Oh, it's been a great week for the privacy and security of, well, everyone. First, ChoicePoint revealed, after first denying it, that they revealed the personal information (including Social Security numbers and credit histories) of up to 140,000 people to identity thieves. ChoicePoint is a company which traffics in this sort of information for the purpose of doing background checks. Just so happens that they didn't do these sorts of background checks on the people requesting the information. As the CNN article says:

Alpharetta, Ga.-based ChoicePoint maintains personal profiles of nearly every U.S. consumer, which it sells to employers, landlords, marketing companies and about 35 U.S. government agencies.

ChoicePoint's databases contain 19 billion public records, including driving records, sex-offender lists and FBI lists of wanted criminals and suspected terrorists.

And these are the people who apparently handed out this information to anyone who asked. Best part? ChoicePoint's information warehousing system isn't covered by the laws governing credit agencies, so you can't see or correct the information they have on you.

Oh, here's another kicker: ChoicePoint only told anyone about this because of a tough new California law requiring disclosure of leaks of personal information. CP first claimed this didn't affect anyone outside of California. Now the question is: How many such leaks have come from companies not dealing with California, or before that law was enacted? We'll never know.

ChoicePoint isn't new to these sorts or problems. In the ill-fated 2000 elections, ChoicePoint's DBT subsidiary (newly acquired) was responsible for giving the state of Florida a list of felons to be scrubbed from the voter rolls. Turns out most of the people on the list were guilty of misdemeanors, not felonies, but were still prevented from voting.

This most recent flub is bringing down a Congressional Hearing on the entire Information Warehousing industry. Though, trying to get any Federal regulations though the current Republican controlled government is going to be a non-starter. I'm guessing they'll let the hearings come and go, make a lot of noise, then not pass any legislation.

Well, it gets better.

Paymaxx, a payroll management company, revealed the tax information of 25,000 people. Think Computer revealed the flaw, which was particularly boneheaded. Apparently, each person was sent a URL to which they could go to view their W-2 information. Each URL had a long identifier string in it. A non-random identifier string. A non-authenticated non-random identifier string. Want to view someone else's payroll? View yours, then add one to the URL.

And that's how it goes, folks. There are a lot of people who are paranoid about their personal information, refuse to give out their credit card information over the phone, etc. But in the end, the information leaks aren't something you can do anything about. Your best bet is to hire a credit monitoring service and hope. Until someone passes some serious privacy laws, maybe something that would hold companies monetarily responsible for damages caused by faulty or wrongly-released information, the only defense is to hide in the crowd, and hope that your info isn't part of the next big flub.

In the end, however, privacy laws can only go so far. All laws get broken, on purpose or by accident. As technology reaches the point where dispersal of information can be instantaneous and almost infinitely widespread, trying to stop it becomes futile. Our entire credit system is based on a level of institutional trust which can no longer be assumed. So what's the answer?

I don't know, but I've got an idea as likely to piss off privacy advocates as it is to help them: right back to a national ID card. Not just an ID card, but a smart card. Right now, we assume identity means authenticity, which is does not. If I have your SSN or credit card information, I can become you. A smart card system could use public-private key cryptography to ensure that this card is the one it says it is, without revealing any information which could be stolen or duplicated. Properly handled, this card could even be completely anonymous.

If required for every transaction involving credit or trust, this card's authentication could be identification enough for anything. The way public-private key crypto works, the card can be verified to be genuine without any personal or damaging information ever actually leaving the card. Sure, companies would have information like your name or address, if they're to ship something to you, but the outmoded identification features like the Social Security numbers wouldn't be needed at all. The companies could reveal all the information they have on you, but no one would be able to pretend to be you without the card.

Just don't lose the card.

Edit: Hey, lookie that, Bank of America just lost 1.2 million federal employees' financial histories on backup tape. Whoopsie!

Posted by Jason at February 25, 2005 04:52 PM to Tech