I received a credit card a couple of months ago. After the initial excitement of actually getting one of these fabled pieces of plastic, I noticed something unusual about it. Alongside the space left blank for me to sign was my signature already embossed on the back. Someone at the bank had digitised my signature and stuck it on the card before I even saw it. From a security point of view I suppose this has both good and bad points. On the plus side, the two signatures on my card have to match for it to be of use, which is great. Sadly, if you want to copy my signature you would have a perfect template to work from, which is less great. Of greater concern is the fact that my signature is now electronically stored in the database of a bank that is run out of Australia. Whose privacy laws govern how the bank uses my signature? How long is it stored for? What happens to my signature if and when I give back my credit card? Can the bank sell my information in the name of marketing? It gets worse. This card is a corporate card and the bank would really have liked my photo as well. Because I’m particularly slack about these things I never got around to sending them one, but my colleagues did and their photos are now residing in the same database with their signatures. Now this corporation has a digital rendition of both face and signature for all time. There would be no need to "throw away" these files as they’re not taking up much space, so the chances are this information will remain stored away for many years to come and that concerns me. I know a number of you out there are now dismissing this as a conspiracy theory kind of thing and you do have a point, but let me give you an example. US state governments have been caught selling drivers licence photos to a company called Image Data for a penny a picture. The problem here isn’t so much the lack of money changing hands for these photos, which in itself points to problems on the part of the state governments, but rather that they would do this in the first place. This information, your photo, was gathered for one purpose and is being sold on for another. In New Zealand that would be illegal but not so elsewhere in the world. To compound the problem it turns out that Image Data is a front for the US Secret Service, the guys in Treasury who protect the President among other things. Scary stuff. What happens if my bank is bought by a US-based bank that decides my signature is a marketable commodity? In fact, the whole privacy and security issue goes far beyond photos on a credit card. A growing number of sites require log-in passwords to access their data: The New York Times is one good example. You don’t have to pay with actual cash to sign up, but you do pay with information about yourself. Companies already have the IT firepower necessary to drill down to an individual customer’s level rather than having to settle for some arbitrary marketing category, so they’ll be looking for this information. I have "free" user accounts with Slashdot, ICQ, The New York Times, InfoSeek, XtraChat, CNN and many more that I’ve half forgotten. That’s me out there — that’s my name and reputation: the ultimate in intellectual property. If I don’t safeguard it I have only myself to blame, but how many users think like that? This information is going to be around for the rest of our lives yet we freely hand it over as if it were nothing. I often fill in surveys and quizzes online and I have no idea what they do with the data they collect. All I know is it’s beyond my control. The CEO of Network Solutions seems to agree. James Rutt has deleted all of his postings from Web site The Well, apparently in fear of having some of them used against him somehow. Soon we’ll have our medical records, credit rating, political views and details about our emotional compatibility all available online and then you have to wonder who’s looking after it all. I have to go and queue up for a driver’s licence soon. I thought it was a good idea to have my face on my licence, but I really want to know how it’s secured and who will have access to it in future. Will they be comparing it with video footage shot at a protest looking for me? Will they match it up with money machine photos or sell it to marketing companies for a penny? How long will it be stored for? What happens to my information when they upgrade to smartcards, which I’m sure they will? Real problem or paranoia? Let me know what you think. Paul Brislen is Computerworld’s Y2K reporter. He can be reached at email@example.com, or phone: 0-9-377 902. For publication copy letters to firstname.lastname@example.org
- Free Whitepaper! Learn how IT is evolving from producer to enabler, and fostering collaboration around analytics.
- Free Whitepaper! Learn how to create an analytics environment that is governed, scalable and self-serve.
- Free Whitepaper! The 5 criteria to help you select the right analytics platform for your organization.