“Just login to our system.” A very common demand these days. You can’t get a mortgage or buy a toy or receive medical care without creating an account and logging in. It sounds reasonable, but is it?
Entering your life’s data into any system is risky, as we are repeatedly reminded by the steady stream of news reports about hackings that assurances about the safety and security of your data are mere rhetoric, no matter the company or organization. Demanding that you to login to a system assumes that you are willing to take a huge leap of faith, and trust that:
the system is well-built and supported,
the people administering the system are highly skilled, and that
state-of-the-art security measures (ineffective as they may be) are in place and the people administering them are highly skilled.
This is like asking you to jump off a cliff based on a stranger’s assurances that “it’ll be OK”.
In the first place, systems come and systems go. Systems can be well planned and constructed by groups of seasoned programmers and User Interface Specialists, and they can be dreamt up and put together by a dude in a room with a coffee pot and a goldfish named ‘Shiny’.
The fact that someone working for the company with which you want to do business or must do business chose a ‘system’ doesn’t begin to mean that it is well-built or easy-to-use.
Secondly, you probably know an IT professional. Is she perfect? Does he get high? Does she ever have a bad day or a poor night’s sleep or take a sick day? Any computer system is only as flawless, secure and infallible as the people administering it; that is to say no software system or online application is flawless, secure or infallible.
The point is, that it’s rude. When you crack the nut and separate the meat from the shell, what we are being told is: Give us all the data you have - data that if misappropriated can be used to absolutely ruin your life - and put it in this system that we were told is reliable (but we don’t really know, not being programmers) so we can store it in an unspecified database on an unspecified server behind unspecified security measures, all of which are administered by people sharing unspecified qualifications and certifications, if any, as there are no state or federal regulations or standards for these positions. And it is presented without option or conversation, politely but firmly letting us know that we can either “just login” or surf on down the internet and find another company with which to do business; a company that will undoubtedly demand that you just login to their system.
Though life without screens and software may seem hard to imagine (or remember), it has been less than twenty-five years since Windows 95 freed us from having to load DOS first, and we are still developing rules, procedures and etiquettes surrounding their use. Businesses will do what is easiest and most cost-effective, inevitably at the expense of the consumer, until the consumer pushes back. Hey Consumers! Wake up! Time to give it a shove!
At the very least, before asking a customer / client / patient to “just login”, it would be polite and considerate for businesses to inform the consumer of the required use of the system and provide them with information about the system and the company that developed the system, including a link to their website.
When instructed to “just login”, REPLY with two questions:
Will you please provide me with information about this system?
If I create an account in this system, will my data be stored securely, and if so, how?
Or in the vernacular, “Can I at least take a look before I agree to marry him?”
You will undoubtedly get responses like, “We can’t share that information”, “I don’t know”, “yes, it is secure”, “the system is called Joe’s System”, and other evasive, non-answers – mostly because no one has asked before and they either sincerely don’t know and/or don’t want to be bothered. But do not relent fellow Consumers! These are reasonable questions and there is nothing preventing any business from answering them except lack of knowledge, stubbornness or arrogance. Your IT buddy will verify that.
Remember that your data is yours. No one has a right to it. And it is valuable. You wouldn’t just hand over your wedding ring or watch or car simply because someone asked, and those things are specs of sand compared to the diamond that is your data. Protect it greedily and stubbornly. Distribute it sparingly and only when justifiably required. Remember that you do have a choice the next time a screen implores you to “just login to our system.”