[alan-crowe]

My "importance of privacy" story:

I get my gas and electricity from Scottish Power. Recently a rival company, Ovo Energy made a clerical error and sent me a bill, leading to a dispute. The front line of defence against this kind of dispute is that the bills give the serial numbers of the meters. The bill from Scottish Power gives the same meter serial numbers that are embossed on the front of my meters, and is therefore valid. The bill from Ovo Energy gives different serial numbers and is therefore in error.

Picture though the internal processes in Ovo Energy. A second clerk is tasked with attending to the problem. He has a choice. He can change the address to agree with the meter serial numbers, correcting the error. Or he can change the meter serial numbers to those for my address, compounding the error.

Since the meter serial numbers are confidential, to me and Scottish Power, Ovo Energy does not have the second option; they do not know the serial numbers (which are long, like a credit card number, not just 1,2,3,...). Thus the clerical error gets corrected, or just left, but not compounded.

My guess is that confidential information, (such as meter serial numbers, credit card numbers, and account numbers), are the front like of defence against both clerical error and fraud based on impersonation. It is a rather weak defence, but it is light weight, and seems to how much of billing and billing disputes work.

We all have lots to hide: the confidential information that the system needs us to keep confidential to stop clerical errors from compounding.

[luckys]

Where is your contract with Ovo Energy? Companies cannot just go charge random people willy-nilly like that.

[reed1234]

You just read a story of a company doing just that

[mjd]

You have missed the point of the story. GP is not a customer of Ovo energy. They sent him a bill in error.

“Companies cannot just go charge random people”

And yet they do. Anyone can send anyone a bill.

[dfawcus]

Partially "slamming" where agents would try to get folks to switch to a different billing provider, and get paid a commission. So some fraudulently "sign up" random addresses they were supposed to visit.

The other case has been miscommunication over phone or email to someone actually requesting to change billing provider. Or error on the part of the potential customer.

I've had a bill from some random billing provider. In my case it is common for folks newly arriving in the block of flats to get the digits of the address transposed. Due to them using the common English convention, whereas the part of Scotland I'm in uses a different convention.

[luckys]

OP said "Ovo Energy made a clerical error and sent me a bill, leading to a dispute." I don't see what a company in that situation hopes they can accomplish without a contract for providing the service. Even if they knew OP's meter number.

[nevercat]

> I don't see what a company in that situation hopes they can accomplish

If you replace the word "company" in your sentence with "employee", do you come to a different conclusion?

A "company" is merely an amalgamation of the employees under it. When it comes to customer service you're often left feeling the impact of individual employees and the motivators that influence them. For example, metrics about times spent on calls, number of tickets worked on, new accounts created, resolutions that end in the company's favour etc.

You're absolutely right that Ovo energy has no legal basis to charge money to OP, and he would very likely win his dispute. But the _employee_ gets the ticket put in front of them and is heavily incentivised to close the ticket quickly and in the company's favour. The employee won't be the one going to court, and might not even be the person who picks the ticket up next when OP indignantly responds.

So if OP's meter number is as easily accessible as OP's address and the question for the employee quickly comes down to either: - Update OPs bill with the "correct" meter number. Meter number now matches address, bill is now valid. Submit response and bill. Move on to next ticket.

- Update ticket with "correct" address, send bill to other address. (new addressee may pay or may make same claim as OP). Submit response and send bill. Move on to next ticket.

The support employee doesn't know which option is actually the correct one unless they spend time digging into the issue to actually solve it well. But everything in the customer support world is almost always set up to disincentivise this. The result is the employee making the quickest choice that matches with their incentives of closing ticket and the company getting money.

Whether the employee acted rightly or wrongly doesn't really matter much, they're not the ones going to court over it. They might not even end up being reprimanded.

(If you can't tell I've been through the wringer on this multiple times and finding leverage to get the customer support employees to solve your case well is increasingly a nightmare.

Sorry for the long response).

[luckys]

You make a good point. Getting decent customer/tax payer service is becoming increasingly rare in the name of metrics/efficiency/profit.

I feel fortunate I did not yet have to deal with the particular brand of madness you describe.

[greatgib]

Anyone can send a bill but you can just throw it in the trash without even responding if there is not contract...

[nevercat]

This can and does end up with letters from collection agencies and debt collectors knocking on your door.

Unfortunately the dystopian levels incompetence of massive PLCs means it's often less hassle to quickly prove your correctness, regardless of things like burden of proof etc.

[bobbyschmidd]

telco guy comes in at point x in past, takes a pic of your meters while you don't attend. privacy fucked. but obscuring stuff like that behind temper proof (mwemphasis on proof) the glitter?

[AnimalMuppet]

Your first sentence: That could happen, but they'd have to send someone, which is an expensive process. It would also cross the into deliberate fraud. In the larger picture, privacy protections are not bulletproof. They don't have to be. They just have to be good enough that they (plus laws against violation) restrain most people from violating them.

Your second sentence is incomprehensible. What are you trying to say?

[bobbyschmidd]

sorry. the second sentence asks whether it's viable to temper proof all data in your home that might be exploited.

some people go through trash, find bills or other stuff that should have been shredded or burned. others even make use of magazines one has read, which is a measure in social engineering and that thing creeps do in chats which is one step beyond that line where kids tell others boat loads of stuff on discord.

then there is even the kind that takes out trash specific to you and drops it somewhere along the way where you walk your dog. just to get you paranoid enough for the next steps.

there's a guy who uses glue and glitter to seal screws and stuff. the glitter creates a pattern that cannot be reproduced. manufacturers do similar things with special stickers. it's really clever but will get you only so far.

it's mostly beyond the scope of the topic, sorry for wasting your time. pointless stuff happened to me and I remember stories and people, whose lives have been ruined and their characters FUBARed, from the past every time I read "nothing to hide".

it's 2025, corporations have completely normalized (the verb as it is used in military contexts, leveled) privacy and turned anonymity upside down, as have social and classic media, both small and big. it's incredibly strange to me that so few regard the consequences as an aggregation of transgressions rather than just violations at points in time.

"whatever bad thing we do, makes the next one so much easier."

Aggregation comes with exponential growth. Why is the law not aware of how badly their ignorance will backfire? Just because, apparently, which is why it's almost pointless to temper proof anything because if you are "hit". nothing and nobody can or will adequately compensate for the loss.

Having to spend a bit of time on mails and phone calls is nothing compared to the consequences of what can and does happen.

One lifetime and there were civilizations and "Empires", or rather colonies before, all with potential and it's because of small "levels" of deliberate ignorance, not the selectivity bias kind of our brains, that leads to civil conflicts, rises in crime, first small, then violence, rape, murder rates explode.

Software and Web Engineers are especially ignorant, I noticed in the last few years. And people think it's a result of demand, or rather a lack thereof and that the cycle that creates an "I don't care" mindset can't be fiddled with for the positive, even though engineers are literally the switch.

There's an inverted spotlight effect at play here, a maximized bystander effect and inverted egocentric bias. Engineers and intelligent academics believe they matter less than they actually do, which results in learned irrelevance, and culminates in the tendency to rationalize and defend existing power structures and "systems" even when they harm pretty much everybody up- and downstream.

I keep getting reminded of Pinker's "Better Angels of Our Nature" where he attempts to show with data over time how everything is getting better, and I think he hints at the nature of spikes and such but he completely failed to account for the aggregation of all these spikes, which there is no data for because law makers and enforcers are, apparently not willing to do the required work now vs leave it for later when the shit hits the fan.

But maybe that's just the reason why human colonies die.

[deepstate25]

This is a valid story and I’m sorry to hear that you went through this. However, it’s a strawman for the current argument from the blog post, which is that living life in the open and acting normal is setting things up for failure, and I don’t believe that it is.

Having nothing to hide is fine. Nothing to hide and doing nothing wrong is least likely to cause trouble.

The blog post’s argument that someone would be more likely to get watched if they start hiding after not hiding is not valid. ALL encrypted and unencrypted communication is a valid target for analysis, but ANY encrypted traffic is obviously more of a concern, just like one person walking into a store brandishing a gun is as alarming as 5 brandishing guns, and it doesn’t matter whether they used to not carry guns into the store.

[rpdillon]

I think Snowden put it well:

> Ultimately, arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.

Your framing suggests that hiding personal messages is akin to carrying a gun into a store, and it's exactly that parallel that the blog post is railing against. Encrypting messages needs to be normal and expected.

[fn-mote]

> Having nothing to hide is fine.

This statement completely fails to engage with the post.

In fact, the parent's whole "argument" ignores the prevalence of encrypted communications in the modern world. To use their (absurd) gun analogy, the modern internet is close to an open-carry state. (Europeans: this means everyone can carry a gun visibly.)

Everyone uses https by default. Phone communications and texts are the least secure by far.

PS There is nothing wrong with the GP's anecdote. It is an excellent argument, understandable argument for casual importance of privacy.

[pineaux]

the name fits the post. I have a different take on "nothing to hide" I think it's a shame that you have nothing to hide. Interesting minds have things to hide. It can be new ideas that are revolutionary and need hidden work to develop into a strong idea. It can be things that challenge the status quo in a dangerous way (for the status quo). It might be gaining freedom from stifling sexual norms. It could be information about your status (rich or poor). If you have nothing to hide, please walk around naked. Never close your curtains. Carry a screen with all your assets and bank accounts. Please carry all your passwords in plain text in your pocket or tattooed on your arm. Keep your address visible on a post-it note on your forehead.

Its just absurd to think you have nothing to hide. If it's not from the state, then it is from other people that mean you harm. That will take advantage of the information you are broadcasting.

[fernando__]

If there were 1 brandishing a gun, I’d be very alarmed.

If there were 5, I’d be even more alarmed.

If everyone in the store and outside the store were always brandishing guns, then it would be a very dangerous place.

Speaking of dangerous places- how about the U.S.?

The U.S. gun death rate is approximately 13.7 per 100,000 people, while the UK rate is roughly 0.04 per 100,000—making the U.S. rate over 300 times higher. This is likely because of UK’s stringent gun laws.

So, if everyone hid their internet traffic, does that mean there would be a 300% increase in hacker crime and convictions? And wouldn’t governments and companies be more likely to develop and use tools for spying on their citizens and employees?