this post was submitted on 27 Apr 2024
4 points (100.0% liked)

New Rules (proposals of laws that will fix problems)

7 readers
1 users here now

Inspired by Bill Maher’s “New Rules” segment of his show, but not as satire. Some satire is perhaps welcome but this is like a serious bug tracker for the real world (not bugs in software apps).

founded 6 months ago
MODERATORS
 

Banks and credit unions spam me with ads of their services, some of which are quite high volume. I never gave my express informed consent. I may have consented to this buried in some fine print, but certainly was not asked for consent in a manner that would make me consciously aware that my inbox will be attacked with ads.

My problem is not really the annoyance. I can probably go through some opt-out hoops. The problem with banks specifically is security. Every time the bank e-mails you for any reason, both the metadata and the payload data are sent in-the-clear, thus enabling all handlers of the email to know where you bank. This info is valuable to both debt collectors and thieves.

So, new rule for non-GDPR regions of the world:


Banks that e-mail customers must very loudly obtain your unquestionably informed consent. The bank must give you a separate doc that says:

“Bank X will certainly send a flood of spam, and that flood of spam will disclose where you bank to all email providers and potentially ISPs and e-mail forwarding providers. All recipients free to sell that data to debt collectors. Show that you wholly agree to this abuse below by hand-writing out ‘please feel free to abuse my e-mail address’ and signing that statement.”

There must be a picture of a big eye or a zorro mask or cyber criminal with a hoodie next to that agreement (inspired by cigarrette box rules).


I believe if that level of transparency were in play, people would not agree and banks would either have to offer an email-free option or they would lose business.

#fuckBanks

top 5 comments
sorted by: hot top controversial new old
[–] MrMakabar 1 points 6 months ago (1 children)

SMPTS is a thing and IMAPS are a thing too.

[–] activistPnk 1 points 6 months ago* (last edited 6 months ago)

Those are not end to end protocols. So every email host along the path sees where you bank, and the ISPs of the services of those hosts.

Also if you run your own mail server, any eavesdropper outside those tunnels would learn where you bank without seeing the payload, just seeing traffic go from A to B. That’s less likely though. The main problem is email providers and ISPs being inherently the loop (particularly in the US after Trump reversed Obama’s requirement that ISPs obtain consent to collect and sell customer data, which Biden has not reversed back).

[–] greengnu 0 points 5 months ago (1 children)

or just pass a law requiring all government post offices to provide low (or no cost) banking services to the entire population and empower them to issue loans for up to 2-3x your annual income at 3% interest.

It will gut bank's home loan business, making housing more affordable and skip the email question entirely.

[–] activistPnk 1 points 5 months ago* (last edited 5 months ago) (1 children)

A bank that simply holds an asset account (not a loan/liability account) is spamming ads to get car insurance from their partner, ID theft insurance, discounts at the vet, etc. It’s in fact the asset accounts that are sensitive. Debt collectors (and data brokers, by extension) want to know where your money is stashed, not who you owe money to. That’s also the account that’s sensitive to various attacks.

BTW, the bank bailout in the US around 2008 exceeded 10 years of NASA’s running budget. That’s how attached one federal gov was to their private banks, who tend to feed the right wing republican campaigns quite well (yet that bailout was under Obama). Taking those banks down is really well into the realm of fiction fantasy.

[–] greengnu 0 points 5 months ago

There is no denying government finance (soft corruption) from financial institutions but what you are suggesting is quite easy for any institution to bypass with bulk paperwork; unless you refine it to be in an exact form with no other subjects and for which the optional nature must be explicitly stated with clear terms. But then banks can just say no interest on accounts unless you agree and boom the problem returns.