Well, it wouldn’t require lying but certainly it seems tricky. You can deregister before you leave the country and neglect to provide an address for where you are going – because you wouldn’t necessarily know in advance and you cannot provide information that does not exist. So they clear your address from your id card which then just has an empty address.

Correct me if I’m wrong, but you don’t have a specific legal obligation to state where you live abroad.

Though one snag is that you have a legal obligation to vote in elections and you must vote in the nearest embassy, which requires giving an address to get on the voting roster. However, voting is not strictly enforced. If you fail to vote there is a small fine but I don’t think they actually hit unregistered people abroad with that. If you do not vote in 3 consecutive elections, then you could lose your voting rights for a few years, I think.

I do not believe the bank gets a notification that you have deregistered. But at some point your ID card on the bank’s files will expire and they will expect an updated copy and freeze your account until they receive it.

If you walk into an embassy to “renew” your passport, do they demand an address? I would think you would pick up your passport at the embassy a week later. Or do they mail it?

Anyway, I can understand giving in to surveillance and disclosing US ties, but OTOH it seems like a nightmare to do what’s expected as well… to be tagged as a toxic US person. It’s a mess either way. Perhaps the wisest move is to “move” to Canada, stay there a couple months, setup residency, then move to the US and just neglect to mention it. Get mail forwarding from Canada.

Half their internet banking site is off-limits to me

Mind elaborating? Did they restrict your account specifically, or does the website simply treat logins from the US differently? I’m surprised you wouldn’t retain full cloud access so long as your account exists under the terms you signed up for.

I don’t understand why you would tell your Belgian bank that you left Belgium, particularly when your new residence is the US which flags you as a toxic asset that requires special handling. That could only work against you. Surely you would be better off not telling them you moved and use a VPN to Belgium to access your acct.

Bingo. This is true even across EU borders. Rabobank in Netherlands does not exchange info with Rabobank in Belgium, IIUC. (but note I think Rabobank quit doing business in Belgium eventually anyway)

oh, that’s interesting. I wonder if card-issuing banks are blocking balance inquiries even if ATMs offer it. I don’t think I saw Ing ATMs in Netherlands, only the conglomerate they are partnered with (geldmaat). The Geldmaat ATMs print “credit limit” on the receipt.

If you search, you’ll learn several privacy-abusing ways to do that via enshitified exclusive walled gardens which share the site you’re asking about with US tech giants and treat users of VPNs, Tor, and CGNAT with hostility.

• ❌https://downdetector.com/ ← avoid (Cloudflare)
• ❌https://downforeveryoneorjustme.com/ ← avoid (Cloudflare); I think #downforeveryoneorjustme was one of the 1st of this kind but then it got greedy and became exclusive
• 🤷https://www.isitdownrightnow.com/ ← meh (inclusive of everyone for the moment, but uses CF DNS so could spontaneously proxy through CF; broken on lynx because 1st party js req’d)
• ✓#downinspector ← decent, lesser of evils (CF-free & always inclusive of everyone, but does not work on lynx and requires JS; it pushes CF JS but still works if you only run 1st party js)

I only listed 2 bad ones (the 1st two) but when you search the first dozen results are shit. What could be more shitty than being directed to CAPTCHAs and other exclusive bullshit in the course of trying to troubleshoot a problem?

Also, the community we’re in here is “nostupidquestions”.

There’s also an onion one but I lost track of it.

I figured you were trolling but gave you the benefit of the doubt right up until you mentioned “all credit reporting agencies”, in Belgium. There are no credit bureaus in Belgium, only a central bank which (unlike US credit bureaus) is public sector and not interested in grabbing data for profit, or in obtaining any data it’s not legally required to obtain.

Nice try though.

But FYI, your assumption would be wrong even in the US as well. Request your credit report from whichever credit bureau you believe is buying location data from your mobile phone provider. Notice the realtime location data is not on that report. Then go to your local small claims court and spend ~$100 to open a lawsuit against them for $1k (+~100 in court costs). Bring to court proof that they acquired your realtime CDMA/GSM location data, a copy of your credit report showing it’s not there, and a copy of the federal law requiring that consumer credit reports are complete when sent to the subject of the report (yourself). It might be the easiest $1k you’ve earned. You don’t have to prove actual damages either because the statute specifies $1k per violation. If you can catch all three credit bureaus doing what you claim, that’s an easy $3k. You can even hit all 3 in one case. Good luck!

BTW, I don’t put much stock into what you’re saying at this point but I am curious about the claim that phone providers are sharing sensitive personal info with Visa and Mastercard. Cardholders are just a number to visa & mc. Visa & MC do not even typically know the names of card holders. Exceptionally, if you buy airfare using a credit card, then the airline reveals the name of the passenger to the credit card company. Though to store that name as the account holder is ad hoc because they would have to make the assumption that the passenger and the buyer are the same person.

Dutch ATMs give a balance.

You are not getting around the tracking. It’s never going to happen.

I do. I only access banks electronically if they accommodate Tor. The bank only gets to know my physical location when I do a transaction where that’s unavoidable. Even if I were to carry a mobile phone on standby wherever I go, the bank would get nothing from it if I don’t run their app.

It’s more about ethics than security. I’m an ethical consumer, which means I will not patronize unethical companies. Feeding data to Google is as good as feeding money to Google. Google is part of the fossil fuel industry (they are in partnership with Totaal oil and use AI to help Totaal find places to drill for oil). My objection to Google collecting data on me is less about cyberattack and more about not supporting a harmful force in the world.

I’m also ethically opposed closed-source software because I think it misplaces power. The worst kind of misplacement of power is to give it to tech giants who abuse their power and use it against consumers.

I’m also ethically opposed to software designs that make phones disposable and force the disposal of perfectly good hardware. I’ll buy a smartphone after that problem is fixed. #RightToRepair is still insufficient. There needs to be a rule that the moment a phone maker decides to stop supporting a device, they must do whatever necessary to ensure the platform (kernel + drivers + gui) are FOSS at that point of dropped support. I’ll wait for it. I can hold out as long as needed.

W.r.t. paranoia, street wise people and those with some infosec background always seem “paranoid” to normal people. And to us, normal people are cavalier because they needlessly share information without applying the rule of least privilege. Privilege should only be granted on an as-needed basis and that includes access to information. It’s unreasonable for banks to snoop on people arbitrarily without a warrant. It’s not just that the banks abuse the info, but the overcollection exposes everyone to exfiltration by criminals. That’s not fiction - it has happened. (Captial One via Amazon contractor, Equifax, several other banks including a bank breach I recently detected but have not reported yet). I have already been the victim of multiple data breaches even with some diligence to not be completely reckless.

Trusting banks with sensitive info is the least of the problems I describe & possibly not a show-stopper in itself. But taking everything together I remain baffled at the zombie masses endorsing & supporting all of it. A basic information security class should perhaps become part of the mandatory secondary school cirriculums at this point.

No. There are a couple unpublished phone numbers but they’re a disaster. I’ve not encountered a Belgian bank that gives automated account info over the phone. Last time I called I think it was just a greeting saying “contact us through the app or email” or something like that, IIRC.

Banks are gradually removing features from their websites in a progression toward complete elimination of the website. Some banks have already taken that step. They impose an app whilst also closing their over-the-counter service.

Unlike the US, 1-factor authentication by banks is illegal in Belgium. So for web access banks typically hand out devices for 2FA. Some banks avoid that cost by imposing a smartphone app in lieu of a card reader or RSA token (BYO smartphone).

There are many problems with bank apps in Belgium:

1. You must buy smartphone hardware (the apps detect when they are executed inside a virtual machine & deny service [tested with Ing’s app])
2. You must patronize a surveillance capitalist (create a Google or Apple account)
   2.1. You must subscribe to mobile phone service in order to satisfy Google’s unreasonable demand for a mobile phone number as a precondition to obtaining an account
   2.2. You must trust Google with your mobile phone number, IMEI number, and inventory of apps & versions you download (thus a reconnaissance risk)
   2.3. When Google records your place of banking, you must trust Google not to share that info (with debt collectors, for example)
3. All bank apps in Belgium are closed-source, so you must trust the apps not to carry spyware and to work in your interests
   3.1. The bank’s privacy policies are written to allow your realtime location to be tracked via the app.
4. You must chronically upgrade your hardware every few years because the bank apps are upgraded with reckless disregard to the lockstep-coupling of hardware to software on all phone platforms that are supported by Belgian banks. You cannot run a VM to prevent irresponsible electronic waste (see point 1)

The #GDPR possibly (and only symbolically¹) protects from some of that, such as Google sharing your place of banking with debt collectors. But the GDPR does not prevent criminal exfiltration of data that cavalier consumers trustingly agree to the collection of.

Footnotes:

1. I say “symbolically” because consumers only have two pathways for remedy under the GDPR: article 77 & direct lawsuit. Article 77 has no teeth. When the DPA ignores/mothballs an art.77 complaint, there is no mechanism for action against the DPA. So DPAs are largely neglecting to treat art.77 reports. That leaves direct lawsuits. The EU has decided that GDPR plaintiffs are not entitled to compensation for legal fees. So that kills that option. You can get a symbolic win in court but you still lose because lawsuits are costly and the damages you can prove are negligable. So the GDPR boils down to an honor system.