I think this is pretty messed up - what do you think?

[hAkron]

I bought a gun at Dick's Sporting Goods recently (it was a Stoger O/U Shotgun that seemed like it would be fun to own). I was talking to the salesman while I was filling out the 4473 form and I ended up making a mistake and writing my state in the box for my city. The guy told me to initial next to it, write in the city name and continue. I finished filling out the form, he called it in, got a proceed, I paid for the gun and went home.

A few weeks later I got an envelope in the mail with Dick's Sporting Goods as the return address. I opened it up and it was a photo copy of the first page of the 4473 right there sitting in my mail box with my name, address, SS number, phone number, height, weight, city of birth, a veritable treasure trove of information relating to my personal identity. There was a note attached to the form that I needed to put a line through the box on the form where I had made the mistake and return the form to Dicks.

The fact that they passed all of this information, unprotected through the mail really makes me uneasy. There is so much personal information on a 4473 that an identity thief could use it to do whatever he wanted.

Would this bother anybody else? Am I being paranoid? What would you do in this situation?

 

[El Mariachi]

I'd be really pissed----you would not believe how many letters from sporting goods stores have been stolen out of my mailbox......

 

[hAkron]

The point is that when I put all of that personal information in one spot I expect that it's going to stay private between me, the ATF, and the store and only be used and or exposed to view as needed for the purposes of the transaction and not have it carelessly passed around.

 

[FIVETWOSEVEN]

Happened to me the first time I filled out a 4473, put United States where it asks for county. I felt no issue with it.

 

[Inebriated]

I wouldn't be happy. Probably wouldn't deal with Dick's anymore. I don't use 'em much as is due to other problems I have with them, so it wouldn't take much to send me over.

 

[Birch Knoll]

The fact that they passed all of this information, unprotected through the mail really makes me uneasy.

The US Mail is not exactly unprotected. Do you know a more secure way to deliver documents?

There is so much personal information on a 4473 that an identity thief could use it to do whatever he wanted.

You must really lose sleep when you mail a credit application or a tax return.

 

[mr.scott]

Run it through a shredder and be done with it.

 

[12131]

Post #6 about sums it up.

 

[NOLAEMT]

How would you have preferred they address the mistake? The employee should have had you strike out the error in the first place, but since that didn't happen, they needed you to correct the problem. Like has been said, your personal information is sent through the mail all the time, as well as stored on unsecured servers, etc. It is not ideal, but it is part of the world we live in.

 

[hAkron]

The US Mail is not exactly unprotected. Do you know a more secure way to deliver documents?

Yes, by requiring a signature. Or by the store calling me and asking if I'd come in to fix a paperwork issue. Not just sending all of my private information unannounced in a non-nondescript envelope. I've had people get into my car and take my GPS when it was parked next to my mailbox, so it's not exactly 'secure storage'

You must really lose sleep when you mail a credit application or a tax return.

I send that stuff electronically over the Internet, using signed, trusted, encryption certificates. I wouldn't just stick it in the mail and 'hope for the best'...not in today's world.

 

[hAkron]

How would you have preferred they address the mistake? The employee should have had you strike out the error in the first place, but since that didn't happen, they needed you to correct the problem. Like has been said, your personal information is sent through the mail all the time, as well as stored on unsecured servers, etc. It is not ideal, but it is part of the world we live in.

For the purposes of exaggeration only - how comfortable would you feel having all of that personal information -- which is pretty much the specific information you would need if you called a bank or credit card company to prove you are a particular person -- how would you feel about typing out all of that information along with a copy of your signature on a piece of paper, taping it to your front door, and going out for the day?

If I was sending that type of information via the UPS I would either take it to the post office or stick it in one of the big metal mail boxes like you see out in front of the post office with the expectation that it was going to a business, not just to a box outside...my mailbox isn't secure, its just a plastic box with an unlock-able door on it.

 

[El Mariachi]

I send that stuff electronically over the Internet, using signed, trusted, encryption certificates. I wouldn't just stick it in the mail and 'hope for the best'...not in today's world.

Wowch, My Son, but you have a LOT to learn.......

 

[Rail Driver]

Wowch, My Son, but you have a LOT to learn.......

This!

Internet communications (even so-called "secure" communications with certificates and encryption and all that jive) are EXTREMELY insecure even compared to standard snail mail sent in a plain envelope (not even one of those ones with the printing on the inside to obscure the contents).

 

[hAkron]

So, we are kind of getting off topic, but I think what you guys are saying is that a plastic box on a wooden pole outside of my house, that anybody could walk up to, open up, and abscond with the contents is somehow MORE secure than a encrypted digital communication using an SSL certificate signed by a trusted (as in verified and agreed upon by both sides of the encrypted communication) 3rd party root certificate authority? I'm not saying that I believe that bypassing secure sockets layer communication is a non-trivial exercise, but it does require a computer and a little bit of know how, where as a curious raccoon could 'defeat' the 'security' of a mailbox.

 

[El Mariachi]

Here's a great quote I read a few years back, Akron;



'The best way in the world to prevent identity theft is to maintain a crappy credit rating'....

 

[Birch Knoll]

Yes, by requiring a signature.

I suppose they could have done that. But most senders only require a signature in order to have proof of delivery; I doubt many ever use it to ensure that the mail isn't placed in a mailbox.

Not just sending all of my private information unannounced in a non-nondescript envelope.

Being nondescript is a good thing. Would you prefer it was a day-glo orange envelope emblazoned "PERSONALLY IDENTIFYING INFORMATION WITHIN"?

As for being unannounced, I find very little of my postal mail is presaged by some advance announcement of its imminent arrival. Your mileage may vary.

I've had people get into my car and take my GPS when it was parked next to my mailbox, so it's not exactly 'secure storage'

The security of your mailbox is your problem, not Dick's and not the Postal Service's. If your mailbox allows people to easily remove your mail, that's on you. Given your concern, I'm surprised you don't have a more secure mailbox.

I send that stuff electronically over the Internet, using signed, trusted, encryption certificates. I wouldn't just stick it in the mail and 'hope for the best'...not in today's world.

And just like the the laws and processes that protect the US Mail, that encryption only protects the information while it is in transit. Once at rest, whether in your mailbox, or on somebody's server, the information is vulnerable if not protected by other means.

 

[hAkron]

Here's a great quote I read a few years back, Akron;



'The best way in the world to prevent identity theft is to maintain a crappy credit rating'....

Well, thanks to my ex-wife, that's already taken care of .

I'm not really as paranoid as I'm making myself sound in this thread, but I do love a heated debate!

Also, quite honestly when the form came in the mail I wasn't sure how I should feel, if I should be concerned or not, that's why I posted this, to get everybody's reaction. Seems like it's not a big deal.

 

[Birch Knoll]

So, we are kind of getting off topic, but I think what you guys are saying is that a plastic box on a wooden pole outside of my house, that anybody could walk up to, open up, and abscond with the contents is somehow MORE secure than a encrypted digital communication using an SSL certificate signed by a trusted (as in verified and agreed upon by both sides of the encrypted communication) 3rd party root certificate authority?

Heh. You don't actually understand how SSL works, do you? The certificate and the trusted signature have nothing whatsoever to do with the encryption of the data payload. And nobody bothers to steal encrypted data if they can steal it before it's encrypted (like before it leaves your computer) or after it's decrypted (like when it's stored on the receiving server).

No, I'm not saying your plastic mailbox is secure. I'm saying if you're so worried about the security of your mail, get a better mailbox or a post office box.

 

[earplug]

All this emotion on the store and none on the government that requires this nit picking correction to comply with their rules and bureaucracy?
Many FFL shops have lost heaps of money in fines due to paper errors such as you did.
Have you considered spending any time writing your elected represenitive about this complience problem?

 

[KingMedicine]

I wouldnt think too much of it. no way in heck they would send it any other way...

 

[hAkron]

No, I'm not saying your plastic mailbox is secure. I'm saying if you're so worried about the security of your mail, get a better mailbox or a post office box.

I don't think my mailbox is secure, I don't think MOST people's mailboxes are secure. I normally don't worry about the security of my mailbox because I don't expect anybody to send that much of my relevant personal data TO me through the mail on one handy form.

 

[Miked7762]

Would a correction to a photocopy of an already completed 4473 even have any legal validity?

 

[bikerdoc]

I will not use any big box store.
My LGS calls you to come in and make corrections.

 

[buck460XVR]

I'm thinkin' much to do about nuttin'. How do most folks receive W-2s and other tax information such as interest income other than thru the mail? All of these documents have your SS# on them. I'm thinkin' if Dick's would have called and asked you to come down to the store to redo the form, you woulda whined also.

 

[Lex Luthier]

The clerk should have had you start all over. I once abbreviated my city of residence, and had to start all over. They have piles of those blank docs, and if he was good at his job, he would have told you about it and avoided this whole fiasco.