14 March 2007

I'm Still Colin Samuels

A post I wrote some time ago concerning identity, anonymity, and privacy came to mind this morning when I read an article in the Wall Street Journal (subscription required) describing several new search tools:
[D]irectory companies and several start-ups are offering new people-search services that are more comprehensive and useful than the classic Google search at a fraction or none of the cost of a traditional background check.

The results are drawn from a wider variety of sources, moving beyond paid public-records databases and extracting information and even photographs from social-networking sites, blogs and random Web pages. This means it is now possible to find all sorts of revealing details -- true or not -- about anyone online, raising red flags with privacy advocates who worry the services could be exploited by identity thieves or stalkers.

. . . .

"It is startling how much information is out there," says Kathleen Pierz, managing partner of the Pierz Group of Clarkston, Mich. "Nefarious things can be done with that data in the hands of clever and messed-up people."

The new services stress that they aren't searching for any information that hasn't already been made public.

. . . .

The new online background services are developing ways to better solve common back-end technology problems like how to differentiate between two people who share the same name, using techniques like cross-checking information from multiple sources before they publish it in their search results. They have a broader range of sources to work with as well. As tens of millions of Americans of all ages join networks and groups online, the information is practically falling into their laps.

In my original post, I noted the many different information trails I left to be located and mined by pretty much anyone with access to the internet. Some of these are typical of anyone living in modern America -- driver's license records, credit histories, and images left on surveillance cameras are a few examples. For the most part, this information is just a byproduct of living in the real world. As I mentioned in the post, it might be possible to live "off the grid" in a sense by not driving, working, or interacting with ordinary financial and community institutions, but this would take a tremendous amount of discipline and might in itself attract the kind of attention it was intended to avoid.

Another class of information was, for the most part, less important but perhaps more informative. This class included those voluntary disclosures we routinely make to not just exist in the modern world but to also enjoy it; in my particular case, these included each and every post on this blog (as well as every comment I've left on others') and my Amazon wish list. When I first posted about this topic, some of this information which I chose to disclose might have been unusual -- considering the population as a whole, relatively few people are actively blogging even now -- but what's striking about the Journal article's findings is how both the opportunities and willingness to disclose increasingly sensitive information have developed in the last couple of years especially.

As a person does greater portions of his or her shopping online, the likelihood increases that that person will trade confidentiality for convenience by creating a publicly-accessible account identity or a wish list. Similarly, as greater numbers of people flock to social sites, the "value" of those sites increases and more people willingly create accounts and online personae. As those sites become more polished, they become more adept at harvesting information from and about their users, usually with those users' full knowledge and active assistance.

What's striking to me is that these "concerned users" who are quoted in every article like that in today's Journal (and are thereby indexed and made that much more searchable!) have, by and large, voluntarily traded their information for something they valued more at the time. Any damage they anticipate now results not from the disclosures they allowed but from the capacities of many entities -- both legal businesses doing nothing illegal and "clever and messed-up people" doing "nefarious things" -- to connect the dots by tying together far-flung bits of information to get a more comprehensive picture of a person.

For the most part, I don't see this as a crisis but as the natural results of people letting go of something they value lightly -- here, their personal information -- and regretting that down the line when they see its value to someone else. Should people be protected from identity theft and stalkers? Absolutely. Should people be protected from the legitimate use of their voluntarily-disclosed information by businesses and individuals? Absolutely not. In many ways, this argument confirms my long-held suspicion that the outcry an official effort to elicit information generally causes could be avoided just by sitting back and waiting for people to talk about themselves or hand over their personal information to some random third party in exchange for a few magic beans.

We've been taught time and again that when we hand over our money, we should be mindful of the old admonition "buyer beware". Increasingly, information is as valuable as money and most of us are only now starting to appreciate that fact. Where there's money to be made in exploiting information, that information will be exploited more creatively, completely, and repeatedly as time progresses. Discloser beware.


Rug said...

This whole people search thing scares me like you won't believe. I have signed up with facebook, and I know (for two reasons) that facebook probably sells the details they have of me to many bidders.

For one, they add new applications almost weekly, and the new applications are labelled as 'third party'-- in other words, they are applications made available to facebook by third parties, and therefore they get access to your information.

Also, when you sign up with facebook, they are pretty open about the fact that they will sell or give your data to third parties – in the small print of the sign up. They actively say that they will do so.

Then, some people are putting their mobile numbers and addresses on facebook – and facebook is probably selling these details to almost anyone.

I ask, why the heck will someone be doing a people search on the net for any other reasons than slightly sinister? If you don't have their details, chances are you don't know them!

portrait paintings said...

Your story reminds me of a lesson I learned some time ago. Allow me to leave the secrecy of the experience I’ve had but please let me share with you the lesson I learned. One, if it’s too good to be true then it never works. Secondly, if something a claim to be the best or better than the best then it’s practically the worst.