Privacy is NOT for the paranoid

I am so sick of people saying that privacy advocates are just paranoid, and that if you aren't doing anything wrong you have nothing to hide. Honestly, though, you don't hear that anywhere near as much as you used to.

These days, with identity theft at epidemic levels, everything I hear is 'guard your personal information'. That's great, but service providers still ask for SSN, drivers license, credit card, and often won't take no for an answer.

Within the last 10 months 2 of the handful of service providers I subscribe to, my cellular provider and my ISP, have lost information about lots of their customers. T-Mobile was hacked last summer. The hacker had access to millions of customer's data, and it is known that he tried to sell it. I may have suffered from that leak of information as my account was compromised a couple months back, leading to additional handsets being added and hundreds of dollars of extra charges. I'm hoping that nothing else will come of that, but I don't, and can't, know.

My ISP lost user information on 1,200 LOCAL accounts recently. I don't believe I was one, as the news blurg I heard on it said they'd notified those whose information ahd been lost.

So, the question becomes, why can't we have anonymous accounts? Why can't I setup a secure, anonymous money account (think paypal or egold) that is NOT attached to my name. Then if it is compromised I will at most only lose the money in that account, and hopefully even that will be refunded by the service provider.

As it stands, if any one source leaks my information, ALL of my accounts can potentially be compromised. With anonymous accounts, only ONE would be.

In this high-tech age I should be able to sign up to receive cell-phone service. I'd request a number. I'd buy the handset. I COULD provide a p.o. box (or real address if I wanted to) to them for a bill, or they could provide an electronic account number into which I can deposit my monthly payment. All payments are initiated on MY end, not on theirs. They don't have account numbers of mine, no name, no SSN, no drivers license #. They would pretty much only have my phone number. They'd receive payments for my account each month.

In order to retain the convenience of automatic bill-pay my anonymous bank account would be able to make monthly deposits automatically. This is called bill-pay and most banks offer it already.

Due to the fact that some charges vary from month to month, it would be helpful if my bank account could automatically send the correct amount each month. A simple solution to this would be for a standard query method to be built which allows my bank account to connect to my cell-account and ask how much I owe. Authentication could be based on SSH, SSL, anything fairly secure. If someone exploited this all they could get from my bank account is how much I owe. But, they wouldn't know who "I" am. At most they could do a reverse telephone lookup, and maybe get a name and address (if that info wasn't also harder to come by). So they'd know who I was, my phone number, and how much I owe. And that would be it. That's a gargantuan improvement over current vulnerabilities.

If someone tried to hack the bank account through the query method they'd have to wait for the bank account to make a query, intercept it, and then send false information. However, all the query would be able to do is set the amount. It couldn't change the account where the money went to, it couldn't query my account, nothing.

There would be no common identifiers linking my various services and accounts. The services wouldn't even need to know what account was sending funds if the process were properly arranged. My anonymous online bank could send anonymous money transfers. It could shield my account number entirely. What does my account number have to do with anything?

The other catch is credit checking. In some ways this is the root of our problem now. There are a few ways of addressing this problem.

No credit? No problem

We could opt to have no credit check whatsoever. As a result we may not be eligible for certain deals, rebates, or freebies. Perhaps our service provider wouldn't give us a free phone with the plan. Or, perhaps they'd give us a rebate on the price of the phone after 6 months or so. This would work with just about all services, but not loans and other lines of credit.

Anonymous Credit

Perhaps we could have anonymous credit accounts. There would be various levels of anonymity available. The first step, however, is outlining the new credit method at its broadest outline.

Credit would flow both ways. Think eBay. You leave feedback for your service provider, they leave credit for you.

Anonymous Retrival

A credit provider allows you to create an account. It is given an account number of some sort. This number, in conjunction with an authorization password (or other, more secure method) that only you provide allows a service provider to query the credit provider and receive your credit info. They'd be able to see overall statistics (positive/negative) and read the details. There would, however, be no personal info in there, as no-one who commented would have HAD any personal info to disclose.

Both you and the service provider also receive a token of sorts to add feedback to the other's credit account. Nothing in this token would give away any information about you or them. It could simply be a random number/password (or certificate, etc.) that allowed them to submit feedback. Think ebay. If you buy something from someone you have the opportunity to provide feedback: once. And the user has the opportunity to comment on the feedback, too, and leave feedback for the buyer.

That's it. This credit provider has your personal information. If it gets hacked, your info is compromised.

It must be noted, in a system where personal information ISN'T used to creat accounts, it becomes less valuable. So you know someone's name and address? You still don't have their anonymous bank account password or account number or even the bank, or whether or not they have one or pay via some other method. You can't use that information to get information from their cellular provider because the cellular provider doesn't have the info and can't cross-reference with it. They couldn't use it to access your bank account because that doesn't have your personal info, either.

If you stop making payments then they'd leave bad feedback and your rating would go down.

Full anonymity

This is almost the same as the above system except not even the credit agent would have your information. Why should they? You authenticate a credit account, show them the info, and if it's good enough they accept. You could even authenticate someone else (it'd be similar to co-signing). You'd put your own credit account at risk to vouch for someone else.

Risks

The risk in all this is that if your authorization is compromised, someone can hose your credit by using it for themself.

However, they still wouldn't have your personal info and couldn't get into your other accounts, AND your bank account could STILL be completely separate.

Hurdles

There are, unfortunately, some obstacles to implimenting a system like this. One of the biggest is the government. They currently REQUIRE that various service providers and banks gather your personal information. The information that institutions are required to gather is actually going UP, justified by homeland security. Ironically, identity theft is a much greater threat to our security than whatever supposed benefit to security is gained by harvesting all our information. In fact, it has been shown and admitted time after time that our intelligence agencies are glutted with information, and their problem is making heads or tails of it all.

The potential good news is that with the internet it is quite possible that these services can be internet based and operate out of countries without information-harvesting requirements. Unfortunately, some services can't be handled this way, such as utilities, cell-phones and the like, because infrastrucure must exist within the country, thus requiring the company to follow US laws in conducting business there. Banking and online commerce, however, can all be handled anonymously, and we should move in this direction. Also, we should push government to loosen up these requirements in the interest of national security. The bastards.

In conclusion

These are just ideas. I know it needs more thought, but what I'm trying to show is that with just a tiny bit of thought, better, more secure systems can be designed. Things are getting ridiculous, and something has to be done.