KickIdle.com Blog

The Clear Registered Traveler program was a service that basically collected a bunch of information about you, ran a background check, then gave you a card that let you skip to the front of the security line at 20 airports around the country. Since Dulles International Airport was one of them, I signed up for the card a little over a year ago. I’d had good experiences with it, and renewed it for $179 in May this year.

Then on June 22nd, Clear abruptly announced that they were closing operations effective immediately. (News which I learned about via Twitter before I learned about it from Clear’s customer service email. Viva la revolution!) The first order of business was to call American Express and dispute the charge from Clear. Clear has since announced that they won’t be issuing refunds due to the “financial condition of the company”. (In other words, they be broke.) This is why you should always use a credit card for purchases, kids. It’s a lot easier to dispute a charge on a credit card than a debit card.
Anyway, the more disturbing thing about the Clear closure is that they have a huge amount of personal information about their customers – iris photos, fingerprints, names, addresses, social security numbers, credit card numbers, etc. It’s really their most valuable asset – to a prospective purchaser or to a hacker. I reviewed their privacy policy again the day I found out about the closure, and it seems to indicate that they can’t sell the data. But as this Wired article points out, the policy isn’t explicit about what happens if the company is liquidated or acquired.

So now I’m wondering if I should try to get an injunction against them transferring all my personal information to a third party… Good luck with that, right?

I was going to use “irony” in this post, but since everyone always complains about misuse of that word (we’re talking about you Alanis), I thought I would double-check the definition. It seemed suspiciously close to sarcasm, so I looked up the definition for it as well. Turns out sarcasm is “irony with the intent to cause pain.” Huh. Who knew? So all those times I was being sarcastic w/ my friends, at least 50% of the time it was actually irony. What a crazy world. Anyway, back to the point of this post… (which apparently isn’t ironic – glad I looked that up!)

Since this isn’t “ironic”, I guess it’s in the category of stupidity… Why are companies so stupid? Seriously… Now that I’m a small business owner, these seem like obvious things not to do?

• Give your employees security awareness training about things like don’t go to websites with invalid certificates and how to avoid running untrusted mobile code (like Java applets). Then, setup your company webmail with an invalid SSL certificate and include a Java applet with an invalid signature.
• Setup a multimillion dollar project to sell your client a document management system. But put all your internal project documentation on a file share, then email copies around to get edits, and have no internal document management practices or tools.
• Tell everyone you’re in a cost cutting mode and that they need to share rental cars and try to reduce costs. But don’t setup a telework arrangement even though you’re spending $100k per month on travel for the team. And you have the equipment and expertise to setup a telework VPN with minimal effort or investment.

Got any other examples?