    I'm outraged that M&S could use such an obviously insecure method of confirming identity. The caller could have asked any 7-year-old to answer the questions! They should have asked him to do an RSA signing operation (in his head) using his secret key!

    <remove tongue from cheek>

    As long as a package arrived, they didn't need the identity, or to confirm the identity. They only needed two questions:

    "What's the tracking number on the label?"

    "What's missing?"

    "We're sending it now, have a nice day."

  16. Allan Dyer Silver badge
    Joke

    NSFW CP

    You linked to a picture of a 7-year-old in his birthday suit!

  17. Slik Fandango
    Thumb Down

    Some examples of such idiocy...

    This reminds me of some stuff that I have come across...

    Worked for a charity for Deaf People, and some of the interpreters would help when a Deaf client gets a nasty letter from their bank.

    The number of times that the bank asked to talk to the Deaf client was mad - but we only need to ask their permission...

    hmmmm

  18. Anonymous Coward
    Anonymous Coward

    Orange and my 14 year old

    I had a case when my son changed his phone. The operator wanted to check his details, so I put him on. Of the 5 questions he was asked, 4 of them he turned to me to ask the answer.

    He also had problems understanding her as she had a strong French accent. (I thoought she sounded lovely!)

    H

  19. Anonymous Coward
    Unhappy

    Better safe than sacked?

    Look at it from the view of the call centre workers for a second here - obviously this was a case of taking it way too far, but generally you'll get chewed out or stuck in a disciplinary if any call you're monitored on shows any deviation at all from standard DPA policy.

    As you've probably guess I am one of these workers (tech support), and I've usually been able to work around the restriction by giving out general advice (i.e. nothing involving any account access etc) but the whole DPA thing is drilled into us because the companies are so scared of ending up in court (or worse in the press) about a breach.

    Ultimately it's one of those tricky balances, but in todays legal climate who isn't going to err on the side of caution?

  20. Dominic (The Pimp) Connor

    Why are people afraid of data protection laws anyway ?

    The Information Commision Office has the job of shielding big business from public complaints. Look at how it is covering up for BT over Phorm,

    One might as well complain to a company's PR department as the ICO

  21. Anonymous Coward
    Stop

    Reminds me of my loan at Harvey Norman..

    Picture this.

    Sitting in my office, niece day outside, getting through the day's work.. and a phone call on my mobile comes in (unregistered number of course).

    "Hello, this is Tom, can you confirm your address please?"

    "Huh?"

    "Yes, this is tom from HFC; I need your address to confirm your identity."

    Yeah, right I'm going to give you my personal details just because you say so. Riiight.

    Fast forward a bit, and I get a vaguely threatening letter from HFC with Harvey Norman's invoice. Ok, now it's clear: Harvey Norman's banking facility is HFC.

    Go to call them, and I think.. two can play that game.

    "Hello, HFC how can I help you"

    "Hi, this is your customer can you confirm your address?"

    "No, I don't give out personal details over the phone."

    Funny thing is, the above is exactly as it happened.

  22. Anonymous Coward
    Anonymous Coward

    Got my own back!

    A few years ago now I had a letter addressed to my Dad who had never lived at the address I was at, at that time, it had his full name and middle initial which I thought wierd. I phoned him and he said I could open the letter, it was from a debt collection agency for a water bill for an address that again he had never lived at.

    So I phoned the debt agency asking why I had received this letter and the call centre monkey said "We send out collection letters to everyone of this surname" I asked how they got his name as he had never lived at this address and asked if they could confirm the middle name as it is a rather unusual middle name. They said they couldn't due to the data protection act, (which is a bad thing to say to me) but if I could tell them my Dad's middle name they would be able to confirm if it was meant for him. I replied I cant give you his middle name its against the data protection act, the monkey was rather stumped and after a few seconds of hearing the clockworks working away as they thought of a response I said good bye and hung up.

    I urge other people to do the same, its a great feeling of satisfaction.

  23. TeeCee Gold badge
    Joke

    Re: Vodafone are just as bad.

    Maybe you should have said that you weren't you but were working for Hewlett-Packard...........

  24. Anonymous Coward
    Flame

    Unfortunately...

    Many of our laws are so badly written that the general public (to whom they apply, strangely) don't have a clue what they mean. The "laws" that we actually obey are therefore arrived at by a public consensus which attempts to interpret a mixture of hearsay, rumour.and more-or-less uninformed articles in the press about what the actual legal text means for our daily lives.

    This mix is, of course, spiced up by self-interested statements from commercial bodies, trade organisations and pressure groups which seek to take advantage of any ambiguity in the law as written - and there is usually plenty of scope - to influence public behaviour to their advantage, or to persuade the public to tolerate some aspect of their own behaviour.

    In an ideal world, we'd be able to ask the police or the courts to clarify the law. But the police don't know any more than the public and the courts are too expensive and risky (why would you go to court to clarify whether what you're doing is legal if there's a 50% chance you'll end up in jail?). So we just accept the "consensus" about what's legal and what isn't and get on with it.

    Regrettably, the government has little interest in passing clearer laws as they are one of the worst offenders when it comes to imparting spin.

  25. Graham Marsden
    Flame

    Welcome to "Cover Your Arse" Britain...

    Unfortunately all the stories above are just classic examples of CYA which we are seeing more and more in this country :-(

    Because we now have the sort of "No Win, No Fee" ambulance chasing litigation which has blighted the USA, laws and safeguards that have been put in place supposedly to protect *us*, the public, are, instead, being abused and exploited by businesses and even Councils and elected officials simply in attempts to excuse themselves from any liability should something go wrong.

    In other words, instead of these people and groups actually trying to *help* us, they're going out of their way to *hinder* us and protect themselves.

  26. Anonymous Coward
    Anonymous Coward

    At 16

    Imagine the problems you get when a "child" is 16, something we in further education deal with all the time. You get irate parents ringing up asking is their "child" at college. Whats their attendance.

    How about you get the estranged father of a child asking for their "child's" address. Whats their attendance, do they still attend.

    Its a murky area not helped by the prat at M&S.

  27. Ken Hagan Gold badge

    Re: Lack of civil rights

    "This wouldn't happen in the US; because the little lad's mum would reach for the nearest lawyer who would promptly bill M&S a fortune for violating the boy's constitutional rights. But in this country, only the rich and pressure groups have any access to the law."

    Er, you must have been asleep when the compensation culture arrived in the UK. Your remedy here is the same as in the US. Get a no-win no-fee lawyer, and if you can't persuade *any* lawyer that you are likely to win, maybe you aren't.

    Civil rights are just a right to take the other guy to court. Always have been.

  28. Darren B

    Why is a 7 year old confirming details?

    Why did they already have his identity on their systems? Isn't this where the DPA comes in protection of data held, not on data gathering. They do need his consent to send him marketing but not to talk to him or his representative.

    This seems a little bit odd.

  29. Thomas Silver badge

    @AC "Better safe than sacked?"

    "Ultimately it's one of those tricky balances, but in todays legal climate who isn't going to err on the side of caution?"

    Today's legal climate is nearly no different from the climate at other times; if anything has changed it's the reporting. So we see big stories about a man suing a supermarket because they delivered a leaflet that caused his dog to try to jump too high and hurt its spine, we never see the follow-up story a few weeks later when a judge laughs the stupid man out of court and saddles him with costs.

    Next time you read a newspaper story about data protection or human rights laws, don't forget to pay attention to whether the case has yet been subject to a court hearing related to its facts.

  30. Luke Wells

    I can see this coming ....

    "Jobsworth Day Nursery, how can I help?"

    "Hi there, I would like to sign my 9 month old son up to your nursery on Wednesdays and Fridays please"

    "I'm sorry madam, due to data protection laws, I am only allowed to speak to your son in connection with his daycare, could you please put him on the phone"

    "urrrble awawawh awhhhhh weebleuegghghhg awababbbbaa"

    "ok thankyou for confirming your postcode, you can now put your mother back on the phone"

  31. Anonymous John
    Coat

    @Reminds me of my loan at Harvey Norman..

    I had something a few years ago. A caller (who turned out to be legit) asked for my mother's maiden name. I couldn't get him to understand that there was no way I'd give that sort of info to an unidentified caller.

    Mine's the blue one with the red "S" on the back.

  32. Mark Cavanagh

    Stupid, but needed

    Unfortunately, many people only see the, granted in some cases stupid, security checks from their point of view. i.e they are the account holder, and thus why ask me the questions.

    However, companies use the strict policies so that you don't end up calling on a regular basis to report misuse of the account. Add to that the number of 'research' companies that call to try and obtain details.

  33. Anonymous Coward
    Anonymous Coward

    Sometimes it's easier just to impersonate the other person

    I knew someone who was the attorney (not a lawyer) of an elderly relative with Alzheimer's. So she was legally empowered to run all her affairs, and in fact she was the only person entitled to sign her cheques for her - that aspect of things worked fine. However, dealing with banks on the phone was always hard work as the call centres didn't seem to be set up to cope with the situation of person X being the only person entitled to operate the account belonging to person Y. So, to save time, sometimes she just pretended to be the person she was representing, and on one occasion she allowed the call centre operator to continue in her belief that this was her own account, and her name was "Ms Attorney".

  34. Anonymous Coward
    Anonymous Coward

    Children can give consent

    @ SynicNZ

    That's not true, a child under 16 can give consent, provided it is to a contract of a type normally entered into by a child in his or her circumstances. For example a ten year old living on a remote Scottish island could enter a contract of carriage to the main land, although a child living in London probably could not. They simply do not have full contractual capacity as an adult would.

    If children couldn't give consent they wouldn't be allowed to ride buses, buy Mars bars or go to the cinema on their own. All of these are contracts, and all require some form of offer and acceptance.

  35. Ferry Boat

    Sexy voice required

    This is not just a call centre idiot, this is an M&S call centre idiot.

    You pay more for quality.

  36. Andy Turner

    If he was a *proper* superman

    He wouldn't have given away his true identity!

  37. David Cornes
    Thumb Down

    MS muppet

    Surely under Parental Responsibility the mother had full right to speak and act on hehalf of her SEVEN YEAR OLD son anyway??

  38. Anonymous Coward
    Paris Hilton

    Idiocy

    This is the problem with call centres. It's nothing directly to do with the DPA. It's call centre workers forced to read out a script and only say the words on their screen. Probably the script says "Tell them you can't do it because of the DPA". And these days you even get speech recognition software that ensures all your workers stick to the script. It's a wonderful way to run a business.

    As an aside, what on earth is that "The Story of Stupid Aid" website about? Utterly incomprehensible. "He had earlier literally created a vehicle for his creativity consultancy work, ‘the world’s smallest conference centre’, a two-seater car to cater for 1:1 consultations at conferences and special events." "In his study and teaching of creativity he believes flexible thinking is at the heart of creative thinking." "He was also developing his expertise in word of mouth communications and was sensitive to the need to brand and make any message sticky. He knew from experience that you may need a legitimizer to help sanction an idea which might be regarded as outrageous." NOW THAT'S STUPID!

  39. Anonymous Coward
    Thumb Up

    Ha ha!

    They tried that with my young kids they would have a lot of fun. They hate using the phone and just about manage "Hello Grandma!", then off to get on with more important stuff like chasing the cat up the garden or leaving the lights on all over the house!

    Typical officious num-nuts in charge decides that all the low level people, who have to take the flack from customers, are not allowed to exercise any common sense or discretion of their own so we end up with this kind of stupidity. The stupid leading the blind.

  40. Phil Tanner
    Happy

    @Reminds me of my loan at Harvey Norman

    I had the same thing with Halifax bank when they rang me.

    "Can I speak to Mr Tanner please"

    "Speaking"

    "Can you confirm your mothers maiden name please"

    "Once you confirm my account number to me"

    "I can't give out that information until I've confirmed who you are sir..."

    "I won't confirm any personal details until I know you're who you say you are..."

    Round and round it went until they hung up on me.

    2 months later they rang back, and have obviously changed their policies... I had

    "Hello Mr Tanner, can you confirm your identity please? Your postcode is W1B 5 - can you tell me the last 2 digits please?"

    Similar situation continued for 3 or 4 questions - a nice solution all round I thought.

    Common sense win - for once.

  41. Anonymous Coward
    Paris Hilton

    RE: Idiots in control

    Who else saw that program on the telly last night about benefit fraud? The people receiving and checking the forms are equally as moronic as the people fiddling the system. So yes, the idiots ARE in control. Common Sense - no - it's not allowed. Stick to the protocol, never make decisions yourself or stick your neck out and guess what.... you'll be fine in your little jobs. Oh and funny how all this benefit fraud has been going on all this time while nuLabour are in control? Anyway I'm off now to read the nuBOFH.

  42. Anonymous Coward
    Anonymous Coward

    Disbelief`

    Stef

    You wrote "Yup, they wouldn't tell him or his driving instructor why he failed his driving test because of 'data protection laws'."

    I find this a little hard to believe as everyone who fails or passes is given a performance sheet which indicates what major and minor mistakes you made during the driving test. I would suggest a visit to a solicitor if this is the case. The court can order the test be resat at the DSA's expense.

  43. Anonymous Coward
    Anonymous Coward

    Data Protection Act is now officially a sham

    Let us be clear. the DPA has nothing to do with protecting the individual's privacy, despite its name.

    The DPA is designed to permit the government and private sector (i.e. everything that is beyond the individual worker drone) to horde vast amounts of information but never to confirm or release any of it. All it does is legalise the storage and non-disclosure of your data and protect these groups from being accountable for holding any of the data.

    Those in favour of repeal say aye.

  44. Dave

    Dodgy

    It's quite obvious that M&S are employing paedophiles. They are obviously using the customer service phone system to get access to youngsters in order to groom them. Do M&S carry out checks to ensure sex offenders aren't operating for them and taking advantage of youngsters?

    If people want to be awkward/stupid......then you fight fire with fire...

  45. mark Silver badge

    wtf????

    "the call handler insisted he could only speak to Jacob because of 'data protection laws'."

    WTF? did the kid use his credit card to pay for it?

  46. Quentin North
    Flame

    HSBC do this also

    HSBC asked to speak to my girlfriends 6 year old son to get his agreement that they could allow his mum to operate his account on his behalf. She put him on the phone, and predictably, he did not understand the question. The result was that they would not allow his mum to operate the account until she went in person to the account branch with various forms of id and completed a paper form filling exercise.

  47. Thomas Baker
    Thumb Down

    But of course the law doesn't protect you...

    ...when an organisation or the goverment want to abuse it. I've had a great deal of personal information about me spread to whoever was listening by a DWP worker. You write and complain and invoke the Data Protection Act and they either laugh at you, insult you or ignore you, or in my case, all three. The Electoral Roll willingly give out your info to anyone who wants it, in spite of your current girlfriend having been repeatedly threatened and stalked by her ex. If you contact those in charge of enforcing the DPA they too ignore you or fob you off, and if you read their website carefully you see that really they have no power whatsoever. They can't shut someone down, they can't impose fines, they can only suggest and advise that the offending company or government organisation take a look at their internal procedures...yeah right.

    I had a car accident where I was a named driver and after weeks of reporting the accident, dealing with the assessor and many many phone calls, it turned sour, as it always does, as the insurance company in question started breaking the law with regards transfer of ownership. So I had a go at them and low and behold, all of a sudden, because of the DPA they couldn't talk to me and had to talk to the policy holder only. Even though they'd told me everything there was to know repeatedly, already.

    The DPA is a joke and only stands as another layer of bureaucracy that companies and the government can use to obstruct when it suits them, to get out of facing up to their responsibilites or putting something right, but when the shoe is on the other foot it's an empty, meaningless, unenforceable load of insulting garbage.

  48. Anonymous Coward
    Thumb Down

    56 comments and not one person has mentioned...

    ...that the contract is between M&S and the mother - since she paid for the clothing. The fact that the clothing is for the child is irrelevant.

    Thumbs down 'cos the readership is losing its touch

  49. Anonymous Coward
    Happy

    @ 56 comments and not one person has mentioned...

    Actually to be uber pedantic the article says the boys Aunt bought the costume and gifted it to the boy - so the mother isn't technically involved at all. But thats still no excuse for the call centre employee to do what they did!

  50. Anonymous Coward
    Anonymous Coward

    @Why is a 7 year old confirming details? (and others)

    The DPA covers both gathering and managing personal data. The Act works on 8 principles and the 3rd is that data should be "adequate and accurate". That relates directly to collection - if you buy tickets to the theatre, they can ask for name and address. Unless it's an age restricted event i.e. 18+ movie, then they don't need your DOB nor do they need to know how you like your sex. Why a 7yr old needs to confirm details is stupid especially as their parent is their legal guardian.

    @SynicNZ - anyone at any age can give consent provided they understand the consequences of their decision. That it is what is known as the Gillick Test. Under the law, parents have responsibility for their children until 18 though most give that up at 16. The test came about from a terminally ill child who told his doctors that he did not want to be resuscitated. His parents, naturally, refused to accept that and consequently it went to court. It was determined that if, after a pyschiatric review, the child fully understood the consequences of their decision, then the child was capable of making an informed decision. This was, of course, a complicated and emotive scenario and we are not likely to see that situation occur often.

    The test is used though when prescribing contraception to girls as if, in is opinion, the doctor is satisfied the patient understands the realities of sex and possible consequences, the doc CANNOT break the doctor-patient confidentiality principle. What doctors obviously try to do is involve the parents but their first concern is their patient's health and will therefore prescribe the contraception if the doc believes that consent is unlikely to come from the parents.

    I'm a DPO in a public sector body (hence the AC) and the line that I, and many of my colleagues, take is that if your actions breach the act but you believed you were doing the right thing then it is highly unlikely that any disciplinary action is taken. Instead, I would look to put some training in place to avoid it happening again. It's very easy to break the DPA so we look at the ways in which we can prevent it happening on a grand scale. I'll bet that M&S's own DPA team weren't aware of the procedures in the call centre. I they had then it's unlikely it would have happened. In this case, it's more than likelu that its poor training and an a culture of ignorance about the act at a managerial level.

  51. Anonymous Coward
    Thumb Down

    re. wtf???? and 56 comments and not one person has mentioned...

    I guess the reason they wanted to speak to the child was that the parcel was addressed to him.

    The contract, as such, was with his Aunt, who presumably lived at a different address.

    Still doesn't justify the actions of the M&S call-centre monkey in any way though.

  52. Anonymous Coward
    Anonymous Coward

    CRB check ?

    I'd have asked to speak to a supervisor to confirm that the call centre bod had been CRB checked...

  53. Simon

    Changing Policies

    I too like several people above have has *someone* call me from some company I may or may not have an account with asking for me to confirm details before they would speak to me.

    I love that conversation "Hi this is BLAH, can you confirm your details for me?" I keep silent... "Sir?", "Yes?" I reply. "can you confirm details please?" silence....finally I pipe up with "confirmation means you need to quote the details you want me to verify" of course they used to come back with "cant give personal details out..." The stupidity of it used to make me laugh or fume...

    However recently with a mobile phone company (I cant remember if it was O2 or Vodafone) when they asked me to confirm details as pretty much the first line in the conversation I retorted with "Sorry, I dont know who you are, can you give me some details of what you have to confirm who you are?" They were fine with this and said the first part of my PostCode.

    I think them giving (part) details that would be pretty useless on its own is a good policy - thats not a breaking of DPA laws surely? I just wish more member of the Jo Public would insist on the 2 way verification... too many people just blurt it out at the first request.

  54. Thomas Silver badge

    @"Data Protection Act is now officially a sham"

    It's a shame you live in the UK, that sort of presenting opinions as facts goes down very well on some American "news" networks. Allow me:

    "Let us be clear. the DPA has nothing to do with protecting the individual's privacy, despite its name."

    Read Part 1 of Schedule 1.

    "The DPA is designed to permit the government and private sector (i.e. everything that is beyond the individual worker drone) to horde vast amounts of information but never to confirm or release any of it."

    Read Section 7 onwards.

    "All it does is legalise the storage and non-disclosure of your data and protect these groups from being accountable for holding any of the data."

    Read Part 5.

  55. Mike Holden

    Postcode as security check

    Can't see that the postcode question is a good way of confirming an identity, as this will be in the phone book next to the phone number, surely. Asking for an account number or somesuch would be better.

  56. Anonymous Coward
    Anonymous Coward

    @AC, RE: Orange and my 14 year old

    "He also had problems understanding her as she had a strong French accent. (I thoought she sounded lovely!)"

    Yeah. they sound lovely... trust me, I know!

  57. Anonymous Coward
    Unhappy

    "It was a one-off human error"

    It may well have been human error, and it may well have been one-off.

    However, its clear that TWO people were involved in making that human error happen.

    That's right, the mother and father of that Human Error should obviously not have got together in the first place. Consequently, that serious human error would not have come into existence.

    Hopefully, that Human Error will never again be allowed to work for M&S, or anybody else that permits human errors to talk to customers.

  58. Anonymous Coward
    Alert

    "because the companies are so scared of ending up in .. in the press"

    But that's precisely what happens when they let employees do things that any SENSIBLE person would consider to be irrelevant or inappropriate.

  59. Richard Cartledge
    Heart

    It's so simple

    don't patronise these large global chains if you don't want to suffer these fools, a trip to the local outfitters or even a market is the order of the day. Try to use your local shops near to where you work or live. I have found shopping at the local shops to my workplace in my lunch hour very convenient.

  60. Anonymous Coward
    Happy

    @Matthew Bartlett

    >"I remember this... When I was involved in a car accident and was in a coma."

    On the face of it, that's a rather surprising claim to make!

  61. elderlybloke
    Thumb Up

    Yes Richard- It's Simple

    Common sense , wonderful.

    In my case , I never again deal with any firm that pisses me about.

  62. Bill Bennett
    Flame

    When PayPal calls...

    PayPal phoned me a few weeks ago morning asking for my bank account number for security.

    It turned out it WAS actually PayPal, but it was so stupid...

    PP: Hello, can I speak to Mr Bennett please?

    me: Speaking.

    PP: Hello Mr Bennett. It's Rashindra from PayPal here. Just to check I'm speaking to you, for security can you confirm your bank account number please?

    me: You're serious?

    PP: Yes. It's for security.

    me: How do I know you're really PayPal?

    PP: I promise you sir, we are PayPal.

    me: Prove it. Tell me my bank account number.

    PP: I just asked you that.

    me: Yes. So logically, it should be acceptable for me to ask you too.

    PP: Um...

    me: OK. Tell me the last letter of my postcode.

    PP: It's T.

    me: Well done. Now, for security, I made a payment last week. Who was it to?

    PP: Ebuyer.com.

    me: Yes. And how much was it for?

    PP: £19.95.

    me: Correct again.

    PP: Good. Now, can I have your bank account number?

    me: No. I'll tell you the sum total of the digits, though.

    PP: OK.

    me: It's 51.

    PP: Let me just check that. (mumbles adding up some numbers)

    me: That's OK then?

    PP: Yes. Nextly, for security again, can I confirm your national insurance number?

    me: No!

    PP: I am afraid I will not be able to release the information I was calling about if you do not confirm.

    me: What did you want to call me about?

    PP: I am calling to let you know about the great benefits of our new top up prepaid debit card.

    me: I don't want one.

    PP: OK, let me note that on your account and you will not recieve any further solicitation for this product. Before I make a note on your account, I will need to confirm some security details with you.

    me: What do you want to know now?

    PP: Can you confirm your bank account number please?

    me: No. I'll tell you the sum total of the digits again though.

    PP: I can't accept that for security verification, I'm afraid.

    me: You accepted it a minute ago.

    PP: No I didn't.

    me: Yes you did. It's 51.

    PP: I do not recall that.

    me: Do you know who you're speaking to?

    PP: Mr William Bennett.

    me: Are you sure?

    PP: Yes sir, I am sure.

    me: So if you're sure, why do you need to verify security details?

    PP: It is for security.

    me: But you've already asked me security questions.

    PP: Yes, but I must be sure I am speaking to you before I make notes on the account.

    me: You just told me you're sure you're speaking to me.

    PP: But sir, this is for your security.

    me: OK, ask me one more security question.

    PP: May I have your mother's full name, please?

    me: Yes. It's Tarrant. Chris Tarrant.

    PP: I'm sorry, that doesn't match.

    me: Oh whoops, I meant to say Cilla Black.

    PP: That's not it either, sir.

    me: Try Heath Ledger then.

    PP: I am sorry sir, but you have failed three times now. I cannot verify your account and will have to terminate the call.

    me: OK, bye.

    PP: But before you go, allow me to introduce you to the benefits of the PayPal top up prepaid debit card...

    me: NO!

    PP: Please do not shout, sir.

    me: OK, bye.

    PP: Good day sir.

    <end>

  63. Anonymous Coward
    Anonymous Coward

    No one expects the ...

    Oh people don't have a clue about the data protection laws.

    And frankly anyone can be sued for breaching confidentiality agreements.

    Yes, the answer is don't buy from corporates, the world won't end if they don't exist, in fact it would be a far more interesting place if they didn't.

    They don't make things cheaper that is just a misconception, what they do is dominate an area by driving out local business that is offering a sane price for things, by undercutting and selling at a price that is unsustainable unless you have operations elsewhere which can support that move.

    When the competition is removed they then hike the price higher than before, and pay people less so they can profit at the expense of others. They take from both ends of the spectrum, reducing wealth for the majority. Don't support them, shop elsewhere. And don't work for them, they are an illusion, and serve to keep the majority shackled.

    If you are working for them, why not get together, club together some cash, and strike out on your own, doing what you have doing for them, but instead do it for yourselves. M&S started out as a market stall, you get the pircture. You will probably earn more over time, and it brings back community.

  64. Tonto Popaduopolos

    @Bill Bennett

    You are a true Data Protection God.

  65. John

    Why not blame the politicians who invented this nonsense?

    It is very well excoriating customer service personnel and the soppy companies that employ them but why not point the finger at the culprits?

    They are the pathetic laws and the pathetic politicians who enact them. At some point legitimate commerce will grind to a halt and the only people who are not affected in any way will be the criminals (yes, they are the ones who tend to ignore as many laws as is necessary in order expropriate cash and property from it's rightful owners).

    Are politicians really this stupid or are they using bad laws to deliberately wreck this country? It certainly looks like the latter to me.

  66. Anonymous Coward
    Unhappy

    DPA and children

    For me in this example it's simple. Fight fire with fire:

    CC: "I need to speak to your child.".

    Me: "As their parent and legal guardian you will speak to me. I speak for the child."

    CC: "I can't progress this call without speaking to the child.".

    (Ensure child is out of earshot)

    Me: "What is your name please?...thank you. If you speak to the child I will not be able to listen and monitor your conversation. This allows you the possibility of grooming them. If you continue this course I will be forced to contact the police and have you arrested under child pornography laws. Now, how do you want to proceed (insert name here)?"

    It's harsh, but if they are going to be stupid, I'm going to be stubborn. I think these laws are crap but if they start mis-quoting them at me, I'll start using the system against them.

  67. Matt Crerar

    DPA - friend of the ignorant, petty-minded bureaucrat.

    I know this sort of nonsense all to well. DPA isn't necessarily being MISused, but often abused by folk. It's basically used as a away of getting rid of people rather than having to deal with problems/enquiries properly.

    For example, just this week I wasn't allowed to use my local libraries computers - despite knowing my number, password and had proof of ID - as I had forgotten my card, the reason being 'because of the Data Protection Act'. I walked off somewhat baffled as to the logic but knew arguing would have gotten me nowhere, either their ignorance or obstreperousness would have won the day.

    They use it to fob people off, or if you challenge them a bureaucratic wall goes up.

    Annoying. Sorry, I needed to share.

  68. Wayland Sothcott Bronze badge
    Dead Vulture

    Parents are responsible for children

    Unless the issue is parental abuse then the parents are entitled to know everything in their childs life since they are responsible for the wellbeing of the child. Childhood is a transition period where the child is given more and more say until they become an adult. There parents are simply there for when their adult child messes up and ASKS for some help.

    I am reminded of the Stanford Prison experiment. We the British are particularly suspeptable to letting power go to our heads. Even if the Data Protection act is misunderstood it seems we are willing to use it in the most controlling and harmfull way possible. Give someone the job of enforcing some rule or law and they take it to the max. This is especially the case with jumped up little nobodies. The cleeshay (nerd spelling) of the jumped up little hitler may be amusing but we seriously have to watch out or these people will take over.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019