Social Media & the Employer

Can a potential employer legally require you to provide your social media username and password?  In a word,

State lawmakers began creating legislation to prevent employers from legally requiring you from providing your social media account information in order to get a job.  The National Conference of State Legislators website provides information about enacted or proposed legislation in the US at http://www.ncsl.org/research/telecommunications-and-information-technology/employer-access-to-social-media-passwords-2013.aspx.  Check out the website to see your states progress.

Great!  That should solve the problem, right?

Not really.  Your employer might be able to see what you have posted without asking for your password.  Have you configured your social media account to restrict who can see the information you post?   Kim Kommando has a great set of guides.  This link will take you to a page full of documents that will help you get started.

With regard to Facebook, locking won't prevent everyone from seeing what you post (people who post on your page will have a copy of what they posted on their page).  Again securing your account will go a long way in preventing someone who doesn't have social media ties to you from accessing your pictures or information.The best thing you can do is think before you post.  Do not post anything that might embarrass you or tarnish your reputation.  If in doubt, don't post it.

Social Security Numbers ... When to Provide and When to Say NO

 

Social Security numbers were first issued in 1935 by the Social Security Administration for the purpose to track individuals and activity within the Social Security system.  Our social security numbers were not originally designed to be used for identification purposes but as time has gone on, the numbers are used along with other information to validate a persons identity outside of the social security system.    

The recent major health care breaches (Anthem followed by the Premera) are good examples of why we must all be cautious about providing social security numbers.  These breaches involved the loss of social security numbers as well as other personal information.  It makes me wonder why they are asking for this information in the first place.

Are consumers required to provide a social security number when visiting a medical professional?  The answer is no, according to very old article on NBC news (source:  http://www.nbcnews.com/id/12137393/ns/business-consumer_news/t/who-can-ask-your-social-security-number/#.ToKEfdTa9Bk). The exception is when your health care provider is Medicare, Medicaid or the Military.

There are conflicting reports that providers might be required to have your SSN on file.  I'm not sure I"m buying it though.  I believe it is prudent that you do NOT provide your SSN to any health provider as long as you have have insurance.

Let's face it, there are lots of ways to get another person's social security number.  The easiest way is to pay for it from Internet providers that sell you that information for a fee. Another way is in the trash.  It's amazing how many people throw away sensitive information.  Finally, some people steal sensitive information from the people they work with.

How can you protect yourself?  Every state in the US allows consumers to freeze their credit through the 3 credit bureaus (Experian, Equifax and TransUnion).  Reference this site to review the legislation for your state.  It's important for consumers to know that freezing your credit will definitely cause delays in obtaining new credit.  Another option is to pay for a service (much like we all pay for car insurance) to protect our identity.  This isn't foolproof, as you will be notified after someone has your information.  The service can't prevent someone from using your information, they simply help you clean up after it's detected.  Your best bet is to freeze your credit and protect the information you use to open your credit temporarily.

The bottom line is that we all must be very careful about who we provide our social security number.  I'm in the just say "no" camp. 

EMV Credit Cards

The credit card industry in the United States is starting to adopt the EMV chip technology for credit cards in lieu of the less secure magnetic stripe technology that has been used since the birth of credit cards.   EMV is short for Europay, MasterCard and Visa.  The EMV technology uses a small computer chip in a credit card to securely process transactions at an EMV enabled credit card register. The adoption of the EMV technology and processes will be mandatory in October 2015.

What does the EMV do for us?  EMV provides a more secure way to process credit card transactions.  Transactions are processed in a way that protects data and eliminates any potential for the transaction data to be used to create a new transaction.

EMV also prevents counterfeit fraud, a process where the magnetic strip on a credit card is (covertly) copied and duplicated onto a new card.  The counterfeit card has your credit card number and magnetic stripe information.  Purchases made with the counterfeit card are billed to you. 

It's important to remember that many of our new credit cards with the EMV chip still have a magnetic stripe.  For that reason it's important to watch the salesperson complete your transaction (especially important in restaurants where transactions are generally done away from your table).  In addition, monitor your credit card transactions regularly.

What the EMV card can't do is prevent all types of credit card fraud.  The fraud it can't eliminate is the ability for someone other than you from using your credit card online in what is known as a  card-not-present (CNP) transaction.   CNP transactions are electronic transactions usually completed online (with an etailer, or electronic retailer) but they can also come from a transaction that you (or someone authorizes via telephone.  For this reason it is very important that each of us physically protect our credit card(s), credit card statements and any records containing credit card data.

Both credit cards and (modern) passports have electronic chips in them. These chips are similar but not the same.  The chip on our credit card is only readable by a specific smartcard reader.  This lessens the likelihood that our card data be captured by a hacker, however note that it's not impossible.  In my opinion, it makes sense to add protection to make it impossible to read the data.  Add a small sheet of aluminum foil in your wallet or billfold to shield your EMV chip card from an electronic reading device.

Are you concerned about the protection of your card?  What are you doing to protect our financial privacy?