• Text size      
  • Send this article to a friend
  • Print this article

Personal details are more than passwords

AS the internet grows, both in breadth of content and global ease of access, so identity theft, the practice of using someone else's identity to get credit or other benefits, becomes an increasingly hot topic.

A certain level of paranoia in the digital realm is definitely a good thing. But today we run the risk of shutting down useful parts of the internet, scrambling for the unattainable notion of a private identity.

The most recent example of this was last month in Ireland, where the Data Protection Commissioner ordered the closure of a national genealogy database over fears it would be "a treasure trove for people of evil intent". The treasure trove in question may seem innocuous: a search that returned, among other things, citizens' dates of birth and their mothers' maiden names. Yet these details, it is argued, could be used by online criminals to commit fraud.

So it has come to this; a useful service, built for the public good and paid for by the state, has been closed down simply because it exposes the inherent weaknesses in how big businesses, especially financial institutions, identify their customers.

Of course, this problem isn't unique to Ireland, nor is it the first time privacy fears have trumped utility in the digital age.

Every week we're bombarded with tips from security experts suggesting we increase our privacy settings on Facebook and hide our first primary school on LinkedIn, lest evil-doers use that information to steal our souls.

The idea that we need to closely guard our personal details is accepted wisdom that ignores an obvious fact: if the banks have a problem identifying their customers from afar, that is their problem, not ours.

Now is the time to step back, take stock and reclaim our personal details - they are our lives, our rich family histories, and we must resist any attempt to corrupt them into a convenient banking password.

The first step on the road to recovery is to stop talking about identity theft. That term is loaded with negative meaning and implications. For a start, it suggests that a person's identity is a possession that can be stolen, which it clearly is not.

Worse, since an identity can used without the owner's knowledge, identity theft implies that we must keep our identities private and hidden so that they can't possibly be abused by criminals.

But if we change our language from identity theft to identity impersonation - a term that more accurately reflects the fraudulent act - then the suggestion of fault moves from the impersonated individual to the institution that has been duped.

Instead of citizens being made to feel guilty for exposing their private bits - like their birthday or family tree - they'd be free to share and explore their histories without worrying about what a criminal might try to do with that information.

The implications of this change in mindset would be vast. If financial behemoths could no longer claim to verify identity based on facts drawn from public records, then they may no longer be able to offer a bank loan to a customer in Kirkwall from a call centre in Cardiff.

Perhaps we'd see a return to high street banking, with bank managers who really know their customers. Or, more likely, financial institutions would have to work with governments to provide some more secure way of remotely verifying identity, perhaps using national ID cards.

A national ID card scheme may seem Orwellian to some, but in an age when we're all anonymous, tapping away on an iPad that could just as easily be in Newton Mearns or New Delhi, we must accept that old methods of personal verification are broken and that we need a new system.

If the government doesn't provide such a system then the private sector will surely step in. Personally, I'd be more comfortable with my public records being tied to a national ID card than to my Google account.

But that's a question for another day. The principle at stake right now is ownership of our personal details and history, and our right to share that knowledge with others. Ultimately, that information must belong to us, to do with as we see fit.

Grant Gibson was born on 19 August 1976. His mother's maiden name is Clark.

Contextual targeting label: 
Finance

Commenting & Moderation

We moderate all comments on HeraldScotland on either a pre-moderated or post-moderated basis.
If you're a relatively new user then your comments will be reviewed before publication and if we know you well and trust you then your comments will be subject to moderation only if other users or the moderators believe you've broken the rules

Moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours. Please be patient if your posts are not approved instantly.

251787