26
Jan
11

We all get to play the terrorist on the security theatre stage

You never know when you’ll be called upon to play a minor role in life’s ongoing stage of security theatre.

I found that out yesterday morning after printing out a boarding card at my hotel the morning I left Nuremburg, where I’d been sent for a seminar.  I’d asked the front desk if I could use the lobby computer terminals, but they told me that before they could give me the access password, they’d need a copy of my ID.

OK, I thought – maybe they think I’m going to damage their computer, stuff the wide-screen monitor into my back pocket or cram the desktop tower into my carry-on – whatever.  I just needed to print out that boarding card, so I handed them my passport to copy.

After five minutes online I returned to the desk to say I was through, and could I please have the copy of my passport back.

“Oh, I’m sorry, we can’t do that,” said the cheery young woman behind the counter.  “Under German law, we’re required to hold on to it.”

“But I’m finished,” I said.  “Why do you have to hold onto it?”

With a big smile and a double head-bob, she cheerfully said, “Because just now, you could have been planning a terror attack.”

I was stunned.  Flabbergasted.  I’d say blown away, but the slaughterhouse floor scenes from the smoke-filled Moscow airport terminal suicide bombing are still too fresh in the mind.

“I beg your pardon?” I said. “My passport contains vital personal information.”

“Your document copy is safe with us,” crooned her male colleague.  “We have a locked safe.”

“That’s not the point,” I said, but decided not to press it further, leaving for the breakfast buffet shaking my head.

But while gathering my plateful midst the morning crowd I couldn’t just forget it.  I got to wondering if somehow my information might be stolen sometime over the next 10 years.  I wondered how long they’d hold onto it, whether it would one day be destroyed, and whether I’d receive any notification of that.

So I went back to the desk and asked them how long they intended to keep my passport copy.

“We have to keep it for 10 years,” she chirped.  “It’s the law.”

Stunned again.

“Do you mean to tell me that for five minutes of online time you are going to keep a copy of my most important personal document for 10 years?”

What seemed like farce to me they took as routine.  “It’s the law,” she repeated. “We have to do it.”

“Good,” I said, not wanting to debate the existence or strict interpretation of a law I’d never even heard of.  “In that case, I think you should inform your customers before they use the terminals that their personal information is going to be on the files of your office for 10 years.  If I’d known that, I’d never have bothered.  Never.”

I returned to my breakfast – chewing over the screenplay and script of yet another production of security theatre and how I could have played my role better –   and suddenly realised that I had no proof that I’d logged out.

Carrying out their absurd scenario to its bizarrest extreme, I wondered: what if someone were  sitting at that terminal logged in under my login and password – the one with a hard copy of my passport copy attached to it – and were in the process of sending coded messages to fellow cell members to blow up another airport?  I had no physical proof that my session was over, nor that I’d logged out.  What if nine and a half years from now someone stumbled upon the connection and I’m hauled before a judge and sent to prison for the rest of my life?  Hey, and what if there were some sanity in the way we live our lives, and is it any wonder people my age get nostalgic for times when we all weren’t assumed to be guilty before proven innocent?

Overcoming my desire to just forget the whole thing, that it was nothing but trivial bureaucratic bullshit and really doesn’t matter anyway, I went back to the front desk and said, “Look, I don’t want to belabour the point, but about the Internet thing, could you please print me out some proof of when I actually used the computer, and confirmation of the time I logged out?”

The woman with whom I’d mainly been dealing overheard my request got up from her desk in the tiny office off the main counter.  As she turned to face me I could see her face was bleeding red with rage.  “All right,” she said. “If that’s the way you feel about this, we’ll do it a different way.  You can have your passport copy back.  I’ll just take down its number.”

As she was searching for my passport copy she added, “Never before have I had to deal with anyone who objected so vehemently to this procedure.”

I resisted the urge to remind her that Germany is full of people who put up with crap simply because someone in authority is shovelling it.  But picking up on the word “vehemently” I pointed out to her and the other two desk employees  looking on that I had dealt with them throughout in a calm manner, never once raised my voice, spoke with them in even tones, and was merely asking for something that I felt was my right to possess: my personal information.  “Data protection and privacy is a two-way street,” I told them.


27 Responses to “We all get to play the terrorist on the security theatre stage”


  1. 1 G
    January 26, 2011 at 6:24 pm

    I would actually think that woman was lying. Because a few weeks ago I used a terminal in the UK showing only my key and last Thursday my husband did the same in Munich without showing any ID at all (the hotel staff recognized him). Just the fact that she would return it indicates to me that this is an internal policy and not an official regulation.

  2. 2 G
    January 26, 2011 at 6:25 pm

    But well done on holding your temper and pointing out how unprofessional her own behavior was.

  3. January 26, 2011 at 6:35 pm

    Isn’t cheerful, peppy obedience disconcerting???

  4. January 26, 2011 at 6:42 pm

    I would have said something like, “yeah, I heard the Germans were very good at just following orders. Sieg Heil.”

  5. January 26, 2011 at 6:44 pm

    Brownamazon…I never think of the good comeback until 5 minutes after the moment is gone. Stupidity is too shocking.

    • January 26, 2011 at 10:20 pm

      A comeback it might be, but to give the Hitler salute or shout Sieg Heil can get you in to one heap of trouble here.

      And G is right – if she was prepared to give it back to me, it’s probably got nothing to do with the law, just some internal BS.

  6. January 26, 2011 at 7:02 pm

    Interesting. Just last week I was in Templin (a city with a strong East German feel) and nothing was required of me. In fact, I was signed in only with my last name as it was a group booking, they had no further information on me. Yet I was allowed free access to the WiFi.
    A few months ago I was in Essen, also on work business… nothing. We had a pleasure trip to Lübeck, no such requirement.
    Something makes me doubt that it is German law. My suspicions would run closer to it being a hotel-based requirement. Having worked within the German data protection laws, I would be very surprised to hear that this is a German requirement.

  7. January 26, 2011 at 8:21 pm

    Wow, that’s kind of unbelievable. I’m glad that you kept pressing the point, especially since it sounds pretty fishy to begin with.

  8. January 26, 2011 at 10:54 pm

    How bizarre–I’m glad you got it back. Her sudden rage seems very odd in the circumstances.

  9. January 27, 2011 at 3:48 am

    I strongly object to handing over unnecessary information.

    I had the clerk at the Dollar Rent-A-Car in Denver throw my drivers license and credit card back at me when I refused to tell him exactly where I was going to take the car. I actually feared that this question was Dollar policy, but when I rented from Dollar today, in Indianapolis, they never asked me where I was going to take their car.

    I suspect it’s some idiotic policy of the Denver location — but it’s damaged the brand in my eyes.

    As for the hotel clerk wanting such a bizarre amount of personal information — I would have asked to see her boss and pushed to see the policy in writing and asked what section of law it referenced. Make her and her boss feel very uncomfortable.

    • January 27, 2011 at 7:32 am

      I think with your car company, Adam, they were trying to find out if you were going to take it out of state or into Canada or Mexico, because that could change the insurance cost or make you ineligible. I’ve heard stories of rental car companies with GPS embedded in their vehicles. In this case the guy drove into California out of Nevada, and it said on his contract fine print he’d be fined if he left Nevada – they dinged him for 3,000 bucks penalty.

      These desk clerks weren’t freelancing, just blindly following orders. Not watching the news, either, I bet.

  10. January 27, 2011 at 5:52 am

    Perhaps it was “internal policy”, or perhaps they were free-lancing in some nefarious way. Who knows what evil lurks in the hearts of apparently innocuous desk clerks?

  11. 13 Generation 26
    January 27, 2011 at 6:23 am

    This is one of the things that will be a funny story to tell in a few years

  12. January 27, 2011 at 9:39 am

    “I resisted the urge to remind her that Germany is full of people who put up with crap simply because someone in authority is shovelling it.”

    The Eichmannn Defense, no?

    Also, remember this?

    http://www.independent.co.uk/news/world/europe/german-shops-used-stasi-methods-to-snoop-on-staff-811245.html

    • January 28, 2011 at 9:02 am

      @H-Husband. Sure, they were only following orders, but whose orders? And don’t they have any sort of feeling for how statements like “You could have been planning a terror attack” are actually received? She said it as if it were something I might actually get a laugh out of.

      @canadada – please let me know by email only please – which company that was. I live in Hamburg, don’t forget. It might be interesting to follow that up.

  13. January 27, 2011 at 10:59 am

    That’s pretty astounding. I’m glad you pressed the point and got your copy back.

    I’ve been asked by car rental companies if I’m going to drive out of state – my understanding is that it is because of the insurance – but was never asked for a specific destination.

  14. January 27, 2011 at 10:10 pm

    … that’s some ordeal you went through.

    Maybe THEY are part of a terrorist plot – ?
    Just kidding.
    Sort of.

    Happy New Year Ian – glad to see you are still living WELL and ever KICKING!
    I applaud your tenacity to pursue this ‘issue’ to your satisfaction.
    It’s YOUR info, not theirs Better that YOU protect it, not them.

    And I’m left wondering, presuming that the 10 years holding ‘law’ is true, what happens if a business goes bankrupt but has your data? Then what?

    Personally, with my own dealings with DESIGN ‘hi-jackers’ FROM Germany, I’d say you got off lucky! I have spent OVER 20 years attempting to re-claim a usurped design by a ‘prestigious’ type shop in Hamburg. They stole my work while they were working for Letraset in England. They then went bankrupt and resurrected under the same name with two ++ signs after it. AND they CONTINUED to market and distribute not only MY design but SEVEN ‘knock-off’s they had made of that design. I finally managed to get them to at least ‘sign a contract’. The irony is that they never honored it. I then made a public stink about it in the typographic community and they reluctantly admitted that maybe they shouldn’t have done the knock-offs … meanwhile, they have not paid a royalty since. It has been an eye-opening and bitter lesson about ‘licensing’. So, moral of the story, hold on to what is yours and make sure ALL YOUR concerns are written into the ‘fine print’. Make sure The Law protects YOU …. (phew, feels good just to say it!!!)

  15. 18 Michele J
    January 28, 2011 at 12:59 pm

    How annoying. This sounds like some kind of misguided hotel policy mixed up with the rules for how long you have to keep business documents (receipts, bank statements, etc.).

    *Standard disclaimer: I am not a lawyer.*
    But I wonder if the Telekommunikationsdienstunternehmen – Datenschutzverordnung – TDSV doesn’t apply. I think it’s technically more for say Deutsche Telekom but if the hotel is providing internet they are in a sense a telecommunications provider. It says they can ask for an ID:

    § 4 (4) Der Diensteanbieter kann im Zusammenhang mit dem Begründen und dem Ändern des Vertragsverhältnisses sowie dem Erbringen von Dienstleistungen die Vorlage eines amtlichen Ausweises verlangen, wenn dies zur Überprüfung der Angaben des Kunden erforderlich ist. Dabei dürfen andere als die nach Absatz 1 zulässigen Daten nicht erhoben werden.

    If this does apply, they are supposed to delete your data at the end of the year after which the contract was concluded (I guess it concludes when you log out):

    § 4 (3) Endet das Vertragsverhältnis, sind die Bestandsdaten mit Ablauf des auf die Beendigung folgenden Kalenderjahres zu löschen. Die Löschung darf längstens bis zu einem Zeitraum von zwei Jahren unterbleiben, soweit und solange eine Beschwerdebearbeitung oder sonstige Gründe einer ordnungsgemäßen Abwicklung des Vertragsverhältnisses dies erfordern. Die Löschung darf ferner unterbleiben, wenn gesetzliche Vorschriften oder die Verfolgung von Ansprüchen eine längere Speicherung erfordern.

    (Sorry for long quotes; full text here: http://www.online-recht.de/vorges.html?TDSV)

    You may want to ask the hotel in writing about what law they think gives them the right to request an ID. If it’s TDSV, in my understanding they have to delete the data within max. 2 years, unless there is a concrete police inquiry or similar. I’m not sure what the Bundesdatenschutzgesetz (BDSG) has to say on this. But according to BDSG, every company with more than 10 employees that records data has to have a Datenschutzbeauftragter/data protection officer. I’d be inclined to get in contact with him/her. But then I’m also a glutton for punishment.

  16. January 31, 2011 at 7:11 pm

    Way to go Ian! I’d probably not have done what you have done, I’d probably have just taken the abuse.

  17. February 3, 2011 at 10:30 am

    I saw a “Law & Order” episode not too long ago where someone using a internet cafe was ID’d because the shop required users to provide a copy of their driver’s licenses (which, have somewhat less personal information on them, no location of birth). I would think that establishing your connection to the room should have been enough – they got a passport when you checked in, right?

    Still, 10 years can’t be right.

  18. February 4, 2011 at 6:56 am

    What BS. None of the coffee internet shops I’ve ever been to in Germany have ever required any sort of ID, though I’m always using my own device(s) on their network. I can’t imagine that makes a shred of difference, though.

    Apparently in Italy such a request is legit though: one member of our traveling party had to sign over responsibility for the group’s network activities as a terrorism-prevention measure.

  19. 24 Anon
    February 4, 2011 at 5:06 pm

    Italy just repealed that law, though can’t remember what the date of implementation is….

  20. March 8, 2011 at 10:13 am

    Far more chance of them using your credit card and personal info to commit fraud than of you blowing up a plane. Well done Ian for not just blindly accepting moronic rules. We need more like you in this world!

  21. March 9, 2011 at 12:24 am

    Nail on the head – “Germany is full of people who put up with crap simply because someone in authority is shovelling it.”

    It boils my blood sometimes, and the reason the crap is shoveled on people in the first place is because no one dares ever question authority. This obviously opens up another potential can of historical worms of what ifs and potential maybes but I’m not going to get into that.

    I was asked for some ID at a cafe with wifi in Oranienburger Straße in Berlin. The girl told me it was to control pedophiles and protect the cafe in case I looked at pornography. Whatever. I don’t ever carry my passport or any ID worth talking about but she didn’t seem too bothered. I suspect this is simply a case of some pen pusher in an office somewhere making a thoughtless rule which internet providers enforce to varying degrees depending on their diligence in following orders. You obviously just met a wagon.

  22. April 15, 2011 at 6:05 pm

    Reminds me of being in Dusseldorf a few years ago on a Sunday morning…7am, no traffic in sight, and starting to cross the intersection when the light was red. A man next to me grabbed my arm and shook his head, pointing at the red light. One of the things that drove me crazy when I lived in Germany was the strict adherence to ‘the rules’.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


The banner photograph shows the town of Britannia Beach, BC, Canada, where I grew up. It's home. But I don't live there anymore.

My email

britbeach / at / yahoo dot ca

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 586 other followers

SUBSCRIBE! Or I’ll post again.

This blog is best consumed with a glass of wine and often a grain of salt. Take a random look:

twitter-i-send-pointless-little-messages

This blog has been visited

  • 520,107 times.

A few reasons why I sometimes get homesick

HoweSound2

HoweSound1

Squamish

MiningMuseum

More Photos

1oo% Blogthings-free since January, 2007

and one last factoid about me: according to these people, i can type per minute

OK, that wasn’t the last thing on the sidebar, but this is:


Follow

Get every new post delivered to your Inbox.

Join 586 other followers

%d bloggers like this: