Whats a privacy violation, anyway?
When complaining about the ChoicePoint, Lexis-Nexis, and Time-Warner privacy debacles, it’s important to be clear on what kind of damage is being done. There are two basic things that can go wrong when databases of people’s personal information are too easily accessible: • Some of your personal information can be used to impersonate you (identity theft). • Some of your personal information you just don’t want known (simple privacy violation). As I’ve observed before, the identity theft problem is largely due to the conflation of authenticating information (such as your SSN) which is used to prove your identity and reputational information (such as your credit rating) which is used to verify if you’re a trustworthy person. Separating those types of information so that people could verify your reputation without getting authenticating information would go a long way towards making identity theft more difficult. Unfortunately, it’s harder to find a structural fix for leakage of reputation
