I've worked for a company that was acquired by EIG. Their whole support system is incredibly terrible, but account fraud is a legitimate constant concern. The fact that the guy prepaid doesn't really matter—Paypal accounts in particular are a breeding ground for stolen money/accounts.
My reading of this situation is that the person who wrote the article did something that got their account flagged as "this looks like a spammer we previously kicked off our service", at which point the automatic system kicked in to ask him for a copy of an ID because it thought he was probably some Russian or Chinese scammer. Yes, there are false positives, but even at the best hosting companies, there's a constant stream of foreign spammers and scammers. Constant. Like, multiple obvious questionable contacts per day for every single support/sales person on staff.
This is pretty much how it works at any major low-cost hosting company. EIG's awful customer service system (which is centralized across all the companies they own) means that they take forever to process everything, but any hosting company with prices low enough to have to deal with mass fraud is going to have similar procedures. It'll just at best (like it was at the company I worked for pre-acquisition) be somewhere where you can talk to a fraud specialist immediately on the phone, fax in a copy of an ID, and have your site back up in a half hour.
Also, of course the support person closed the chat. What the hell do you expect when you start talking about Homeland Security and the TSA? This is some guy in a cubicle who has no power to change policies and is trying to handle a half-dozen upset customers at once. He doesn't have time for your crap.
What do you think is the threshold to charge to avoid the scammer harassment? I tend to use cheap hosting for people, and I'd like to step up a notch to avoid just this sort of silliness.
You're pretty much not going to find a LAMP shared hosting company that doesn't have a similar policy.
That said, look for services with a minimum term of a year (this lowers spammer numbers quite a bit), and look for services that have multiple contact methods including an actual physical mailing address listed on their site (even if it's just a PO Box, it shows that they're probably not a reseller... there are lot of resellers out there).
And avoid companies owned by EIG or GoDaddy (some web searching will get you lists for both)—they're both just too big and too disorganized to provide adequate levels of support.
I was asked for scanning of similar data from Limestone Networks, but I've known them to never cheat anyone, so I didn't mind. But why for someone like HostGator to ask for so much identification? Their services aren't like LSN (Limestone) where it costs a lot of money, and you have to verify someone's not duping you with information they found online. Never hosted off HostGator, just not my cup of tea. Now I just use DigitalOcean, great service, for what I need it for, and affordable.
The complaint seemed eminently reasonable to me... up until the point where the author began taking an openly hostile tone with the support representative that he spoke with. Even though he had a deeply unpleasant experience, taking it out on the poor support guy is pretty unprofessional, and is really not terribly likely to reinforce the image that he's worth doing business with.
Sigh. Nasty to watch what HostGator did too, though.
> Seriously what possible reason can they have for this for simple web hosting? What are they afraid of or is there some financial angle?
Scammers who use stolen credit cards and Paypal accounts to purchase cheap bulk hosting and send out floods of spam emails (before the account gets shut down) and/or set up imitations of other websites for phishing attacks.
Simple, cheap web hosting makes this more of a problem, not less.
At this point the cheap LAMP shared hosting field is basically EIG* on one side, GoDaddy† on the other, and all the small companies in between getting squashed or acquired by one or the other.
* They own Hostgator, Bluehost, Startlogic, Bizland, iPower, Startlogic, Fatcow, iPage, JustHost, MyDomain, Homestead, NetFirms, and a couple dozen other companies.
† They own MediaTemple, Wild West Domains, BlueRazor, and I think a couple of other companies.
My reading of this situation is that the person who wrote the article did something that got their account flagged as "this looks like a spammer we previously kicked off our service", at which point the automatic system kicked in to ask him for a copy of an ID because it thought he was probably some Russian or Chinese scammer. Yes, there are false positives, but even at the best hosting companies, there's a constant stream of foreign spammers and scammers. Constant. Like, multiple obvious questionable contacts per day for every single support/sales person on staff.
This is pretty much how it works at any major low-cost hosting company. EIG's awful customer service system (which is centralized across all the companies they own) means that they take forever to process everything, but any hosting company with prices low enough to have to deal with mass fraud is going to have similar procedures. It'll just at best (like it was at the company I worked for pre-acquisition) be somewhere where you can talk to a fraud specialist immediately on the phone, fax in a copy of an ID, and have your site back up in a half hour.
Also, of course the support person closed the chat. What the hell do you expect when you start talking about Homeland Security and the TSA? This is some guy in a cubicle who has no power to change policies and is trying to handle a half-dozen upset customers at once. He doesn't have time for your crap.