Ten Privacy Protection Tips from EPIC

From the Electronic Privacy Information Center, Hoofnagle's Consumer Privacy Top 10 an excellent list of steps to take to safeguard your privacy:

1. Opt out of prescreened offers
2. Stop your phone records from being sold
3. Keep your banking records private
4. Get free credit monitoring
5. Add your phone numbers to a do-not-call registry
6. Safeguard your social security number
7. End student profiling
8. Avoid loyalty programs
9. Secure your accounts
10. Engage in privacy self-defense

(read the article for the complete how-to details)

I've dramatically reduced the amount of junk mail I received by using one of the opt-out services (I thought it was through Public Citizen but can't find any links there). I regularly check my credit report (I actually pay for a service, which I realize is silly now that you can get the reports for free). My interest stems from some early research I did into databases and privacy (circa 1991) and from the discovery that my credit report had bits of my father's credit history included (there apparently was no sanity check when adding my 1972 charge card for Polk Bros. to my account even though I would have been about five).

People believe that privacy is an issue solely because of the Internet, but it's really because of the growth in technology and power of computers that occurred in parallel with the Internet. It used to be hard to create a complex database of people and various bits of identity information. Now I can cart around (and did briefly over the summer) a voter list of one of the area cities for one of the campaigns I worked with. That database managed to contain name, address, phone, birth date, voting record, and whether the person had moved recently.

All of that was public information, and has been for years.

What has changed is that now an individual can create and manage the sort of complex database that was stretching mainframe computing resources just ten years ago.

What has changed with the information is that, while public, the intersections, or in database speak, the JOINs of the various bits of public information create new bits of information. In the run-down from the recent mayoral election, comments were made about the size of Bloomberg's voter-id database. But, given enough money and resource, anyone can build a comparable database. The information is public, though not necessarily free, and the more information you gather the more complex the database is, but for a small region (Say a town or county) it's quite possible to build and maintain a voter list for several thousand dollars (and once initially built the ongoing cost is maintenance).

The value isn't the individual record of information, it's the inferences you can make by combining information.

Take the census data for an area (which is broken down to census "blocks" which may or may not map to a city block). You get all sorts of information from income levels, education, to race and gender identity. Mash that against your list of people (whether a voter list or a list of customers, or a list of people who've moved into the area) and you can make some inferences, some of which will certainly be wrong, but many of which will be right, and you can market against those inferences.

What you are marketing doesn't matter, it could be goods or services, or political candidates, or public issues. Depending on your motives you may want to target people who've moved in (or out) for these products and services, or for ill-intentions.

The Internet didn't bring this issue to us, though it certainly makes certain database activities easier. There is a cost to all of this technology, a cost to the very personalization that we take advantage of on web sites and various frequent customer programs. That cost wasn't clear, though it should have been since any, any advantage an organization can take of the information it gathers, it will take, and it will gather more information to increase the value and the edge.

I see two approaches one could take: be intentionally sloppy about your personal information, so that there's no value in stealing your identity, or be brutally paranoid about the information that you allow to be gathered and maintained about you. I personally tend to the paranoid side.

The only time I give 100% accurate information online occurs when I'm completing a financial or legal task. There is no reason for the pet supply store to know the date I was born. None. There is no legitimate reason for 99% of the websites that request my detailed personal information to have that information. I give out the zip code of my PO box (which is "near" the house), the phone number of our fax line. My birthdate is either 1/1/1970 (shout out to the UNIX epoch) or a day which is close to but not my actual birth date.

The information isn't necessarily wrong, it will all validate, but it isn't correct either.

The important thing is that if someone steals the information from the Pet Supply store it has little value to them. They may get my name and address, which is public in a number of places, but not my birth date (which could be used to access my financial records elsewhere). The important thing is to make the value of the intersections, the data that lives in the interstices, the JOINs, less valuable, less accurate.

Everything one would need to steal a person's financial identity and legel-system identity is already public. My birthdate is available, various home addresses, my parent's names (and mother's maiden name), all are already available. What technology does is to make it possible to aggregate tens of thousands of records of information cheaply. Which would you do, walk garbage can to garbage can collecting information, or find out who in the Pet Supply Store, Bank, or other institution, who maintains the database of customers and attack that weak point?

So, go to the EPIC site and read through that list (apologies to the non-US readers, perhaps an international version of the list should be made). Also consider contacting your US Senator about the Personal Data Privacy And Security Act Of 2005 (the link is to a press release, not sure where the text of the law is). One step I would add to the proposed law is to require anyone maintaining a database of personally identifiable information to allow people to know what information is maintained (by this I mean the types of information, not the actual values) and to allow people to request that the information be purged. I don't think you can allow people to correct information, because how do you certifiably guarantee that the person making the request is the person you have in the database?

One other assignment: if you're remotely into science-fiction, I always recommend John Brunner's The Shockwave Rider for a 1970's dystopian take on a future where everyone's identity is whatever is in the database at the moment.