The Real Risk of Identity Theft because of Privacy violations?
Are you aware of the Real Risk of Identity Theft because of Privacy violations?
Privacy is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.
When we loose this ability then we loose our decision rights, because decision rights confer the power to choose what to keep secret, what to share and to whom.
The ethical dilemma today is that our Privacy is converted into an object to be sold or abused, and that our decision rights are violated.
What happens when our Decision Rights are violated and/or our Privacy is not respected? Currently only Identify Theft has been ruled out as unlawful but there are other implications that should be regulated as unlawful such as (just to list a few)
- Using our data behind our back so we can be converted into a product.
- Using our data behind our back for purposes not allowed by us.
- Using our data to convert others into a product.
- Using our data to gather information about our family (including genetic data).
- Using our data to put us into categories that would segregate or label us.
- Use our data to try to predict or influence our decisions.
In this post we will only examine the implications of Identity Theft, which currently has been regulated.
The U.S. Department of Justice Bureau of Justice Statistics (BJS) has defined Identity Theft victims as
persons age 16 or older who experienced one or more of the following:
- Misuse of an existing account – completed or attemted to unauthorized use of one or more existing accounts, such as a credit card, debit card, checking, savings, telephone, online, mortgage, or insurance account.
- Opening a new account – completed or attempted unauthorized use of personal information to open a new account, such as a credit card, debit card, checking, savings, telephone, online, mortgage, or insurance account.
- Misuse of personal information – completed or attempted unauthorized use of personal information for fraudulent purposes, such as getting medical care, a job, or governmental benefits; renting an apartment or house; or providing false information to law enforcement when carged with a crime or traffic violation. This includes the completed or attempted unauthorized use of personal information to open a new account or to misuse an existing account.
About 4.3% of all victims of Identity Theft involved new accounts which is the worst possible scenario since it creates a baseline from which new authentications will be compared. This is in fact a terrible situation because in this type of crime, a double uses your name, date of birth, biometric data, SSN or others to pose as you for the criminal own benefit while you find out you’re a victim when bill collectors, lawyers, IRS agents, police officers or similar come after you to make you answer for someone else’s crime.
When the Identity Theft involced biometric data then the situation get even more complicated since a biometric cannot be changed while a credit card can be easily canceled, your biometric data cannot be canceled while your debit card can be easily substituted.
So what happens when a true crime is not accepted by the law as a true crime?
What happens when entities that gather and store your biometric data are not held accountable to secure measures to make this information unaccesible to ciminals?
What happens when we as citizens are unaware of all the risks and easily give away our Decision Rights and Privacy?
Is having your credit card, bank or other accounts stolen really an Identity Theft crime or should this be called Digital Pickpocketing? Should these crimes be categorized into another type of crime and have the Identity Crime hold only real Biometric and Privacy data theft?
Even when the risk of Identity Theft because of Privacy violations may remain low, the impact of real Identity Theft (not what is legally accepted as Identity Theft) is much larger and in some cases not reversible. Since the impact of each crime is so different, we suggest two options so that neither is exaggerated or goes unnoticed:
- Relabel Identity Theft because of Privacy violations.
- Measure the Impact of Identity Theft because of Privacy violations.