Delcampe Is Officially Run By Morons

I agree, Don, that it is likely impossible to NOT deal with these companies whether it be directly or indirectly. If you are on the net, you are potentially a victim of ID theft. If you are NOT on the net, you are potentially a victim of identity theft.

I do 2 things to avoid losing everything. First, I am careful with whom, and to what degree, I interact on the net, and I am really careful with letting my personal info get out of the paddock. For unknown sellers, I will use a 3rd party payment processor. The second 'prong' of my approach is very passive - I hope that little old me is lost in the crowd. If I look like anybody else, and I make it just a little harder than the next guy to cheat, I suspect I am as pretty safe.

PayPal and Amazon have my credit card info. But not too many other places. I hope they have robust systems. I have had my credit card # stolen 2 times. Both were from small 'mom and pop' companies with whom I paid with my CC. Nowadays, if making a similar purchase, I pay using PayPal - Mom and Pop never get my info, just my money to pay for what I want to buy.

I am sure I can do better. I don't need to be the MOST safe. I just need to be safer than 90% of those out there. I think (and hope) that I am a real tough nut to crack, finance/credit-wise.

@51studebaker, The statement quoted was given in a response mentioning data protection and should be observed in this context. To be more specific when it comes to websites, I am trying to avoid contributing data to websites that are run by Big Tech and hosted outside the EU. I can be mistaken, but as I understand it this website is not run by Big Tech, so any data I contribute is owned by Stamp Community - not Big Tech.

I will give an example of how hard it is to protect yourself and still exist.

One of my information losses was from Marriott. So, what did the hackers get? My passport image and information along with CC info as well as name, address, contact info, social security number and federal government ID information. Why did they have this information? I had to give it to Marriott in order to stay at their facilities in Amman Jordan and Dhaka Bangladesh while on government business. You HAD to give them your passport and ID. It was mandatory per the Jordanian government. Did they protect it? No, they did not. There are over 150 alerts now from the monitoring service that the government had to give me after the OMB breach. ONE HUNDRED AND FIFTY.

I repeat, if you are reading this your info has been exposed. You just don't know it unless you have a service that normally costs thousands of dollars per year. It is scary.

I think that you might be missing my point.
This site, and probably most of what you do online, relies upon US and Chinese 'Big Tech' Level 1 network and fiber infrastructure. The majority of all our data is flowing through, and is largely stored on, 'Big Tech' infrastructure.

When you access this site, when you post something, the packets are sent through 'Big Tech' equipment, fiber, etc. and in all likelihood is even being stored on 'Big tech' equipment.

The Swedish ISP you are using right now, Hi3G Access AB, is owned by CK Hutchison Holdings Ltd. I won't go into the politics China/Hong Kong situation, but there is no question that CK Hutchison Holdings Ltd. has significant holdings in China and has a strategic relationship with China Telecom Corp., Ltd.

My point is, you cannot avoid supporting US and China 'Big Tech' if you are using online services.

But honestly, I do the same as you, I try to avoid using some of the companies you mention. But the sad fact is that unless any of us are willing to go off grid, we are still quite complicit with 'Big Tech' and 'Big Tech' has access to all the data that flows on its infrastructure.
Don

@51studebaker, I am surprised that you're outing my ISP to make a point. That is really not called for.

I do get your point, but my point is that data protection is not the same depending on where I choose to leave my data.

In the case of this website I can see that my data could easily become available to the public, so I am just grateful that I did not leave more of it than I did.

Consider this my last post ever on this website.

No one is 'outing' anyone, the name of an ISP company who has millions of customers cannot be used to ID anyone. My ISP is ATT, does that help you ID who I am? This thread is about DelCampe, did people 'out' themselves when they mention that they use/used it?

OK, maybe I don't get it...

Noting that a specific ISP has ties to China is "outing"? Public information. I think it is a good example.

The trolling here is real.

Privacy is looked at a bit differently this site of the pond. It is not just about being able to identify someone. It, also, concerns sharing information relating to someone.




Stating I buy my groceries from Albert Hein, Jumbo, or LIDL, does not identify me. Millions visit those supermarkets in the Netherlands. However, we consider it a breach of privacy if a third party divulges such information relating to me.

Note: not criticising anyone. Just trying to add perspective on how we look at 'privacy' in Europe.

NSK,
You are from Netherlands; anyone can easily look up the largest ISPs in Netherlands. The poster identified himself as being from Sweden in his introduction post. I do not understand how being a customer of a company can be consider private.

When you use a site like DelCampe, you have to supply them your name and address. And now apparently some users have to supply driver's licenses and birth certificates. This stands in stark contrast to this site, which has no idea who we are and has no requirements for names and addresses.
Don

Edit; I am also unsure that I understand how Delcampe can require birth certificate/driver's license from only US customers. In the US, I would think that this would be legally challenged.

@Don,

Mentioning a big Swedish ISP has a link to China is different from mentioning a certain member uses that ISP that has a link to China.

I hold customer loyalty cards from different airlines, supermarkets, hotel chains. Consequently they have my data. It is not always correct: one of the hotel brands, at some point, decided to add the date of birth. I have no idea where they got the data from, but it is not my birthday. I wrote them to change it. They told me they only could do so after receiving a copy of my ID. I told them to put it where the sun doesn't shine.

I agree for them to store my personal data when I sign up. They may send me special offers to celebrate my birthday. They, however, have no right to share that information without prior explicit consent. (Of course, sometimes it is hidden in the general terms you sign when you sign up to the programme. And a judge may decide they had no right to get my consent in that way.)

If the hotel's database is hacked, they have to report the breach immediately. If they were negligent, late in reporting the hack, or did not report it and are found out, they can be fined.

Holding data is not the same as divulging them. Even divulging those data in an involuntary way may be a breach of privacy.

We are a very sensitive lot when it comes to that kind of data. In the recent past, the European Parliament even blocked agreements with the USA, because it meant personal data was shared with US intelligence services or would be available to them. Generally, we consider the USA as allies.

Personally, I would worry a lot more about Chinese intelligence services accessing my data - I cannot imagine why I would be of interest to them: I prefer Indonesian food over Chinese food* - than those of the USA.

* Little insider sarcasm.

That one, I do not understand either. If they ask me for that information, there is a very good probability I can get them into big trouble with the privacy data regulators. I think someone there has lost his mind.

The privacy issue under discussion now originated with the post by Stampdoc on page 7 referring to being unable to make a payment unless personal identification was provided. The PAYMENT angle is important. See section 4.2 of Delcampe's terms and conditions. It appears that Stampdoc was trying to use Delcampe Pay, and to use that, Delcampe opens an account with the Mangopay payment service on behalf of the user. Mangopay is a regulated European payment facilitator. It is no different than a European bank for purposes of this discussion. If you want to open a bank account in France or Belgium, you have to supply a passport. The reason is tax evasion and the long-arm reach of foreign tax laws; tax authorities of nations that want to tax the overseas assets or transactions of those in other nations have to be able to exchange transaction data. Thus, most of the complaints here about Delcampe's treatment of PII are shouting at clouds. The requirement to provide PII to open a bank account has been a feature of European and Euro country national bank regulations for decades.

Europeans have a schizophrenic relationship with privacy concepts. On the one hand, they adopt GDPR, and on the other hand, to deposit (E)100 in a French bank you have to supply your passport. But when you run a modern European welfare state, you have to collect taxes, and when you have 70% marginal rates, the incentive to evade is high. So there you go.

Agree.

If it is a financial service and not just the auction, you are talking banking / financial services legislation. Bank are allowed to ask for your identify and to store such data.

It is not much different from France and Belgium here. If I open a bank account, I have to identify myself. The bank may store a copy of my identity document. They are not required to do so, as they only have to establish my identity.

The same goes for my employer.

I would not call it schizophrenic. One thing is privacy, the other is abusing public facilities without contributing. Few like it that banks have to provide the government with their personal data. Even more dislike it that people abuse the system. So, this is an example where a fast majority would agree to have the public interest prevail over the individual interest.

I feel that I am relatively familiar with data privacy issues but am a legal layperson. In my opinion the newest EU GDPR privacy laws are among the strictest and broadest in the world (and as far as I know have not yet been well tested in international courts or shown to be enforceable beyond the EU).

What the majority or the world's countries do agree upon for data privacy is information which makes it directly possible to identify a specific person. Data such as a Name, physical address, IP address, bank account, medical records, etc. are all pretty much universally accepted as personal data. But what makes the EU laws different and broader than the rest of the world is the inclusion of 'indirect' data. I think this means any information which may be gathered and then combined with other information. The premise being that the combination of 'indirect' data then might be able to then be used identify a specific person. (For example, what food store you shop at, who your ISP might be, that you collect stamps might all be combined to identify a specific person.)

But note that this website, and every other website which monetizes its traffic, uses 'indirect' data. This is why I often tout that everyone should read website Terms of Use/Privacy Policies, know what you agreed to when you opt into joining a website. Typically, websites are free only because they can use this kind of 'indirect' data. The 'indirect' data on each of us can include not just data based upon what website we visit, but also GPS data from a mobile phone or a car. Taken as a single piece of information and without a link back to a specific person, this has allowed up and until the most recent EU GDPR data privacy law.

Stamp Community Family uses 'indirect' data to be able to offer the community for free. The banner ads here are 'targeted' or tailored to each of us; showing us only ads that we have some connection too based upon the compiled 'indirect' data mentioned above. See here https://www.stampcommunity.org/privacy.asp But no matter how a personal information data is defined (direct or 'indirect'), once we agreed to the Terms of Use for a free website which has banners or otherwise monetizes its traffic, we are agreeing to the gathering, use, and sharing of 'indirect' data.

So, for folks who want to withhold 'indirect' information on themselves, the answer is to not make accounts or sign up in any way on any website.
Don