[jrockway]

It doesn't sound like Brown has a particularly solid case. I see no reason why an outside company can't request student ID numbers, nor can I see a problem with an outside company paying someone to go to the restaurant and pick up a bunch of sandwiches now and again.

Step 1: Write nastygram with no intention of filing a lawsuit and hope the empty threats scare away the people you don't like.

Step 2: ???

Step 3: Profit?

[Kylekramer]

It was due to my alma mater's (McGill) poor security, but IDs + some minor extra info like DOB were able to be used for a lot of stuff (if i recall correctly ID was the username with DOB as the default password and voila, you got free reign to everything from financial information and even withdrawing a person from Uni entirely) when I was in school.

It is mostly due to the trusting and insular nature of universities where they assume that there isn't going to be malicious attacks, but I can see why they rather not have that information given away.

[rayiner]

There are safety/security implications to having a company e.g. use student ID numbers to do the various nefarious things companies do these days with personal information. Especially in a campus environment, with a restaurant that seems like it wasn't open to the general public.

[nicoly5000]

Sure, but they deleted the Brown IDs and complied with Brown's demands after the cease and desist. Now they're making these sandwiches at another restaurant, and Brown's still threatening them.

[rayiner]

We have no idea what for--the article just gives a quote from Rosenblatt: "The startup has heard nothing more from Brown directly. But Rosenblatt says the same Brown lawyer started “harassing Betaspring” on March 18 with e-mails and phone calls to the accelerator’s partners and office manager; Rosenblatt says his interpretation was that the university was “preparing to serve us” with a lawsuit."