Written by High Street retailers have rejected security fears about giving them the job of fingerprinting and photographing people applying for identity cards… Trade bodies representing chains such as Boots and Snappy Snaps told the BBC they can be trusted with the data.
[From BBC NEWS | Politics | Retailers reject ID security fear]
Now, I don’t want to be the one in the glass house throwing stones, because I don’t doubt that I’ve left the odd memory stick around here and there, but I was sure I could remember seeing Boots’ name last year in connection with looking after personal data. A quick bit of web browsing and my imperfect memory was rendered perfect by the World Brain (aka Google):
Major U.K. chemist (drug store) chain Boots has joined the growing list of organizations suffering an embarrassing storage snafu after tapes containing personal details of thousands of customers and employees were stolen… The records reportedly include the bank details of 27,000 customers of Boots’ dental service, which is operated by Medisure, as well as the personal details of some 8,000 Boots employees.
[From Tape Loss Stuns UK Retail Giant – Data Security News Analysis – Byte and Switch]
Whoops! Still, it’s not like the tapes had fingerprints on them or anything like that. Hold on a second: tapes? I thought it was puzzling that in the age of SSL and the interweb, HMRC were still posting unencrypted CDs full of personal data around the place. But tapes?
I was talking to a journalist about this yesterday, and I made the general point that if you don’t want to have to incur the cost of protecting personal data or the wrath of the public for losing it, then you shouldn’t store it in the first place. Now there are emerging technologies that will improve the situation, such as Vendor Relationship Management (VRM), but I can’t help feeling that a lot of organisations collect personal data for no real reason other than that it might vaguely turn out to be useful for future marketing. I’m not against organisations trying to improve their marketing and sell me more relevant products and services, but I wonder if its overdone?
There’s a huge gap between the kind of data correlation done at a person’s request as part of a relationship (VRM), and the data correlation I described in my post that is done without a person’s consent or knowledge. As VRM’s Saint Searls has said, “Sometimes, I don’t want a deep relationship, I just want a cup of coffee”.
[From IdentityBlog – Digital Identity, Privacy, and the Internet’s Missing Identity Layer]
I say overdone because of risk analysis. The kind of very structured risk analysis that Consult Hyperion do for transactional systems, generally speaking, tends to show that cock-ups rather than dedicated international hackers are the most likely route to compromise personal information. In the past, this may not have mattered too much but in some jurisdictions the penalties associated with data loss mean that data retention has to be really, really worthwhile (which in many cases it may not be). Companies can now lose money because of compulsory notification, fines and staff replacement:
After some high profile cases of unauthorized access to celebrities’ medical records, the California legislature adopted two new privacy laws (SB 541 and AB 211); these regulations were so swiftly enacted that they contained spelling errors. Both regulations went into effect on January 1 of this year. Five months later, Kaiser Permanente has become the first enterprise to be fined under this new regime. Regulators have levied the maximum fine, $250,000, for the recent incident involving Nadya “Octomom” Suleman… All in all, 23 individuals looked at Ms. Suleman’s records without authorization. Of these, 15 have either been fired or resigned.
[From Burton Group Identity Blog: Privacy Risks Get Real – California Privacy Laws, Octomom, and Kaiser Permanente]
One day, we’ll send our relevant data to organisations via VRM, but until then we need to find some other approach. I was thinking that some kind of broker system might be a useful interim, so that a few high-security brokers hold the personal information and organisations access it when they need to instead of trawling through databases, but either way we need something practical and we need it quickly. An opportunity for the banks to provide a profitable, useful service?
Do you have ideas for better identification in the future? Would you have predicted 15 years ago that we’d still be using IDs and Passwords today? Will we still be using them 15 years from now?
[From Predicting the Future of Identity | Future Banking Blog]
I certainly didn’t imagine, back in 1994, that I’d still be using usernames and passwords today. I was confidently predicting that within a decade we’d be using smart cards on the Internet because there was no way to stop hackers, pranksters and idiots from compromising personal data online. But 15 years from now? No way: I refuse to believe that society will continue to tolerate the level of identity theft, privacy compromise and personal data trading that goes on now.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]
Searls’ comment echoes something a banker said to me in about 1987 (remember “relationship banking”??): “Our customers don’t have a ‘relationship’ with us… they have a series of involuntary and unwanted transactions, and we shouldn’t kid ourselves otherwise”.
I too don’t have a problem with a National ID Card but I do have a problem with government attitude and ability to protect data, their stated intention to sell it to private organisations, enrolment through insecure high street shops, and their spurious reason that it is to defend us from terrorism.
I also agree that an independent identity broker who provides the individual with a personal data store which, like a safe deposit box, cannot be accessed or shared (even by the broker) without the individuals express permission, is an appropriate VRM service for today.