We live in times where efforts to protect sensitive information is abysmal – not to mention the outlandish methods used to capture information during every waking (and non-waking) second, and at mounting occurrence. It is equally appalling to see the dizzying attempts to bring some semblance of order to identity theft and privacy matters absent the significance that accuracy should be playing in the conversation.
The solution to identity theft is not found in discussions around privacy. It is rather found in discussions concerning accuracy.
As a victim of identity theft, and I realize that I have lots of company, we bear witness to the shear confusion of this situation. It is so confusing all the way around that it almost has to be purposeful. What is allowed to thrive by control behind the curtain is a question that needs to be answered.
In particular, there is a lot of misdirected energy from the entities who have information they collect and “store” to quickly point fingers at the “bad actors,” but exhibit little to no responsibility to protect information – or even question themselves as to why they need the identifying information in the first place (clue – it does not benefit much beyond the bottom line).
While continuing to live this real-time nightmare, a couple of days ago I received a letter from a company saying that my information had been compromised in a recent breach. The letter was sent to my current address using my maiden name. My maiden name is what was used by the criminal who stole my identity. I have never been a customer of this company, at least willingly.
When personal information is stolen, it is often commingled with information that is not true and in effect reflects a fictitious person (i.e. the criminal receiving goods and services at their actual home address or P.O. box that does not match the identity of the person whose credit has been compromised). And, this information is allowed to flourish because it goes unchecked.
So, I receive this letter, informing me that my information was compromised. I know this to be one of the companies where my stolen information was used to gain a service. Knowing that the reason any part of my information is in their system in the first place is due to fraudulent activity, why then does the part of my real identity continue to live and be represented in this company’s system in any form – and to the point where it is allowed to be compromised AGAIN.
Hearings are occurring in Washington D.C. that discuss privacy. We are skipping way ahead in this conversation. Before we can discuss privacy, we need to discuss the significance of accuracy (and I’ll throw in, permissions too).
When I learned that I was a victim of identity theft, and in the process of cleaning the mess (clearly not over), I am continuously in the position of needing to prove to a greater degree that I am who I say I am then the criminal who stole my information. The criminal had the green light in using my information with no regard, from anyone. And, the regard still does not exist. Not only did I have to prove my identity to not be liable for fraudulent activity (and this was up for judgment by those same entities that allowed the theft to occur in the first place), but in the seemingly never-ending journey to correct misinformation. Still, this action on my part, to correct information, has evidently led me nowhere – because there is no level of accuracy that is required.
Yet, the ability exists to get it right from the onset but this approach is wildly inconvenient for business. Isn’t identity theft? No, not really, for business that is, as the brunt is endured by the consumer.
Ensuring accuracy from the onset will undoubtedly reduce instances of identity theft by leaps and bounds. This is a non-negotiable first step and one we must not continue to skip or identity theft will only continue to grow in issue and in unnecessary, yet convenient, confusion.
Photo by Gwen King