… we leave our trail.
When signing up to a social site, it gives you the option to sign in with a Twitter or Facebook account. It even says
“Don’t want to remember another password? Use your Facebook or Twitter account to sign up for Photobucket. It’s quick and easy!”
That’s great. One doesn’t need to give much personal information away when creating a Twitter account. Let’s have one of those.
Except the next screen is interesting
And the question about birth date. Even when signing-up with a Twitter account, this site requests a user name, password, date of birth and location.
Now, I can understand why an organisation wants your data. The service may be free at the point of use, but the Faustian bargain is that one provides information. Presumably this information has some commercial value to someone. Fair enough, caveat emptor and all that.
But, the birth date control seems a little ineffective. Photobucket says it “assures us you are at least fourteen years of age“. I suggest that the birth date does no such thing: it only assures that the person entering the data is smart enough to enter a date older than fourteen years. An equivalent security enforcing control would be a check box “are you older than fourteen years?“.
Entering one’s real date of birth into websites is something one should do with a healthy dose of caution. Given that the date of birth is used as an identity check by many financial organisations, allowing this to leak out is something that should be resisted. Moreover, it behoves us to encourage those organisations that do collect dates of birth to think about what they are collecting and why: more appropriate data to collect would simply be age. This would be in line with the UK Data Protection Act which requires that data collected is “adequate, relevant and not excessive“. Societies and sports clubs would do well to bear this in mind.