It may be that i have got it wrong over this name change lark. No: not the principle. Rather, the general approach. Because i have made the mistake of approaching big business (and financial institutions) as though they are reasonable types, who would rather not humiliate and mistreat their customers. When in fact they are all, mostly, a bunch of bastards.
And the bottom line is, really, the bottom line.
Let’s explain. I’ve been a bit quiet on name change for a bit not because i’ve been doing nothing but, au contraire, because i’ve been doing a lot of something. That has involved talking to government (of which more later) and also widening the number and rank of financial institutions i have been talking to at quite senior level.
Sometimes on my behalf. Increasingly, though, on behalf of others.
The security comfort blanket
And the issue – the collision of values – has been pretty much this. First, many recognise that it is a bit of hassle…and procedures could be better. Many, though, instantly shoot back some sort of PR garbage about having the best interests of their customers at heart and how its all done thoughtfully and in the best possible taste. Or words to that effect.
Somewhere in there is some guff about “security”…and that is understood, by those who appeal to the security comfort blanket for justification, as capping all other arguments. A bit like government.
We’re taking away your right to demonstrate in public/ walk the streets/ breathe and…its all for your own good because of “security”. As though once the s-word has been uttered, nothing else can possibly matter.
Except that is a mistake. Cause i just happen to be a girl with a couple of decades of IT security experience under my belt and, quite frankly, if any manager of mine told me that they were demanding deed polls or marriage cert’s because it somehow enhanced a company’s security…they’d be complaining of carpet burns for a month (from the carpeting i’d give them, see!).
The idiocy of current process
Why? Well, consider: if i want to transfer money, i could write a letter to a bank using my recognised name, on a piece of paper with my name , address, account details and signature on and…chances are they’d do as asked.
On t’other hand, if i handed in a scrap of paper asking them to do ditto which had been signed and witnessed by someone i’d met five minutes previously, with no security as to who the witness was or any more identifying details as to who I was…they’d kick me out the door.
Except when it comes to name change, its all topsy-turvy. The letter containing all manner of secure and checkable info holds no water. The anonymous scrap of paper is king.
Can that be right?
Legal, honest, decent – so long as it doesn’t cost
Let’s digress with a related tale from about ten years back. I was providing advice and consultancy for a major UK corp. You’d know their name: also the name of their MD, who was in the room at the time (because he has lately – and publically – been accused of crim activity). I’ll say no more.
I’d just done a presentation explaining that his company just wasn’t Data Protection compliant. By a long chalk.
So, he fired back, what would it cost to make it so? Quick consult with techy present, much back of envelope scribbling, and two minutes later, my best guesstimate: between a quarter and half a million sterling.
And what would it cost if they were hauled before the Information Commissioner. Honestly? Typical fine back then was in the hundreds of pounds…and then only after months and years of second chances.
In which case, he said, we’ll risk it. His company’s policy from that meeting was not stated – but unofficially it was very clearly to ignore the law on data protection.
Since when, things have changed. The DPA has bigger teeth. The FSA has got in on the act too, as have, in the US, similar regulatory bodies. Fines of several hundred thousand pounds have begun to appear and, magically, companies which once couldn’t give a damn about data protection are taking notice.
Its the bottom line, stoopid
Which brings us back to name change and my mistake. Because i did think companies would rather not upset their customers. Silly me!
And that companies might wish to comply with Equality Law. How foolish!
Of course they don’t. Because both the above are about some degree of altruism and niceness.
So, instead, in 2012, i am beginning a new campaign. The use of deed polls and other cert’s to validate name change is just stupid. Its NOT secure. If anything, it makes financial institutions MORE insecure, making identity fraud easier and achieving nothing other than a paper trail that these organisations can use to pretend they did something.
Which they aren’t.
So in future, faced with intransigent org’s, i think i’ve had it with Equality. Instead, its going to be about security. And negligence, in embedding procedures that make our lives less secure. And various financial ombedsmen.
Let’s see if that one plays any better. 🙂