As Some Are Requiring People To Give Up Their Info To Dine, Stories Of Creeps Abusing That Info Come Out
from the the-privacy-conundrum dept
I think many of us are going to avoid eating at sit-down restaurants for the foreseeable future, even if governments deem them to be "safe." However, I find it at least somewhat unnerving to see Governor Jay Inslee in Washington say that in order for a restaurant to offer dine-in services, it will need to keep a log of all diners for 30 days, including their telephone and email contact info.
Under Gov. Jay Inslee's new statewide orders, Washington restaurants that offer sit-down service will be required to create a daily log of all customers.
The restaurants must maintain that log for 30 days, including telephone and email contact information and the time they were in the restaurant. The state wants this information to facilitate any contact tracing that might need to occur.
I fully understand why this requirement is there. Since contact tracing is so important, it's much more difficult to do contact tracing in situations like these where there's no way to tell who else was in the same small space where a COVID-positive person dined. But... at the same time, it seems to raise a number of privacy questions.
When I tweeted about this, some pushed back and said it wasn't much different from ordering online or from an app (or even, potentially, paying with a credit card). All of those give up some level of privacy. Yet, as I've been saying for years, privacy is about trade-offs and a big part of that is understanding the benefits and the risks. And when we're ordering with an app or using a credit card, there are reasonable systems in place that make it unlikely that your info will be abused. These are not perfect, and there are some cases where there are risks. But, for most people, the "threat model" suggests it's not that risky.
Yet, it's unclear if that's the case with something like a "restaurant log," like the one that Washington State is requiring. As an example of why that might be problematic, we can just head down to New Zealand (which appears to have almost entirely contained COVID-19) to hear of a story about a restaurant worker using the contact tracing info a customer left to hit on her:
"I had to put my details on their contact tracing form which I didn't think anything of. It asked for my name, home address, email address and phone number so I put all those details down," she tells Newshub.
Except in Jess's case she didn't just take away a sandwich from the Subway restaurant she was at. She also got a Facebook request, Instagram request, Facebook messenger approach and a text from the guy who served her, using her contact tracing details.
"I felt pretty gross, he made me feel really uncomfortable," she says.
"He's contacting me, I didn't ask him to do that, I don't want that.
"I'm lucky that I live with quite a few people because if that was me by myself at home - he knows my address you know - I'd feel really, really scared. Even now I feel a bit creeped out and vulnerable."
The article does note that the Subway employee who did that digital stalking "has now been suspended" (is that New Zealand for fired?), but it can't make anyone very comfortable.
And that's a much bigger issue than just for that woman. If people are afraid that their private info can be misused, they're less likely to give it. In other words, the nature of the privacy trade-offs are vastly different than they might otherwise be. Not understanding that leads to bad results, and yet that seems to be what's happening in Washington.
After receiving some pushback, Inslee is now saying that the logs should only be kept for 14 days and that privacy "protocols" are developed. But that's the kind of thing that need to be built up initially, not after such a plan is announced:
“This is something that we have to make sure that we build protocols around privacy so that any of this information can only be used for this purpose, can be expunged after 14 days so that this is only a minor inconvenience. No one is looking to make this a federal crime. We’re trying to save some lives here,” Inslee added.
Again, he means well, and there's obvious value in contact tracing done correctly. But you can't ignore the privacy issues, and you can't tack them on after things are already messed up. Any system needs to develop the concept with privacy built in from the very start -- and there's no indication that Washington state has done so.
Update: Late this evening Governor Inslee announced that this would no longer be a requirement, though suggested that restaurants set up a voluntary system. It appears he listened to some of the criticism.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: contact tracing, dining, pandemic, privacy, restaurants, tradeoffs, washington
Reader Comments
Subscribe: RSS
View by: Time | Thread
Humanity unable to learn simple lessons.
No one would ever do THAT so don't worry about it.
someone does THAT
No one could have foreseen this coming.
Lather rinse repeat.
[ link to this | view in thread ]
Why . . . why would you ever give them your real telephone number and contact info?
[ link to this | view in thread ]
But . . . but that doesn't change anything. You're still requiring people to give information to other people who have not been vetted for safety. That its destroyed in 14 days doesn't stop the Subway employee who wrote it down from immediately copying it for their personal use.
Even then - mandating without any means set up to monitor compliance means your mandate is unenforceable.
[ link to this | view in thread ]
Who cares. That's not a justification nor an excuse.
[ link to this | view in thread ]
“No one would ever do that!”
[someone does that]
SurprisedPikachu.png
[ link to this | view in thread ]
Why would this info ever be handled by or accessible to another human aside from the health department in a CoV2-tracing incident? Writing this on paper? Where employees or anyone with the daring or skill to snag the logs can have it?
Pure idiocy.
[ link to this | view in thread ]
Ready...FIRE!...Aim
Seems to me the correct thing would be to write down the first names of the people dining with whomever paid the bill on the credit card receipt.
Then, contact tracing? Call the credit card company, get the phone number (all that's needed for most of us). The receipts are already kept for some interval in case a charge is challenged.
[ link to this | view in thread ]
Re:
I wonder how they will handle people who lie? I don't have a phone, so the number they get will be the same as I give my bank and Amazon and anyone else who ridiculously require a phone number for any reason. 1-800-555-1212, and I have a feeling I am not the only one.
Any email or street address would have the same veracity. Then, what are they gonna do? Wait outside to see if I show up again? Take some LEO's off a murder or robbery investigation to track me down? Then what, charge me with giving a restaurant false information? I only use cash in restaurants, so there will be no electronic transaction to trace.
The order charges the restaurant with collecting information, it doesn't say anything about the customers responsibilities.
Now, I should note that I understand and appreciate the purpose of the order the choice remains, either support restaurants that I like and lie to them, or don't support restaurants that I like. Giving up privacy any more than I have to isn't in the cards.
[ link to this | view in thread ]
Nobody gives a fuck.
[ link to this | view in thread ]
Fuck this shitty website.
[ link to this | view in thread ]
Re: use phony personal info
good point. That's the proper response to this phony, illegal "government requirement"
Note carefully that this is government politicians demanding restaurant patrons "register" their personal identity to eat -- it ain't the restaurant owners forcing this.
Under American constitutional law, nobody in government has authority to order anybody to "register" themselves just to conduct routine retail transactions -- under any circumstances.
This is a fundamental, formal legal issue -- not some casual personal privacy issue.
[ link to this | view in thread ]
It's what happens in areas without at-will employment. A process must be followed. They'll have to hear the employee's side, but unless the customer's story was fabricated, it shouldn't be hard to fire them for serious misconduct: "The key question to ask is if the misconduct undermines or destroys the trust and confidence an employer has placed in the employee."
[ link to this | view in thread ]
Might this be related to the requirement to show id when grocery shopping.
/lol
[ link to this | view in thread ]
Privacy conscious people are being taught to lie
Pay with cash. If asked for more info, make something up.
[ link to this | view in thread ]
Re: Re: use phony personal info
Right. Just like sales of cars and guns, to pick just two examples.
[ link to this | view in thread ]
Re:
Resturants may or may not a computer system for that so paper may show up. But the real reason is because they can't organize their way out of a paper bag and it shows in their response to the crisis. They could probably have one person set up an app, program, or website with a login using the resturant's index numbers from the Health Department or similiar to organize in the months a lockdown was under effect but they didn't.
[ link to this | view in thread ]
Yeah, in the meantime, the barn doors are flapping in the wind and the horses are long gone.
Who made it a rule that (security / privacy) must be afterthoughts?
[ link to this | view in thread ]
Restaurant -> Third Party Doctrine -> Government
If our government had a history of openness, honesty, integrity and respect for the privacy of it's citizens, then people might accept the idea of contact tracers, or contact tracing in general. Unfortunately, this is not the case. Our government has a nearly unblemished record of obfuscation, dishonesty, corruption, and lack of respect for any of it's citizens rights. So, naturally, people are quite resistant to the idea of contact tracers, or giving information to restaurants. It is unfortunate that our government has such a track record of untrustworthiness, but it can blame no one but itself. Now, in this pandemic, this unfortunate history is coming back to haunt us all. Contact tracing could be very useful in limiting the spread of the SARSCOV-2 virus, if the government could be trusted to do it right, but it can't. And, thanks to the misbegotten "third party doctrine" we cannot trust anyone else to do contact tracing either, because any information provided to even an honest third party is available to a dishonest and corrupt government. If some government "cootie cop" asks me anything, I will tell them right where they can get off (and in no uncertain terms).
[ link to this | view in thread ]
If someone abusing a system [of any type] were to be used as the reason to eliminate a system, then we wouldn't have any systems at all.
[ link to this | view in thread ]
Giving out an address in a public place where someone can overhear and knows that you are likely to be there for a hour or so is just begging for your house to be robbed while you are enjoying your meal. Could even be one of the employees phoning associates who do the crime.
If the place insists, you could just provide the name, home address and office phone number of the mayor or governor that issued the order. Plus pay with cash.
[ link to this | view in thread ]
Re: Re: Re: use phony personal info
car registration is not a sales transaction requirement, but a seperate requirement if the vehicle is used on public roads
gun registration is directly prohibited by the 2nd Amendment, if one is fussy about that rule of law stuff.
[ link to this | view in thread ]
Re: Re: Re: use phony personal info
Exactly. You can buy a car without registering it. However, the circumstances under which you can legally operate it without registering it are so narrow as to preclude most practical purposes.
In some states, you can buy a gun without registering it. The background check process is not a registration, and officially does not contribute to a master list of gun owners. (Whether such a list is unofficially created by excessive retention of records of the background checks is another matter, but the law does not call for the Federal government to create such a list.) In some circumstances, you can lawfully avoid undergoing a background check at the point of sale. For example, a person who possesses a valid Concealed Handgun License can present that in lieu of a background check, since acquiring the CHL requires a successful background check. While this does not avoid being subject to a background check, it does divorce the background check from the purchase of the firearm. For this reason, Federal Firearm License holders generally like CHL holders, because it reduces the amount of bureaucracy that the FFL must handle.
[ link to this | view in thread ]
Re: Re: Re: use phony personal info
[ link to this | view in thread ]
Anyone not living in the USA, say USA/Canada dual nationals, would be impossible to contact. The State of Washington has no jurisidiction in Canada
The one exception to border closures would be, say, Canadians entering Canada on a Canadian passport. Canadian citizens have right of entry, which is why Canadians can cross into Canada and Americans can cross into the uSA
USA/Canada duals, and they are a lot of them, would be beyond the reach of the State Of Washington, when they are in Canada.
[ link to this | view in thread ]
Re: Ready...FIRE!...Aim
Just pay with cash and lie about your address.
...problem solved
[ link to this | view in thread ]
Re: Re:
You can always use one of these free Internet phone apps. There is one where you get a number free for 30 days, and then it dissappears, then you gotta get a new number from them.
When that number dissappears, they no longer have a way to trace you, if you use a VPN when singing up for your 1 month free disposable number. All they will have is the IP address of the VPN, making you untraceable.
[ link to this | view in thread ]
Re: Re: use phony personal info
Also have one of these infrared license plate frames that make your plates invisible to any surveillance cameras.
You would have to drive with your headlights on at all times, and keep your parking lights on, when parked, since they share a power sources with your license plate lights, but it would prevent surveillance cameras and/or ALPR cameras from seeing your license number to avoid being traced that way
The light from the concealed infrared LEDs would be invisible to the human eye, so no LEOs would ever know you were using one.
[ link to this | view in thread ]
Re: Re: Re: use phony personal info
except cops driving around with ALPR
[ link to this | view in thread ]
Re:
Never mind the suspension, how is the law not involved?
[ link to this | view in thread ]
Re:
Consensus reality, apparently.
[ link to this | view in thread ]
Re:
Are you saying that Washington can't contact Canada and ask them to warn their potentially exposed citizens? Are you implying it is a bad idea?
[ link to this | view in thread ]
Retracted
I am guessing that our governor got the message:
https://www.seattletimes.com/life/food-drink/inslee-retracts-requirement-that-diners-provid e-contact-info-to-be-able-to-dine-at-restaurants/
[ link to this | view in thread ]
Re: Re: Re: use phony personal info
You don't 'register' the sale of a car. You register the transfer of a title. Its a very different thing and transferring the title isn't strictly necessary.
As for guns - where do you register them at? That isn't done where I live.
[ link to this | view in thread ]
Re: Re: Re: use phony personal info
Well, except for the cops with a FLIR.
And that they don't really work.
[ link to this | view in thread ]
Re:
How else are you going to implement it?
An electronic system that requires you to write code, obtain hardware, issue the hardware, train people to operate it - that'll be online somewhere around 2030.
And even then - the guy entering your information into his terminal just needs to remember it long enough to get back to the counter to copy it down.
[ link to this | view in thread ]
Re: Re:
Its not illegal to cold-call someone. Even if it makes that person uncomfortable.
[ link to this | view in thread ]
Re:
You must never leave your house. If you think that a burglar is waiting in a restaurant for someone to come by and let out and address that is close enough by for his compatriots to run over and burgle . . . look, these guys aren't that organized.
[ link to this | view in thread ]
Gunzezez
In the US prior to the magical date of 9-11 the purchase of a weapon from a store required filling out a form. The form stayed at the store. When LEOs wanted to take a weapon recovered from a crime scene and trace it back to owners they'd have to backtrace it based on S/N to the store... then get the store to pull up that paper record.
There was no way to list "weapons owned by Mr. X" only backtrace a specific S/N of a weapon to Mr. X once the S/N was known.
This idea of "keep track of everyone who eats here... when... where... who with..." is anathematic to that. It wouldn't be harmful, much like an online order, if all diners signed off on a credit card slip and listed other diners. THEN if the LEOs want that... they have to go to the restaurant to get it, not build a magic online database of who ate with whom.
Note: Nothing in the governor's original orders NOR in his modified orders suggests keeping track of who wore masks, gloves, etc., essentially treating everyone as infection monsters... whether we're sneezing, coughing, covered, uncovered, gloved, or clear.
Trump is an idiot. So is the governor of Washington. What can you do?
E
[ link to this | view in thread ]
Re: Re: Re: use phony personal info
Do you also buy tiger repelling rocks?
[ link to this | view in thread ]
Re:
Does the wife know you've been pining for Masnick again, antidirt?
[ link to this | view in thread ]
Re: Gunzezez
"What can you do?"
Vote
[ link to this | view in thread ]
Re: Gunzezez
Try enjoying a meal while wearing a mask and gloves.
[ link to this | view in thread ]
Re: Re: Gunzezez
and not for republicans or democrats. they are the source of the problems
[ link to this | view in thread ]
Re: Re: Re: Re: use phony personal info
No, they're too heavy. I much prefer a tiger repelling stick, which is more portable.
[ link to this | view in thread ]
Re: Re:
Get out a lot. Just don't advertise that there is a house that won't have anyone home for a while.
If your security policy is counting on stupid or un-organized criminals, I hope you have good insurance.
[ link to this | view in thread ]
Re: Re:
NZ privacy laws apply to organizations, not individuals. (I believe the same applies to the GDPR and CCPA.)
Let's assume that the accusations are true, which is probably the case.
The employee will currently be on administrative leave (likely without wages) while the investigation takes place. They'll be fired for gross misconduct and will be ineligible for a benefit for up to 3 months. They likely won't find much work for a while, except maybe some minimum wage manual labour.
The Subway franchise store will be investigated by the NZ Privacy Commissioner. The owner and managers likely gave little or no training on privacy, assuming common sense would prevail, which is insufficient under the law. The business will receive a fine that's big enough to hurt but not enough to kill it. The owner will probably go after the employee to recover some of this cost.
Even though the employee isn't liable for criminal charges, they'll feel the consequences here for some time to come.
[ link to this | view in thread ]
Simple method.
[ link to this | view in thread ]
Your libidinous waiter can simply tear open the envelope, read the stalkee's information, and seal it into a second envelope. Who's going to know the signature is employee's, rather than patron's, until the waiter goes off shift and on phone?
[ link to this | view in thread ]
Re: Re:
Too obvious. If you're going to be giving fake numbers in person, go with an internal telco test number in the local area code. Most people won't recognize 958/959 numbers.
[ link to this | view in thread ]
Re:
Restaurants do have a system for securing small pieces of paper (i.e., cash). Paper cards deposited to a time-locked safe would almost certainly be more secure than whatever rushed low-budget paperless system they might buy.
[ link to this | view in thread ]
Re: Re:
My go to responseis:
My name is Jenny.
800-867-5309
[ link to this | view in thread ]
Re: Re: Re:
That's so clever, because everyone knows that number.
I use (911)911-1911. Because they autodial it and then they have to deal with the PSAP.
What's a PSAP? No worries, if you're smart enough to google Jennie's number, you can google what happens when you dial this number.
[ link to this | view in thread ]
Re: Covid influence our daily life behavior
Thanks. I needed something like this. I'm going to go buy auto bearings from your illiterate spam with the bad links right now.
[ link to this | view in thread ]
Re:
Doesn't mean there's no value to it. A postal worker could do the same, and people build fences that are easily defeatable by ladders or wire cutters; nevertheless, most people have some psychological resistance to breaching an overt security barrier like that.
[ link to this | view in thread ]
Re: Re: Re: Re: use phony personal info
We're required to title a car & pay the sales tax w/i 30 days of purchase. I bought an antique a year ago & haven't titled it yet. I'll have a small fine to pay when I do.
[ link to this | view in thread ]
Re: Re: Re: Re: use phony personal info
I
Using infra red anti camera devices is not illegal at this time
Because unlike to play my stereo om.the loud side I have used them to avoid camera tickets for loud car stereo
I have been flashed at red light cameras when the light is grewn but have never had a ticket for loud stereo because I have tendered my plates invisible to camera
Unlike most loud car stereos i dont have that annoying bass so am.nowheres near as annoying as other stereos
[ link to this | view in thread ]
Re: Re: Re: use phony personal info
both of which I have bought in bulk without registering.
[ link to this | view in thread ]
dont worry, we are the government and we are here to help
your privacy is important to us. <snicker> <guffaw>
imagine when you have a peaceful, prosperous society, and immigrants come and breed you out and bring in more immigrants. they bring you disease. they disarm you. they make you stay home. maybe give you a little welfare to keep you calm, but you are not in critical jobs so you will never be allowed out. ... here, have some alcohol. now, enough about the native americans...
[ link to this | view in thread ]