I have been fascinated by Chris Pirillo’s uStream work for quite some time and I follow his blog. This morning he wrote a post titled, “PayPal Denies $450 of Unauthorized Charges” where he explains how someone stole $450 from him. He believes it is PayPal’s obligation to refund his money and at first glance it would seem he is right, but I will argue he is dead wrong.
Here is the story: Chris connected his iTunes account to PayPal (i.e. to make it easy to buy stuff). Anytime he clicks ‘buy’ on iTunes Apple debits his PayPal account and his iPod is loaded. The other day someone obtained his iTunes password from Apple (due to a strange password retrieval process) and purchased $450 worth of gift cards. Chris got Apple to secure his account and made a claim with PayPal. PayPal determined NO unauthorized access had occurred, since Apple WAS authorized to pull money from Chris’ PayPal account.
Chris is pissed suggesting, “Apparently, PayPal is so focused on making money for themselves that they cannot be bothered to care when ordinary people like you and I lose ours via illegal means.”
I think Chris is off base. Why? He allowed Apple unfettered access to his account at PayPal. How can he hold PayPal responsible for Apple’s actions? If PayPal allowed a criminal access to his account then I fully agree they would be responsible, but in this case they simply followed Chris’ request to give Apple access to his money. Chris trusted Apple to do the right thing, but Apple clearly didn’t. For some reason Chris isn’t upset with Apple, instead he is upset with PayPal. Still confused? Let me explain it this way:
You give me $1,000 and ask me to hold it for you. I agree and take the money. I am going to charge you $100 for keeping your money. I now have been paid to safeguard your funds. Now you call me up and say give whenever Jim wants money just give it to him, you have my permission. Periodically Jim asks me for money and I give it to him. You never complain. Then one day Jim asks me for $450 and I give it to him. Jim then gets robbed on his way home. You call me and ask me to give you the $450 back. Huh? Why is that my problem? Why should I give you money that Jim lost. I am not party to your relationship with Jim and I certainly have no control over his security procedures. Get it?
I love and hate PayPal, but thought it was worth responding to Chris’ current complaint. My advice to Chris is to hold Apple accountable for allowing someone access to their systems, which are connected directly to his PayPal account. Chris trusted Apple and they didn’t uphold their obligation to keep his account safe, especially one connected to his PayPal account. Don’t get me started about letting eCommerce providers direct ACH access to your account (i.e. don’t do it, or at least set up a transactional account with no money in it). Oh and BTW I really like Chris Pirillo…
Link to original post