Interesting People mailing list archives
why the SSN needs to go
From: Dave Farber <dave () farber net>
Date: Sun, 09 Mar 2003 11:00:15 -0500
------ Forwarded Message From: Peter Bachman <peterb () cequs com> Organization: Cequs Inc. Date: Sun, 09 Mar 2003 10:50:03 -0500 To: dave () farber net Subject: why the SSN needs to go Dave, The SSN is outdated and needs to be replaced. In its place we need to have a user generated number that can be changed as necessary to prevent identity theft, can be flexible enough to create a paper trail when necessary, and work as a high quality unique identifier in data systems, while at the same time being transparent enough so that the end user can see at all times where it is being used and stored. It should meet data privacy standards here and in Europe. At the same time the cycle of identity theft needs to be broken. Costs associated with identity theft are often not measured in dollars but wasted time on the part of the victim. This is because there are limits to the financial burden to the individual. As a result costs are shifted to the general population. Wasted time represents real opportunity costs. There is currently no adequate compensation for the amount of grief that a victim is forced to endure, because generally, our society does not recognize "falling out of the system" to be something that should be compensated. Being forced to delay a mortgage, being turned down for credit, or simply not being recognized for who you really are, is actually a huge problem in a society in which distributed systems are part of what you can do at a particular moment in time. Identity is a keystone concept of security in distributed systems, but at the same time, may not be the best tool to use in all circumstances. There is a segment of data gathering institutions which will oppose such a move, because they seek to easily aggregate even more information. Increasingly they have taken on more responsibility for this security, but at the same time that comes at a cost of knowing more about you than they really should. They must be given a viable alternative, because the current approach is shifting costs. We are simply piling too much functionality on a unique number that was not designed in such a way to handle that load. There are far better ways to get unique identifiers than to rely on this scheme. Privacy and security demands that a balance be struck between parties to safeguard this type of information, especially when it can be demonstrated that it can be so easily exploited. Products which manage this relationship well, (by layering effective security around personal information) will increasingly come into demand, as the previous trend of aggregating personal information itself gave benefits (and risks) by creating unique records within distributed systems. Products which expose the user to risks will be questioned. Many distribution systems may be challenged by the introduction of a unique verified relationship between producer and consumer. For example, why should one "pay per play" (as a jukebox) for music or other content? Why should one be forced to pay again and again for content on different media, from LP to CD, to SACD, as the reproduction quality increases? The content provider could simply license you to listen or watch, a specific movie on any system, at any time, regardless of your location. It's a very good thing to be able to walk into a store (or online) and be able to purchase thousands of dollars of goods, it makes the supply chain very flexible. However when people abuse that access, by stealing other people's identity documents, this is a major problem, and makes a major chore for system administrators to guard what would otherwise just be a meaningless number. Keep the SSN for what it was intended for, and replace it where it needs to be a unique identifier. Remove the exemptions that allowed for the collection of that data, and "gluing together" of records without transparency. This will require the cooperation of all parties to come up with a better solution. The analysis seems to point out that a one truly secure method of approaching this problem is better than vulnerability in multiple large aggregated systems which may have multiple points of access to the data. This argues for continued research as to a more viable alternative, and many systems have replaced the SSN already with records tied to identity management systems, often based on LDAP and X.500 datastores, which can be updated by the end user. The next time someone wants your social security number, ask if there is an alternative they can use. Peter Bachman Cequs Inc. peterb () cequs com ------ End of Forwarded Message ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- why the SSN needs to go Dave Farber (Mar 09)