Blog Post 2/4/2009

I’ve been working on this theory for a bit and I’m ready to start trotting it out to see what kind of feedback I might get. After having a very enjoyable chat last night with a colleague I realized it was time to start testing the waters.

Current Problem: Identity theft, Digital Manipulation of Individuals

• Identity theft is fairly well known so I won’t go into details of what that entails but general theft of identity to gain access to information or finances mostly covers it.
• Digital Manipulation of Individuals refers to the fact that organizations are now using the massive digital dossiers they have on us (by monitoring our lives) and sometimes using them against us. An example would be the systems that pinpointed low quality borrowers to market junk loans to leading up to the current financial crisis.

As a component of what I’m dubbing “Digitalocracy” is the idea that, just like the data collected by government organizations about us, individuals should have the very same rights to the information being collected about them by NGOs and industry.

Having rights to that information would then allow us to connect this vast dossier with our own digital persona; the data we create ourselves through using things like Facebook or Gmail or Flickr, etc.

So how does this then effect our personal security? Let me provide a scenario.

Last night I met a friend at a coffee shop. When I entered the door I quickly scanned the room and saw someone standing at the counter who I expected was my friend. I approached them and, upon closer inspection (aka they turned around and faced me) I knew that it was who I expected.

In this physical world scenario I didn’t have to ask for ID or a password or encryption key; I knew from all of the sensory inputs along with previous plans and meetings that this was in fact my friend. My hope is that in the digital world we’ll soon be able to forgo passwords as well.

How do we apply this same sort of process to digital entities then?

By pooling the total being of our digital dossier and digital persona (our location based by cell phone, credit purchases, online access, emails, etc.) the network should be able to reliably predict where we are and what we are doing.

While these predictions might not be correct 100% of the time they should be close – for instance, what if my friend had a twin and it was the twin standing in front of me. There is always a risk of being incorrect.

This technology exists already, waiting only on the collaboration between the systems to be designed. Unfortunately our current laws create the barrier of Intellectual Property claims which holds us back from accessing what is essentially our own life data.

As for the issue of manipulation of individuals we would need to take one further step. Along with opening up our digital dossiers those same organizations that make decisions based on the data they find must also make those decision processes transparent.

While individuals may not have the time or inclination to monitor the equality of those processes there will always be interested watchdog groups who can and will. Just as watchdog groups pay attention to government process which has been made transparent we could expect this of industry and NGOs.

So, what are your thoughts about opening systems up in order to make security that much more secure?