Too Much Information

Over the past few days I’ve been thinking a lot about the aggregation of information. How databases are compiled and kept on all of us.

I think most people understand their credit histories are sequestered somewhere, but not the rest of what gets kept. So much of what we do now is digitally linked. Use a credit card or a cellphone, buy airline tickets, even go to the grocery store, there’s a record.

I read in an article where it’s claimed Wal-Mart can recreate your sales receipt from any purchase made there. That’s each individual item associated with you, your credit card, the time, location – everything. They keep the data because the data is valuable to them.

We are now entering an era where even more data will be kept.

In my car is an E-ZPass. It lets me buzz through toll booths without stopping. The little plastic rectangle is silently polled and responds to an unseen sensor. My Mobil Speedpass works the same way. I carry it with my keys. I hope the only time it’s polled is when I’m getting gas, but I just don’t know.

Speedpass and E-ZPass both use RFID technology. There’s a little transponder in the device which listens and identifies itself. These two examples are not where RFID will end. The U.S. Customs Service has proposed putting RFID chips in passports. Some cars use them to verify the authenticity of an ignition key.

The use of these devices can be to our benefit. Speedier, more accurate payment. Who wouldn’t want that? But, there’s no way for us to know they’ve been polled… and who has polled them.

The data from any of these sources, by itself, is mostly harmless. But when all of these (and more I haven’t thought of) are put together, the implications are huge.

How much about yourself do you want known and by whom? Our laws are pretty well defined in this regard. Data does not belong to the person described. It belongs to the aggregator – the person doing the collecting.

That’s why newspapers and TV stations can print accounts of ballgames or speeches. The person producing the information is not in control – the person compiling the information has the rights.

That’s one reason a news story from a few days ago is so important and scary.

Criminals posing as legitimate businesses have accessed critical personal data stored by ChoicePoint Inc., a firm that maintains databases of background information on virtually every U.S. citizen, has learned.

The incident involves a wide swath of consumer data, including names, addresses, Social Security numbers, credit reports and other information. ChoicePoint aggregates and sells such personal information to government agencies and private companies.

ChoicePoint ended up telling 35,000 California residents their personal information was divulged. I’m not sure if there are more… though there probably are. California has disclosure laws which made the notifications necessary. They are the only state that does!

Here’s part of what ChoicePoint has said: