Identity protection in the digital age

Right now, personal data and the uses and value of it, are a hot topic. After all, we all share our personal data on a daily basis, if not more.

The topics of personal data breaches and identity protection have been in the limelight recently. This is probably due to factors such as the Facebook scandal, and the new GDPR regulations in the EU.

All the fuss makes a few questions arise:

What is personal data and why do we have to share it?

The GDPR, which was recently introduced across Europe, has defined data as “any information related to an identified or identifiable natural person”. This definition would cover a lot of common data, which often gets shared.

Some examples are:

  • Bank account and credit card details
  • Passports and driver’s licenses
  • Postal or email addresses
  • Phone numbers
  • Social security numbers
  • IP addresses and cookie identifiers

In some cases, for example, with digital identification; it would also cover factors such as cultural and social identity.

What are the uses and value of it?

The collection of data has multiple uses across a wide variety of industries. For example, companies can use data collected from target customers to improve the services or products they offer.

Big data analytics

Big data analytics have a wide range of benefits:

  • Health devices that can notify DR’s when something is detected (implanted or wearable)
  • Advertisements that are focused on what individuals want to buy
  • Smart cars, capable of avoiding collisions or alerting appropriate help when they happen.

Unfortunately, along with benefits, it also brings a few risks; and big privacy problems.

How personal data is stored and exploited by big companies and why it can be bad?

In the past, the scale of personal information that was held by commercial entities was a lot more limited and easy to oversee. Today in 2018 however, this has changed drastically.

With the digital era taking place, we have experienced the rise of online advertising, smartphones, and social media networks. Since this, a wide range of companies are storing much more data, and monitoring almost every aspect of consumers’ lives; the data is then sold, exploited or used for mass manipulation.

Simply surfing the web or owning a smartphone can result in information being transmitted to hundreds of third-party companies.

Unseen pieces of embedded software can transmit information regarding websites visited and navigation patterns, sometimes even scrolls, keystrokes and mouse movements too.

When using a smartphone, a lot of personal information regarding the users’ everyday life is not only transmitted to Google, Apple and App providers, but also to a large number of third-party companies. This is again from hidden software that App providers have embedded.

The real-time surveillance that was created for online advertising is now spreading quickly into other industries, including customer data management, pricing and risk management. These are just a few examples of where real-time surveillance has expanded to.

The problem with the amount of data that is being collected and shared is the vulnerability to exposures that could have life altering consequences for the individuals affected.

What harm can it do?

Combining online data and customer databases

Companies can take the lists of personal details, including email addresses and phone numbers from their customer databases; they can upload them to online advertising networks. The process can match with the data stored on online personal profiles, literally ‘putting a face’ to all of their customers.

Furthermore, some networks enable ad-tech vendors to match with their platforms’ databases as well. Companies can link offline data they have previously stored to data collected through the web and smartphone applications, acquiring a lot more data than customers had previously given them; without the customer’s knowledge. It is impossible to know everywhere anybody’s personal data has been shared or for what reasons it’s been passed on or stored.

Personal data collecting could cause bad automated decisions

Personal data could offer faster-automated decisions. Things such as, whether somebody is an eligible tenant for a property if somebody could be a valuable customer, quotes on insurances or; even if somebody is entitled to some type of benefit or help or not.

The problem with automated decisions based on data collected is the consequences that could result if a bad decision is made. For example, an automated decision technology that makes its’ decisions using data, may not be able to take exceptional circumstances into consideration. The process could unfairly affect people’s life opportunities. Some decisions may even happen indirectly, without the individuals’ knowledge.

Personal information can easily be overly used to unfairly refuse people access to services or opportunities, including individuals trying to get fair access to housing, education, and employment.

‘Big Brother’ technology

Mass amounts of behavioral data that can include highly personal information are stored in the digital sphere and sent to fraud detection systems that are using highly invasive technologies. A lot of this ‘personal-level’ data ends up being used in ways, or for purposes that are extremely different from the conditions or reasons why the data was originally recorded.

I could even be used by companies do intentionally discriminate against certain groups of people based on data such as age, sex or race.

Not enough data could cause problems

If people choose to keep their personal information more private, they could wrongfully be considered a ‘high-risk’ customer. This could be for petty reasons, such as choosing not to have profiles on social networks or similar, or even not being a regular online consumer.

If not enough data is available on an individual, they could find it hard to get approval to participate in online activities or access services. This could even hold up people’s money transfers often and make it harder to sell items on online platforms.

Limiting an individual’s access to services online or similar, simply because not enough data has been collected on that person, could be considered as limiting an individual’s autonomy.

Big companies can charge obscene amounts to share our data

If a company stored data that was useful for important medical research, they would have the power to charge the research company a ridiculous amount of money to get the data they need. This could cause a huge barrier in several industries including healthcare and education; chances are, most of us would happily give that data for free or at least a much lower cost to organizations that were using it for good causes.

The mass amounts of data available online have definitely resulted in a rise of identity theft cases.

According to Silicon.co.uk, online data caused a record number of Identity theft cases in the UK alone last year. Eight out of ten of these incidents were the result of information found online, reported Cifas anti-fraud agency.

Javelin Strategy reports that in 2017, the number of victims of identity theft in the U.S. rose to 16.7 million. Identity theft is definitely the most common cybercrime for individuals to be a victim of; especially considering identity theft has remained easy for criminals to achieve and monetize from. Javelin strategy also revealed their worrying findings that children are increasingly becoming victims of identity fraud.

According to javelinstrategy, only for the U.S., identity fraud hits all time high with 16.7 million victims in 2017. It is :

  • 16.7 million identity fraud in the U.S. per year
  • 45,753 identity fraud in the U.S. per day
  • 1,906 identity fraud in the U.S. per hour
  • 32 identity fraud in the U.S. per minute
  • 1 identity fraud in the U.S. every 2 seconds

That is a shockingly high amount. What’s even more devastating, is that most victims won’t even be aware of it straight away’; not until they are faced with the consequences. Victims often find out when they are refused credit or employment, or get the nasty surprise of bills or collection agencies.

Furthermore, the average arrest rate for the culprits of identity theft is disappointingly less than 5%.

iii.org show some revealing identity theft and fraud statistics here. They have found that in 2017 alone, there were 371,061 identity theft complaints and 1,138,306 fraud complaints.

Every individuals’ personal information is now stored on hundreds if not thousands of servers worldwide. With all things turning digital, personal data is increasingly exposed; this, in turn, causes an increase in identity theft.

21st-century scandals

The rise in data being shared in the digital age has brought with it a whole new type of scandal. These 21st-century scandals are the result of a huge increase in personal data being collected and major data breaches.

Probably the most talked about recently, is the big Facebook scandal, but there have been quite a few large-scale scandals involving some of the biggest companies in the world. Here are just a few of them: Facebook: 2018, Equifax: 2017, eBay: 2014

The conclusion: TrustUnion’s approach to data

With there being multiple privacy concerns and scandals, as well as such detailed personal information ‘out for grabs’ in the online world that’s constantly connected, we have noticed that there has been little effort to improve privacy protection and tackle the growing problem.

Taking all of the above into consideration, TrustUnion does not want to be another company exploiting data. We want to leave our clients with full control of their data, all of the time.

At TrustUnion, we believe that individuals should have the right to protect their personal data. We do not have any wishes to control data, you control 100% of it; we don’t have any access to it.

With TrustUnion, there will be no more registration on sites and no personal details given to the company other than what is essential for the transaction.

When shared to a third party, the data is encrypted in an end-to-end manner. Using the concept of ‘Zero-knowledge’, the TUN ecosystem is secure by design AND privacy by design.

Our new protocol enables the creation of the first digital and unfakeable trust through the blockchain. Our “chain of trust” ensures anonymity and the protection of personal data.

The real trust that TrustUnion has centered around, means you no longer need to provide identity verification to make a transaction, but still, have the trust and reputation that you would expect.


Originally published at trustunion.com on August 22, 2018.