Security, Programming, Pentesting
by {"login"=>"averagesecurityguy", "email"=>"stephen@averagesecurityguy.info", "display_name"=>"averagesecurityguy", "first_name"=>"", "last_name"=>""}
Our local Yankee Candle store at the mall has a policy of asking for an email address and phone number with every transaction. I typically decline to provide the information and if they push I give them obviously false information. Yesterday, my family and I were shopping at Yankee Candle and while my wife and kids were roaming through the store I stood at the door watching. My 11 year old approached the counter to make a purchase. He went through the typical process, the clerk rang up the items and told him the amount, he gave her money and she provided change. Then she asked him for a phone number. At this point my son looks at me, still standing at the door, and says do I give her mama's phone number. I told him, that he is not to give any strange adult a phone number because he is a minor. (I've trained my children not to provide personal info as a general rule. They even have codenames for those stupid restaurants that demand a name with every order.)
Once I told my son he was not allowed to provide information to the clerk, she asked me for a phone number and email address saying it was REQUIRED for the receipt. I gave her an obviously fake phone number and email address and she rolled her eyes and said I could have just opted out. I'm sorry but "REQUIRED for the receipt" and "Could have just opted out" are mutually exclusive. I will keep shopping at Yankee Candle because they have the candles my wife loves but I won't ever give them valid information and I will train my children to give false information when asked by a strange adult.
My question to Yankee Candle is this, if there is an opt out option, why is it not used automatically for minors? Why are you putting 11 year olds in the position of giving complete strangers their phone numbers and email addresses?
tags: