If that's the way you wish to see it, but that's an extremely cynical view, IMO. If you are concerned about that, then you certainly wouldn't be the first to simply use their RS name and incorrect address, if you chose that path. Now, can we keep it to discussion of the principles of the petition, please? It may be cynical but it is also perfectly logical. They are not a payment processor so they do not have to follow the strict security restrictions of PCI and therefore are not liable at all if their database is breached, which in the modern age is not too uncommon to assume it won't happen to changes.org, in fact I would think changes.org is a massive target for groups who want to discover information about the people petitioning against them. Edit: [qfc]15-16-361-63671263[/qfc] This thread and the previous in the series by the same poster is a petition that might actually have an effect.