|
Grex > Coop12 > #123: Proposal to modify selection of corporate officers | |
|
| Author |
Message |
| 16 new of 118 responses total. |
polytarp
|
|
response 103 of 118:
| 
Sep 7 21:51 UTC 2002 |
I thought you didn't like socialism; but why do you have a library, PUBLIC,
card?
|
gull
|
|
response 104 of 118:
|
Sep 7 21:59 UTC 2002 |
Re #94: You can request that Paypal give you the name and verified
shipping address of the person. That should be sufficient data for Grex
to hang on to.
|
mary
|
|
response 105 of 118:
|
Sep 7 21:59 UTC 2002 |
Re: #102 It doesn't give us much information but that's okay.
It's still worth something on the black market. They're especially
big with soccer mom's needing to be someone else, for just a day.
|
jp2
|
|
response 106 of 118:
|
Sep 7 22:46 UTC 2002 |
This response has been erased.
|
flem
|
|
response 107 of 118:
|
Sep 8 00:23 UTC 2002 |
Just catching up on this discussion. A while ago, someone asked if Grex ever
did any kind of verification with the credit card numbers provided. Grex
didn't, but the credit card processing service we paid for did include
verifying that the address provided matched the billing address. fwiw.
|
cross
|
|
response 108 of 118:
|
Sep 9 21:54 UTC 2002 |
Regarding #105; Cool, my library card just says, ``The New York Public
Library'' on it, with no other visible identification information. Does
that count? If so, what's the point? And do soccer mom's really use
*library cards* for nefarious activities? Well, I suppose that fits....
Regarding #106; Please don't feed the troll.
Regarding #99; I think the value of the data to grex is greatly
overstated. This is empirically backed up; no one's ever asked for
it. (Of course, that neglects the argument that no one's ever asked
for it because it exists in the first place.)
Regarding #97; Earlier you said it was important to keep the data
around to provide law enforcement with useful information should a
member use grex for some illicit activity. Now, it's just that it's
too much of a hassle for the treasurer to destroy it. Which is it?
|
mary
|
|
response 109 of 118:
|
Sep 9 22:47 UTC 2002 |
Both.
After hearing what others and staff have had to say about the
way hackers can be tracked I'm not so sure the little
bit of very voluntary information we gather would really
be of any use. But I'm not so sure that just the asking
and collecting doesn't somehow make us less of a
facilitator when something bad happens using Grex as
the on ramp. It's a fine point and may not make much
of a difference. Not sure.
Cool about your library card. Sounds like my library card.
And my Kroger card.
|
aruba
|
|
response 110 of 118:
|
Sep 10 03:33 UTC 2002 |
Since there is a question about what kinds of ID are acceptable, here is th
official policy.
This is quoted from the minutes for the September 27, 1995 board meeting;
the relevant parts are sections 2 and 5. The policy was intended for
verification of non-members to use outbound Internet services, but as I
understand it, the ID criteria also apply to verification of members.
T. Verification Policy - John Remmers passed around a verification policy
which he had formulated. A few words were modified, but there was a long
discussion about whether it should be possible for trusted people, such
as staff, to relay information to the verifier. Ultimately, the wording
in this respect was left intact.
Here is the final wording of the motion:
MOTION: (remmers, steve)
(1) Anyone requesting access to Grex services for which verification
is required shall present proof of his or her identity. Members and
non-members will be held to the same verification criteria. In order
to be considered verified, a person shall submit a photocopy of an
item of acceptable identification and a signed letter requesting the
access.
(2) The acceptable items of identification are government-issued ID,
school-issued ID, library-issued ID, or a personal check written to
Cyberspace Communications Inc. by the person requesting access. To be
accepted, the item must be currently valid (i.e. not expired), must
identify the person by name, and must include additional identifying
information other than a photograph (such as home address,
passport number, or name of school).
(3) There shall be one individual, referred to hereafter as "verifier",
who is responsible for accepting verification requests and ID,
notifying the appropriate staff member(s) so that access may be
granted if the criteria of (1) and (2) are met, and notifying the
requester if the ID is not acceptable.
(4) The board shall solicit volunteers and appoint the verifier. The
term of office is one year and is renewable. Any verified user is
eligible for the post of verifier. If a volunteer for the post is not
currently verified, then for the purpose of gaining eligibility he or
she may present identification to the board that meets the criteria
enumerated in (2).
(5) In the case of personal checks submitted to the treasurer of
Cyberspace Communications Inc., the treasurer may also verify a user,
provided the check meets the criteria of (2) and is accompanied by a
signed letter as required in (1).
(6) An individual whose request for verification is denied may
appeal the decision to the board. The board's ruling on appeals
is final.
PASSED: 7-0
I don't think I would accept a library card that didn't have some kind of id
number on it.
|
jmsaul
|
|
response 111 of 118:
|
Sep 10 12:32 UTC 2002 |
Huh. So a personal check does work without any additional items of ID.
|
davel
|
|
response 112 of 118:
|
Sep 10 12:55 UTC 2002 |
Yes, if it has an address preprinted on it.
|
cross
|
|
response 113 of 118:
|
Sep 10 20:38 UTC 2002 |
Regarding #109; Right. That's what I meant about that ``neglecting the
argument'' thing....
Regarding #112; Hmm, my checks don't have my address printed on them;
just my name. Of course, they also have an account and routing number.
|
cross
|
|
response 114 of 118:
|
Nov 14 19:46 UTC 2002 |
Regarding #104; Is this, combined with a PayPal payment, sufficient for
grex? Or do users still have to submit ID?
|
aruba
|
|
response 115 of 118:
|
Nov 14 19:57 UTC 2002 |
Re #114: No and Yes. Accepting Paypal's authentication as good enough for
us would certainly streamline our process, but (a) it would require
modifying our official policy, and (b) I'd want to know more about how
Paypal verifies people and under what conditions they release that
information before I'd vote to accept it. What do you know about it, Dan?
|
cross
|
|
response 116 of 118:
|
Nov 14 20:04 UTC 2002 |
Not much at all, I'm afraid, other than what was mentioned in 104. No
one has ever sent me money on PayPal, but I've sent money to other folks.
I do know that they're pretty thorough in validating people; your credit
card billing address really must match what you tell them, as far as I
am aware. If they really do give address and name information to the
people who receive money, that'd be worth changing policy for, I Think.
|
mta
|
|
response 117 of 118:
|
Apr 20 19:26 UTC 2003 |
If you request name and address iunformation, PayPal does release it to you.
However, as far as I know, they give the name and address the payor has given
to be passed along rather than anythign actually associated with the credit
card.
|
gull
|
|
response 118 of 118:
|
Apr 21 15:18 UTC 2003 |
If it's a 'verified' address, it means that they've checked it against
either the credit card records or the bank account records.
|