It’s hard out there for a paranoid cybersecurity reporter.
I’ve covered enough breaches, identity thefts, cybercrime and worse, to know it’s a terrible idea to hand over my personal data — even something as seemingly innocuous as my birthday or email address — to a store clerk, or a strange login page on the Internet.
But it’s getting hard to resist. I was in the middle of buying a swimsuit recently when the sweet lady behind the boutique counter asked me for my email address. I explained, as I have a hundred times before, that I’m a paranoid security reporter who makes it a general rule of thumb not to hand out information unnecessarily.
“We won’t spam you or anything,” she said, perplexed. “We just need it for our database.”
I knew then that the conversation was headed into a whole lot of awkward, as it had dozens of times before. The fact is, a boutique doesn’t need my email address so I can buy a swimsuit. The hotel I stayed in recently didn’t need my birth date, or my home address, or my driver’s license number, before I could check in. And Target doesn’t need to store your debit card PIN.
Read the rest of "Stop Asking Me For My Email Address" at Bits (NYTimes)