Re: [Full-disclosure] Best Buy and Privacy?



I used to work there and I don't think I can officially say anything yet for
another month or two.
But I'll just say they have problems. I even sent some problems 'up the
chain' and didn't receive any response.

On Fri, Feb 4, 2011 at 10:24 AM, Wesley Kerfoot <wjak56@xxxxxxxxx> wrote:

I think the fact that they have that info in their systems is pretty awful.
I wouldn't trust them with my personal information. How do you know some
disgruntled employee won't take it all and sell it? Or that their database
servers are insecure? BB have shown that they have incompetent employees and
no ethics whatsoever.

On Fri, Feb 4, 2011 at 11:16 AM, Thor (Hammer of God) <
thor@xxxxxxxxxxxxxxx> wrote:

I found this interesting, so I thought I would share it.



Over the last few years I had amassed quite a number of various gaming
system games that I never used anymore (if at all) so I decided to trade
them in at Best Buy (they do this for store credit). Though $3 for a $50
game wasn’t exactly attractive, I figured I could get a free Blue Ray out of
it, so why not.



I showed up with a stack of games, and sat at the counter for about 30
minutes while the guy individually entered each title, catalog number, etc
for each game. After all that, he finally said that he needed to see my
driver’s license in order to give me my $73 credit. I always question this
type of thing, so asked him why. “In case these were stolen” he says, going
on to say it is store policy. Whatever, I think, so I give it to him. He
doesn’t just look at it, but starts entering my info into the system – I
didn’t care because it was an out-of-state license, but didn’t like that he
was actually entering it into the system.



He then notices that my license had expired a month earlier. I actually
knew this, but wasn’t going to offer it up. He says he can’t take it, and I
give the obligatory “I’m not driving in the store, I’m just giving you
games” bit and the “it was me a month ago, so what difference does it make
now” pitch. He goes asks the manager, and sure enough, they can’t take it
because it is expired.



So this is the point where I really start to wonder and ask more questions
about what difference it makes. He then tells me that the reason he has to
enter so much information, including each individual title and UPC, is
because they have to send all this information to the Seattle police in case
any of the titles I turned in were reported stolen by someone. I asked how
they expected to match up a stolen title with a redeemed one short of
putting 5 “Pimp My Ride” games in a line-up for identification, and of
course the kid didn’t know and didn’t care. I then pointed out that even if
I did steal it, if the cops came around looking for it, I wouldn’t have it
anymore anyway because it would be in the Best Buy warehouse. More not
caring.



While the overall process of wasting police resources on tracking games
that might have been stolen seems like a complete waste of time and money,
what really concerned me is that Best Buy was going to send my personal
information over to the police without disclosing anything to me. There was
no mention of it anywhere, no fine print, nothing. Had my license not been
expired, that info (which they would not have had) would be put into the
public system, and there would be no way I could control the information or
what they did with it. This would have been particularly bad if I had to
explain why I had a copy of “Barbie’s Horse Adventure” at some point.



As far as profiling is concerned, you would think they would be more
interested in the fact that I was going to use the $73 credit towards the
purchase of a couple of seasons of Dexter, but I have no way of knowing that
they wouldn’t have sent this information anyway. It begs the question as to
what other information Best Buy is sending to whom, and what kind of privacy
rights I am implicitly giving up by shopping there. If they can report
personal information to government agencies without my knowledge, approval,
or any sort of notification, and in this case collected the information for
the explicit purpose of doing so, why else are they collecting?



AFAIAC, there is something seriously wrong with this. Anyway, I thought I
would share this in case anyone found it interesting.



T



*There’s no reason to think “outside the box” *

*If you don’t think yourself into it. ***

* *



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Weekly Charter Post - Sorry for the Dupe
    ... Charter of uk.games.video.dreamcast ... taken with posts about games not yet officially released in the UK, ... Advertising (which includes wanted adverts and game trade lists) is ... Posts must be readable as plaintext. ...
    (uk.games.video.dreamcast)
  • Re: A discussion on uk.games.video.adverts
    ... have a standard charter for an advert group, ... Each of the existing groups would have their charter ... If other non-regulars had some bargain games, then this is an obvious place ... groupity groupity group! ...
    (uk.games.video.misc)
  • Re: Fistful of Bolters??
    ... miniatures games set in the "Warhammer" universe, ... "Warhammer" universe, including BUT NOT LIMITED TO such games as Warhammer ... So...the plain language of the charter states that this group is devoted to ...
    (rec.games.miniatures.warhammer)
  • Re: A discussion on uk.games.video.adverts
    ... want to wade through a charter just to see if they could flog their ... games. ...
    (uk.games.video.misc)
  • Re: [Full-disclosure] VPN provider helped track down alleged LulzSec member
    ... if the vpn provider had not shat themself, then it would be a non story. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)