Stolen Identity

Stolen Identity

Imagine you apply for your dream specialized job in a secured research facility that demands high identity integrity, and you get rejected because at some stage in life your identity or biometric record was compromised. You perhaps know about that incidence in your life, or maybe you never got to know. But you are a compromised person in that big vast digital world and someone who could be replicated digitally by criminals to do any number or type of activity online.

Personally, I have not come across any news yet that someone did not get a specialized
job because of compromised identity. Maybe it happens but doesn’t reach the news. But
I do strongly believe that there are specialized jobs that would demand untarnished digital identity. Specialized defense sector could be one.

The first 7 months of 2019 has been on the spike with cybercrime. A bad year indeed in the digital space. Too many incidences of breaches and hacks. Just last month, the Pearson’s Group lost a big chunk of student’s data over a breach. Then, only two days back reports emerged of a biometric technologycompany being compromised over a million biometric records of people. Both the incidents more than alarming as the impact can be far reaching. Quite far reaching in fact.

On one hand we have students walking out into a professional and active life with their
core data already compromised. Data that could not be changed in a life time. Name, birth dates, academic data, addresses, identity numbers. Changing passwords would not help.

On the other hand, a million people have lost their biometric identity. An identity that is unique for each and every one. Finger prints, retina scans, facial recognition. In both cases
we are looking at people with compromised identities. Compromise of data that is the
basis of their existence and activity in a digital world. Imagine, a victim from these breaches wants to make a passport. His biometrics is already compromised. What is exactly the point of storing his biometrics at all? He can be replicated and manipulated by cyber criminals at ease. The unique passport identity from biometrics provides no authentic identity for that person at all.

The concern is that Telcos, Banks, Phone manufacturers, and Government agencies are taking our identity. Our data and even our unique biometric existence. All in the name of security. And though I do agree that it is an obvious requirement nowadays, I can’t help but worry about the safety of my identity data? How far are these entities secured in protecting my records? Do they notify if there is a breach? What is the legal framework behind such collection of records? What is the fall back system in case of a breach? Most recently the news of a company in Bangladesh being in loggerhead with an International donor entity over a national ID card project implementation demands grave concern. The statements in the news were serious which hinted that more than one entity had access to the national citizen’s data and there were pressures of sharing access to these records between each other as well.

The world is moving more than fast towards digital integration. And we are becoming more of netizens than citizens even on territorial aspects. Our records, our data, our biometrics is crucial in this digital world. And organizations who require our data also have the supreme responsibility of keeping it safe. Maybe, not very far in the future, we will be branded as either compromised or un-compromised.

Maybe there will be something like a MeToo revolution by the compromised individuals trying to ascertain their rights in a digital society. I see nothing funny imagining that. My identity is mine and it has to be preserved. I am willing to share it for security verifications a million times but it’s storage has to be maintained with precision security. What should be our role to protect our own identity? What should be the archiver’s role? And what has the IT security industry to offer?

The clock is ticking. Digital sociology has new chapters to write.