William Vambenepe has an interesting experience with his bank and would, it seems, prefer indifference to incompetence:
Here we go again. Yet another institution who “takes the protection of [my] personal information very seriously” wrote to me to let me know that they lost some unencrypted backup tapes with my SSN and everything. In an way I’d prefer if they said that they don’t take the protection of my personal information seriously. Because now I have to assume that they are incompetent even at the tasks they take seriously, which presumably also includes performing financial transactions (it’s a bank). That they plead dumbness rather than carelessness kind of scares me.
Well, not really. This letter is just damage control of course and whatever reassuring verbiage they put doesn’t mean anything. Everyone is just playing pretend, which is how this whole “identify theft” problem started (“we’ll pretend that the SSN is confidential information and that we can use it to authenticate people”).
The logical fallacy here is that the two are not mutually exclusive. Your bank can be both indifferent to your privacy and incompetent at protecting it.
Once again I will make the futile case that all SSNs should be made public to end this nonsense. That’s not to say it won’t be replaced by other nonsense. But at least it would be new and entertaining nonsense.