I have three accounts, one active and two rarely used. One was "Frozen" due to inactivity. I received a letter telling me to go to the branch to un freeze it. Long story short I had a right barny because the rep wanted to photocopy my Passport and send it to "central office". Insisting the photocopy would not be kept on a database that was her first lie. During the conversation it was insisted a drivers license (or utility bill) and a Passport or something with my photo on were required. Her claim was that after a year of inactivity accounts are frozen for security reasons. That was her second lie. At this point you need to know I've been going to this branch bank for the past 20 years. During the conv the rep insisted details were not on file and need to be updated, yet it emerged when cross questioned that my address name and other details were clearly listed under my active account. My other dormant account containing more funds, had been dormant for over four years, and not been frozen. This insistance on freezing for security reasons was disturbing, as if there was no activity why should there be cause for suspicious activity or any other security risk? The cream in this cake is when I "UN-froze" the account over the telephone. No passport, no drivers license required. However the mass of information they gave me over the phone (Yes... they gave it to me) when unfreezing the account was information mostly forgotton from around 2001, and it's now 2018! The telephone representitive must have been on commission. He created a telephone banking account and input old data about me taking over fifty minutes using existing data to confirm everything from my date of birth to my Limited Company details from the turn of the century; pausing for over a minute between each batch of info confirmed. I believe he was entering my personal data into a credit database for verification, something I've never needed, desired, nor been a part of. I'll be closing all accounts; but my concern is that HSBC have now significantly increased the risk that I might be a target of identity theft. My thoughts are that freezing accounts is a [problem] used to collect data otherwise denied by the now active GDPR. The current banking rules mean I would not be able to withdraw my own funds from my own account in my own branch without presenting data to the HSBC database which they don't have. How can a bank be allowed to do this?

I just read (in brief) the new Halifax terms and conditions. Check section "25 - K" Does anyone else think a synopsis might read: "If our system breaks down, or anyone else connected breaks down we're not responsible because it's unusal" and: "We can breech our agreement if any regulation (Not Law I might add ) requires we do so. Really! This reads like "It's not us, we were not there, and if you say we were we will deny it and refer to our terms and conditions."

I received a snail mail from a pension company. The envelope was empty, probably because it wasn't sealed properly .. or so I thought... I rang the sender to get the letter re-posted. The company would not resend the letter without a national insurance number. It seems a little odd that they can't trace a letter using a name address and postcode, even though they already sent it!! What if this was a spam complaint under the data protection act? .... The sender seems genuine. It could simply be an awful database. But it could also be a good phishing game. Sending empty envelopes is brilliant. Not everyone would throw it away. A percentage would be curious and investigate. All laws are covered when the customer releases personal info of thier own accord so some people would get caught.

Thats Q.I. I'll watch for that next time I'm browsing. Crazy ... It seems reasonable if you connect to a server that YOUR computer identifies itself, but it can't be reasonable that the server collects information you don't wish to divulge.... let alone a completely different server. I thought that was part and parcel with the new cookie law. Thanks for the info

It's not a Trojan dx100uk, Least if it is then the script kiddie writing it has a guaranteed job with Sophos! Yes I can bock firewall ports, or use the hosts file, but Your average housewife wouldn't have know anyone was looking at her PC or how to do that. Wasn't Google just recently slapped for doing something similar? Reauter Thompsan seem to be selling a service to promote inspecting PC's while users are browsing. Does anyone know anything about the service they are selling?

Just came across a nasty piece of work while searching for PC parts on line. The firewall went wild, and started blocking all sorts of connections. Turns out a service called "Markmonitor" (64.124.14.70) was trying to connect to my network. Bit of research and it seems this company, part of Reuters, is monitoring services across the internet for "copyright reasons." But what the hell were they trying to connect to my PC for? Dabs and PCWorld have nothing to do with copyright! Anyone else heard of this service?

I'm sure you're right. But who want's to go to court over something that hasn't yet happened? Isn't there a professional body who looks into unreasonable contract rules? Surely it's better to prevent unreasonable rules in the first place? It's a hard place for an individual to be in after the event.

Barclaycard are changing the rules on 22 Nov. Barclaycard (Condition 1.3) may not give advance notice of a change in credit limit. Thats pretty scary!. I have one card used only for holidays. If they make changes without telling me I could easily find myself on holiday with an invalid credit card. I'm not one to beleive statements such as " Oh that will not happen to you Mr xxx." I've seen people arguing with hotel managers before and It's not pleasent being caught abroad without sufficient funds. Is it legal for Barclaycard to change the agreed credit limit on your card without notice??

hi guys I think without publishing pages of records Slobrob pretty much provided a synopsis in his last thread. Your diagnosis, which has been suspected for years, could only be proven after fibre was installed, Until then aluminium and copper cable could have been the cause (Yes aluminium!!) Now It's almost certain to be the short distance between the premisis and cab. BT keep saying the problem could be with my equipment. Engineers on site were necessary to counter this. I've had nine modems, a bag full of filters, cables and two ISP's that say there's no fault on my side so it's time this was ruled out permenantly. It doesn't matter if it's 56K dial up, two meg adsl or 40 meg fibre, service always starts at max speed then the line is re-graded some months later to between 30% and 50% less than maximum. Now that fibre is up to 25 m away there's no reason for this. Exchange distance is not a factor in this case. I should be close enough to get full 21CN service. (Realistic speed 17 mb) Each time there's a fault I go through "channels." collect data, disconnect equipment check the master socket, etc etc and it's "down time" for my business. Being reasonable isn't working. However this is a hard legal case to win. Most likely BT will downgrade the line again and this becomes a contract despute over the minimum 12 mb (used to be 15 mb) guarenteed fibre speed. Fibre was sold as a cure to the long standing problem. I'm 25 m from the cab remember. I don't think it reasonable BT use the minimim speed loophole. This problem was predicted before the installation of fibre and I was assured installing fibre would cure the long standing problem. This needs to be either a highly public case or a high compensation successful court case to ensure the service from BT is improved for everyone. Help as to who has won such a case would be much appriciated.

Thanks for the links. quite interesting but not quite where I want to go. This problem has a history.. Compensation of a few hundred pounds is peanuts. Technical support engineers have cost that much to have on standby when BT didn't turn up! (This is necessary because BT keep saying the line is within spec N.F.F.) I needs a permenant fix so that "Do Not Touch" is painted in red on the local BT frame when this is all resolved. The name of someone who's successfully sued and received significant compensation perhaps. This is the area I'm looking for help.

Ok; I've had enough. How do I sue BT? Fibre optics were installed and this was supposed to cure the problems I've been having for the past eight years. It's been installed since November last year. First installed and tested @ the full 40 mb a few months later it drops to less than 20. sometimes less than 2 mb. Today I can hear noise on the line the same as I did eight years ago. This is definatly a BT issue. All my hardware is disconnected. The latest fault was reported last Friday. After many calls a BT engineer was arranged for Wednesday. (BT didn't show) then Thursday (BT didn't show) Now I've received a message telling me it will be repaired by Sunday evening, and still don't know if a BT engineer is expected to turn up. I need advice on the best way to take legal action. Claims are tricky , because BT contract clauses are tight. But I'm 25 meters from the cab. How close do I have to be to get the advertised service? Is this not an advertising infringement?Surely you can't sell a service that drops to less than half advertised shortly after installed?Two engineers were waiting around for five hours when BT didn't show. BT make a very big deal of stating "If it's your fault then you pay for the engineers time." What about my time? and the cost of the other engineers time?

I've an open thread about PCI compliance and just had a thought regarding the recent Sony Playstation server hack. Sony must have some pretty high security standards; much higher than the average company would usually install and yet personal credit card information was hacked. How on earth is a small to medium company supposed to stand up to the new rules credit card companies are imposing if Sony can get hacked? £50,000 fine is nothing to Sony but that will put most small companies out of business... Or is that the idea?

The security Industry is using PCI to mean Payment Card Industry. First proposed around 2002 it came into force this year. Barclays insist anyone handeling customer credit card information must follow the new rules laid down or potentially be held liable for loss in the event thier computers are hacked. Basically you must now register your company security details with Barclays chosen American security company and subject your PC or network to regular external checks. Effectively slic123, its a means of the bank cutting the cost of Fraud by blaming the customers security. "Reasonable care" is one thing and the principle can't be argued, but consider this: 1) The business is forced into giving it's security details to another company. 2) The security company currently doesn't know how to protect it's email database, let alone customer database. 3) If a new security exploit is discovered and the company is hacked, both Barclays and CC companies can wash thier hands of the blame. 4) Small IT companies providing Internet securety services to clients must qualify thorugh a governing security company that doesn't know how to send email without reveiling everyone in the email list. It seems to me there's a bigger risk in signing up than keeping personal security details personal. So... Can a company be held liable for not complying with these new banking rules?

We're all getting spam about PCI compliance and banking policy. Is it legal? Reading between the lines it seems the banks have been "shaking hands" for proffit again. Internet security is abysmal, but banks wish to sell Internet banking because it's a high profit margin, even with level of fraud. 10 years down the line bankers still can't stop Internet fraud and can't be bothered to invest in better security so now they are insisting blame fall on the client if thier network is targetted and hacked. The last spam received from this American PCI company contained the email addresses of around 250 other companies. Sending the email addresses of others in thier database doesn't sound very smart to me. Nor does it sound like the action of a competent security company. I have no intention of submitting security deatail of any of my customers to a company which shows this level of incometance, or for that matter to any database which I have no control over. Where do we stand regarding the law? Can a client be held responsible by the bank if hacked?

I just made a credit card purchase from PLAY.COM without the need to do anything except click. This seems a bit odd. Shouldn't I have to enter the three digit number every time for security? Are PLAY allowed to store this number? I didn't get redirected to the MBNA security website either. Anyone else found this?

Well yes, Companies house is logical, but it doesn't actually tell you who which companies are in bed with their sisters. Take Dabs for example. Companies house doesn't show that BT shop and Dabs are the same. IP addresses and domain name look up can be quite different. so that doesn't work either. Or they can be operating on the same server and not related at all.

How do I find out which companies are the same company under a different name? Dabs.co.uk currently have a product delivery issue, something quite familiar to them so our order was cancelled. The same product was found at "BT Shop". We don't have an account so I telephoned to check how they respond before making our first order. It was discovered they are the same people, same database and had the same 45 minute wait time to speak to a service representative. Is there a website which shows listings or a place to find parent companies and associations of on-line business? Is it the law that associated companies disclose this information?

Halifax are to be taken over by Lloyds, and this created a question for me re: security. Before anyone replies I should point out this is not about the most probable outcome, but the worst possible scenario. This is because in my experience "It can and does happen." Banks are permitted to transfer money from one account to another belonging to the same person. This is IMO a security risk for the following reasons. First the links: 1) PayPal are part of Google are part of Ebay. PayPal can debit your linked bank account in the event of a dispute, and Google accounts have been known to be "hacked" on a large scale. 2) Halifax are now part of Lloyds who recently were on TV about transferring funds between accounts without the users permission. Now consider this scenario: User goes on holiday. A PayPal complaint goes in following a Ebay sale. Paypal contact the user who is unavailable. Paypal serve notice and debit the Halifax account while dispute is being resolved. Halifax account goes into debt and Halifax deduct funds from the Lloyds account to settle. (This action has been confirmed correct by a Halifax telephone representative.) But the Lloyds account is a business account, and as a result the business balance isn't met at the end of the month and loan payment fails. If the buyer has no real claim and should it go to court insurance will most likely not cover this, and as it's contract law this must be heard in a high court... Very expensive. You should be able to see where this could go, and each stage is quite legal and permitted. With small businesses a great deal of trust is placed in the reasonable behaviour of the banks, but lets not forget the banks are here to make profit, and in the event of any discrepancy most banks will have no quandary performing a risk assessment. Once the figures are seen the reason is of no concern. The company credit rating is adjusted. I don't think it should be legally allowed to debit a healthy limited company bank account in order to cover a private debt, even though the Company director may be the same. I've had 25 years of trouble free banking. Care has been taken to ensure in the event of fraud or theft damage is kept to a minimum however over the years seen lots of potential security problems. Recently the appalling attitude and actions of the Nat West which although not directly related still involve "fine print" have caused me to examine the above procedures in detail. Do the public have ANY protection now? or do the terms and conditions you sign when opening an account make it cut and dry? ( I.E. It's your fault unless you can prove it wasn't) Once again any reply on the lines of "Oh that couldn't happen." or "it's very unlikely" should be ignored unless actual figures can be verified.

I completely agree in principle. It wouldn't seem profitable. However this didn't stop Ebuyer in the early days. None of my colleagues will trade with Ebuyer even now, and they turn a tidy profit. If there's no way to stop such trading then profit can be made and it would seem to be quite legal. Anyone with a professional legal background like to comment?

Okay , I understand the "non-profit" situation which is reasonable ... however this is about loss. It's much like buying a ticket for a flight and then finding the airline staff had a party and turned up late. You've missed the connection, the cruise ship sailed and a ticket refund doesn't help. In this case I've lost two working days and a further half day obtaining the parts elsewhere. We must be reasonable, and mistakes happen, but if there's no legal way to stop such lack of concern when trading then I shall be buying broken biscuits in the near future. This is a loophole where companies can gain by not caring for customers! If the customers who complain are only entitled to a refund.. then it becomes profitable for a company to be out of stock. Even overnight interest rates on the money from orders would turn a profit! The small percentage of customers who don't complain about their order will provide clear profit for the company!

OK but doesn't that lend itself to getting away with professional incompetence on the part of the provider? It would be easy to set up a [problem] website advertising an attractive product, then send a packet of biscuits to fulfil the order. "sorry ... out of stock... just keep the biscuits and we'll refund your order." Statistics depict a percentage of customers would not bother complaining and therefore profit could be made ... from in effect nothing! In this case the product is of no use to me if it's delivered late. I'm forced to buy from another retailer at a much higher cost and at a loss of my time. Surely there must be some form of compensation due to misrepresentation or something legal to deter a supplier from correctly fulfilling an order? Can't they be forced to send the correct items? (for example)

Last week I ordered four video cables from an online UK company. The order didn't arrive and I called them up. Delay was caused by one item on the list "out of stock". Without any prompt, they offered to send the order in two parts. As it was Friday I expected this to arrive Saturday or Monday. The wrong parts arrived on Monday and I called them asking if they would send the correct parts immediately. They refused without first receiving the items back (at my expense.) This delay has in turn delayed my work. I need to get these cables fast and intend to purchase them elsewhere. As they didn't inform me the order was first delayed, then sent the wrong parts, and now refuse to send the correct parts until I return the existing ones, where do I stand on compensation?