I read an interesting commentary on Wired.com by Bruce Schneier about data reuse. He had some very valid points that coincide nicely with one of the key points we emphasize in our value at IDology – promoting the responsible use of data. After reading this article, I realized I haven’t blogged on this topic yet.
Obviously an important part of our identity proofing process involves accessing and using data, and the data industry is definitely under fire from several organizations due to the privacy issues surrounding data capture and use. The problems (loss of control and error rates) associated with data reuse that Bruce points out in his commentary play a big factor for everyone – individuals, businesses, and the government. And I agree with him, there are beneficial uses of data that cannot be protected by technology alone. Legislation and legal protection are fundamental for making sure that data is not misused and our privacy is protected.
As a service provider of one of these beneficial uses of data, I would like to explain what “responsible use of data” is for us:
For starters, we don’t require any sensitive information from the consumer when proofing an identity or age. And we do not reuse data. In fact, our use of data is strictly limited to the proofing process. We are not capturing data for any other purpose except to validate an identity claim. These factors work together to improve consumer confidence and address the unwillingness consumers have to providing personal data.
We also do not reveal the data that we use during the proofing process which means the consumer is protected from their data files being shared throughout an Enterprise. This helps protect both consumers and businesses from identity theft. Really we see our process as a neutral party between the Enterprise and the data so that consumer privacy is protected and commerce is uninterrupted.
So how does this all relate back to the article? Well, Bruce actually sums it up nicely for me when he describes how and why he believes technology is still vital:
“We need to build systems with privacy-enhancing technologies that limit data collection wherever possible.”