Information Awareness. Here is a good joke. This Thanksgiving, be thankful that the government is cracking down on identity fraud. At least, that is what the Washington Post would have you believe. If you read into the details, you'll find that:
- 30,000 people had their lives destroyed. Nothing is being done to help them. They are screwed
- Most of the people who benefitted will escape detection.
- The companies who lent money to fraudulent people are not bearing responsibility (although the Post seems eager to point out that “ultimately” these companies get hurt)
- Nothing is being done legislatively to protect current and future victims of identity fraud
- Nothing is being to limit individual liability in identity fraud cases
- Nothing is being done to force companies to better protect individuals' private data
The punch line comes at the end of the article, where the reader is admonished to “visit the FTC website to learn how to protect yourself from identity fraud.” Strangely, the article does not mention that these guidelines would have done nothing to protect any of the aforementioned 30,000 victims.
This article should have been an indictment of how the government has failed to protect the voters from identity fraud, and instead protects only the banks and government bureaucrats. In fact, the government is completely impotent to prevent similar and ongoing fraud — the problems with identity security across the entire economic infrastructure are so systemic and deep that it will take work on many fronts to patch them all. The paper should just say, “Government surrenders in war on identity fraud. Three poor people jailed; 30,000 screwed. You're next and there's nothing you can do about it. Government war against people who copy lame Courtney Love music progressing nicely.”
No doubt the government is puzzled about all of the outrage prompted by the “Homeland Security” provisions for Information Awareness that so riled William Safire. Tom Ridge is probably scratching his head, thinking “Safeway already has all of this information in their database, so why don't people want us to query it?” The problem with Safire's outrage is that he fails to mention that all of this data is already in the hands of corporations and other organizations, and worse yet in the hands evildoers like the three people who were selling Ford Motor credit reports. Maybe Ridge should just hire these three people to do homeland security, since they seem to have no trouble getting at personal information. The public can't count on much cooperation from Safeway, since FOIA doesn't apply to Safeway and Safeway officials aren't publicly elected.
Corporations have for years been doing the sort of data-mining that IAO wants to do, and have developed all sorts of sophisticated profiles that accurately target potential customers based on things like ethnicity, sex, financial “class”, religious/philisophical preferences, and shopping history. Did you know that people who buy diapers are more likely to also buy beer in the same transaction? It's old news to most retailers. Any competent retailer or banker today will know things about you that you probably don't know about yourself. And this information is remarkably mobile, ending up in the most surprising places.
Considering that people like Safire focus on IAO, Congress is more interested in serving RIAA, and the Washington Post considers the arrest of three poor people to be a “success” in the war on identity fraud, it is clear that the sheer magnitude of the systemic identity leakage is not a problem that anyone is willing to acknowledge. And since acknowledgement is only the first step toward fixing a problem, it is safe to assume that this one will get much, much worse before it gets better. [Better Living Through Software]