ID Theft is Inescapable
The Register says what I’ve been saying all along:
While this is nothing new, there is an important observation here that’s worth emphasizing: none of these cases involved online transactions.
Many people innocently believe that they’re safe from credit card fraud and identity theft in the brick and mortar world. Nothing could be farther from the truth. The vast majority of incidents can be traced to skimming, dumpster diving, and just plain stupidity among those who “own” our personal data.
Only a small fraction of such incidents result from online transactions. Every time you pay by check, use a debit or credit card, or fill out an application for insurance, housing, credit, employment, or education, you lose control of sensitive data.
In the US, a merchant is at liberty to do anything he pleases with the information, and this includes selling it to a third party without your knowledge or permission, or entering it into a computerized database, possibly with lax access controls, and possibly connected to the Internet.
Sadly, Congress’s response has been to increase the penalties for identity theft, rather than to regulate access to, and use of, personal data by merchants, marketers, and data miners. Incredibly, the only person with absolutely no control over the collection, storage, security, and use of such sensitive information is its actual owner.
For this reason, it’s literally impossible for an individual to prevent identity theft and credit card fraud, and it will remain impossible until Congress sees fit to regulate the privacy invasion industry.
Alf Watt • March 30, 2005 8:10 AM
There is another option. An alternative system of identity management, one based on sound privacy principals and strong encryption could very quickly replace the central repository role of the personal information brokers.
Any time you have lots of valuable private information in one place it becomes a tempting target. Only by distributing the information to a large number of privacy brokers can the benefits of having the information available come into balance with the risks of storing it.