WHERE IDENTITY “WENT WRONG” AND WHO DID IT

Steven Gal is an expert in identity management and information privacy, who did a recent article on News.com. I am always looking for someone with a similar viewpoint to my concept that consumers should have control over their names and personal data, and in Gal’s piece he says: “identity needs to be re-engineered around the demands of its logical owner--consumers--providing them more control, transparency, privacy, and security.” I doubt that he means individuals should literally “own” their sensitive data, because, according to Beth Givens, founder of Privacy Rights Clearinghouse, that would open the door to countless scams, particularly with senior citizens. He also indicated that the Internet is responsible for the identity crisis. Included in Gal’s re-engineering of identity are several components of ID theft consisting of our name/address, date of birth, Social Security number, credit reports, even lifestyle habits, financial, government and medical data, and something he calls our marketing identity. I’m assuming the latter refers to the basics of mailing list selections in junk mail such as when you last purchased, how many times you have purchased, dollar amounts of each purchase and the total purchased, along with other information like your e-mail address. Your private information is separated into three “silos,” as Gal calls them. They are your financial identity, your government identity, and your marketing identity mentioned earlier. I agree with Gal on government and marketing being broken and in great need of repair. Federal agencies are losing personal data regularly, and apparently cannot get their security act together, even after an edict from a White House that could still be considerably more favorable to the consumer. Marketing, particularly in junk mail, is my field of expertise, and if you read this blog frequently, you know that this is an area that is completely busted, and outrageously out of control. Gal mentions the data brokers collecting our names and personal data and selling them for billions; let me confirm that that figure is $4 billion each year and growing. He adds they give us no rights to see what they sell, and that is because junk mail is still a cryptic business to consumers, and the companies don’t want the American public to know what they know about us. Also, the list/data brokers and those who send out all the junk mail do not want anyone, including government, non-junk mail businesses, certainly not the beleaguered customer without whom this industry could not exist, to know how fast and furious they suck up their private information. But Gal and I differ somewhat on the financial identity, with which he is pretty comfortable. Although we have closer and more regular contact with this medium, it also has a propensity toward breaches just like government and marketing. According to Privacy Rights Clearinghouse Chronology of Data Breaches, there was data lost at 29 banks from Feb. of 2005 to Nov. of 2007, including some of the biggest like Bank of America, Wachovia, CitiFinancial, J.P. Morgan/Chase and Wells Fargo. BofA had five breaches, one for 1,200,000 personal records; J.P. Morgan Chase 4 breaches ; Wells Fargo, two breaches; CitiFinancial in one breach lost 3,900,000 personal records; even the Federal Deposit Insurance Corp. (FDIC) had a breach. This group may not be as irresponsible as higher education accounting for over 25 percent of total breaches, and medical data, 14.5 percent of the total, but when the financial people do it, they do it big. Ponemon Research lists the top five banks trusted for privacy in 2006, as National City and U.S. Bank tied for first place, thenFifth Third Bank, Wachovia, PNC Bank, and Washington Mutual. You’ll note the big four, above, are missing. However, Fifth Third handled some of the transactions in the TJX (TJ Maxx, Marshalls) loss of data which has turned out to be the worst ever at 94 million personal records lost, and in the PRC chronology, Wachovia lost 676,000 records to dishonest insiders. But overall I am in agreement with Steven Gal about what needs to be done, and that is consumers should figure significantly in the equation. And we need to get started putting them there right now!