Posted by: hagengreen | March 15, 2011

Public transparency applies to our identities

Several years ago, it was all about shredding those credit card applications that came in the mail. Thieves would physically dig through your trash cans outside your home to find personally identifiable information. They’d use that information to impersonate your identity, which could lead to all sorts of bad things, including racking up a boat-load of credit & charges against your name. Of course physically stealing an identity required a high level of engagement and, therefore, risk.

Nowadays, identity theft is all too easy. With nearly everything online, a thief need not dig through your trash can. That’s too much work. All they need to know are basics such as your pet name, where you went to school, your birthday, and your maiden name (as applicable). Funny that I could get this information for nearly any one of my friends by glancing at a social networking site such as Facebook. Even if we’re not friends, I can get your full name, where you generally live, and then dig into public records to get things like your employer, home address, and phone number. Not to mention using search engines like Bing to learn even more about you. It’s all online! Yes, if it’s online, it’s essentially in the public domain.

If you go online and give out personal information, you are presumed to be disseminating that data to a trusted party. While you may think that’s true, consider the possibilities on where your personal data could end up. One scenario is your information is sold to a 3rd party. Banks or credit card issuers may give you an “out out” option, but many do not. You may be opted in by default, and be required to call a phone number to get out. Another scenario is that the institution cannot be trusted. They either have insecure practices or a repeated history of breaches. You can assume that any company with a new online presence may be suspect – when you’re getting a company up on its feet, best security practices may not be the primary focus. Yet another scenario is that your data is so-called “lost” – that is, the company isn’t sure what happened to it. Case in point: the recent leak of confidential records by California-based insurer Health Net. I should be careful. IBM allegedly informed Health Net that several hard drives could not be found – IBM manages Health Net’s information technology systems. From the reports, it appears addresses, social security numbers, and financial info, among other data, was lost. Authorities are obviously hot on the investigation. But the question remains: what happened? Could such a disaster have been prevented?,0,1660184.story

In the end, none of us have control of our online destiny. Even if you never type your name into a computer connected to the internet, someone else will. Your bank, your employer, a family member, or a friend. Unless you truly live off the grid and in seclusion, it’s inevitable your private information will be in the public domain. From there, it’s a game of statistical risk whether or not your information will get into the wrong hands and be used fraudulently. It’s the same numbers game we all play when we get in the car to drive somewhere. We can try to keep ourselves safe by practicing defensive driving and buying a car top-rated in crash tests. But there’s only so much we can do to protect ourselves.

Welcome to the information age. Over time, we can expect perceptions of security practices to improve. But like anything else, the thieves will always try to get a step ahead. The best preparation is to know what you’re going to do once you catch fraud in its wake.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: