Who made my birth date a secret? Who said you can assume anybody who knows it is me?
I am angry. Furious actually. I spent 2 hours on the phone to Telstra today sorting some things out. And while that was boring and frustrating, the real kick in the pants, take no prisoners, scorched earth rage was reserved for institutions using personal data such as my birth date to identify me.
Governments and institutions have appropriated my personal data as a proxy for my identity. By putting the onus on personal information they have ducked responsibility for correctly identifying me and you. They have made it risky to disclose my birthday and age to anyone who didn?t know it at my birth.
In this case my Telstra account has a password on it, but that was unacceptable to the residential side of Telstra, staff demanded my date of birth five times. Five people who did not previously know my birth date today have it. I hope they all send me a birthday card. It is easy to find my date of birth online and in the real world. It is a poor tool to determine my identity. Fewer people know the password on that account which is sufficient for the corporate side of Telstra. All of them asked for my birthdate but accepted my password only after I insisted (two checked with their supervisor).
How am I to change my date of birth if I determine too many people know this most sensitive of information? Should I only exchange birthdays and never surrender mine without sufficient personal information in return? When did my personal information become my private information? If my wife and I divorce, how do I make her forget that information?
The police, institutions, the government, and security consultants warn people of the dangers of identity theft through the sharing of personal information on social networks and genealogy research. This muddy thinking leads to an arms race that consumers cannot win. The more personal information used for identity purposes, the less sure we can be of identity.
Even before the internet, personal information was available, just harder to come by. Movies have made a cliche of hackers guessing passwords by knowing enough about the target. Passwords are birthday?s; pet?s, spouse?s and kid?s names; inspirational characters; project names or anything lying around the office.
Surely Telstra (and others) can look at our relationship and find information that I would know? When did I pay my last bill? By what payment method? What amount? What was the last service I added/deleted? What calls did I make today? What have I told you is sufficient identity to authorise account discussion? What is sufficient to add/remove a service? Change a postal address?
You and I must take back our personal information and deny it as proxy for identity. Once we stop using a fundamentally flawed system, resources will emerge to deal with the problem. Institutions create identity theft by stealing our identity in the first place.
Write to government representatives. Link, tweet, digg and share this article. Leave a comment or write a better article and mention it in the comments below. But act today because the identity you save will be your own.
Permission is granted to reproduce this article in full with a link to the original post at http://www.zagz.com/institutions-cause-identity-theft and identifying Paul Zagoridis as the author.