This is what they sent me:
-------------------------------------
Dear XXXXXXXXXXX, we understand your position and apologize for the inconvenience, however the safety or our users' accounts is one of our top priorities. Since the activity of your account has triggered some of our internal security thresholds the above mentioned precautions were put in place. In order to conclude the process and restore your withdrawal options to normal status, we shall have to kindly ask you to please provide a high resolution image of yourself holding your ID and "[date of submission] For Bitstamp LIMITED only" written on a piece of paper as the example below. EXAMPLE: "12.January.2014 For Bitstamp LIMITED only" We would also like to take this opportunity and offer our optional 2-factor security feature, since it is currently disabled for your account. If you own a smartphone you can enable the feature in the "Security” section:
https://www.bitstamp.net/account/security/two-factor-authentication/ You can also follow this step by step setup guide should you encounter any difficulties:
https://www.bitstamp.net/s/documents/bitstamp_2_factor_authentication_guide.pdf Should you require any assistance in the meantime, please feel free to ask. Best regards, Rok Štucin
-------------------------------------
My interpratation is as follows:
1. They block my coin for no legal reason.
2. They hold my coin hostage until I send them my bio data.
3. They want to lure me into Google's TFA.
So, if I agree to give Google my phone number, so I can be localized minimum anytime I log in to bitstamp, and a picture of myself suitable
for a face recognition system, along with my official passport,
they tell me to unlock my funds.
(I suspect they have an 'obligation' to pass some data on bitcoin users
along with their history to some special 'customers')
"Know your customer" procedures have been passed on me long ago, they have
my passport, my address and validated bank accounts. So why additional
'high resolution' photos?
They ask way more than UK regulations, and way more than any bank.
There are no legal requirements for them to to so, nor are there legal requirements for me to comply. So I won't.
Their reason is obviously that MY computer systems MAY have been breached by SOMEONE, PERHAPS, and that MY funds COULD be EVENTUALLY stolen by SOMEONE, IF this MIGHT have happened. ("the safety or our users' accounts is one of our top priorities")
They do not have any saying about the safety of my computer systems. This is only my concern.
Since they blocked my coin, I suffered a loss of about 30%.
In my opinion this is both
- a breach of contract, because I never agreed to additional "security" procedures blocking my funds in case MY computer systems where breached,
and second it is
- blackmail, because a) they hold my money hostage, and b) ask for something I do not owe them.
If they do not budge, I will sue them for a compensation for my losses, and then this company is finito for me.
