Slashdot Mirror
Selling Other People's Identities
joeflies writes "The San Francisco Chronicle has an extensive article on the controversial site Jigsaw, which makes it easy to sell other people's identity information. Jigsaw encourages people to collect business cards and email signature blocks, which is compiled together into a searchable database. Participants earn points towards their own searches or earn money.
Is this exactly what Scott McNealy meant when he said electronic privacy is dead?"
Can business cards be classed as private? Surely the idea of giving them out is so they get spread far and wide?
Fowler, the CEO of Jigsaw, is quoted as making an interesting comparison in the article. He likens Jigsaw to Wikipedia in so much as Jigsaw is a user-supported advertisment database, like Wikipedia is a user-supported encyclopedia.
What he fails to realize is just how far this user-supportedness can go. Just like with Wikipedia, I imagine that Jigsaw will be hounded by vandals and the like, dumping loads and loads of false information into Jigsaw's database.
Moreover, since Jigsaw is going against basic principles of privacy, I can imagine that we're going to see a lot more problems than with Wikipedia from "vigilante vandals".
The title given to this section is misleading. My ID was stolen when I was 18, and I've lived the last seven years of my life as the victim of ID theft. Business information is not selling identities. Selling my driver's license number, social, etc., would be.
Although annoying, truthfully this guy isn't doing anything wrong and it seems he's compiling a database of business contact information accessible via a paid subscription or by adding business contact info. Only if he allowed personal or home information would this be wrong.
I always get this odd sens eo fpride at how much goes on in my own back yard, and it reminds me of part of the reason I love living in Silicon Valley and the Bay Area.
It's a girl!
Quite a few times I've thought, wouldn't it be nice if America had the same data privacy laws... this is a good example of why they're needed.
In the UK a database of personally-identifiable information automatically needs permission from every single individual concerned, unless it's exempt for some reason. Even if it is exempt the data can only be kept for the purpose it was collected for, and not shared. Once it's no longer needed it has to be destroyed.
It's a good example of putting individual rights before business interests. Not something the USA excels at...
Look, they could issue (for $100? or how much it costs...
Ok. 300 Million people in the USA. Times $100. That's $30 BILLION dollars. So much for cheap.
to people devices which are able to sign with a private key a short string of digits (16? 20?) that they dictate to you over the phone. You dictate back the 20 digits of the signature.
Ever enter a WEP key? It's 26 letters long. I have to retype one at LEAST 2 or 3 times TWICE in order to get it to work, when I have the key printed right in front of me. Do you REALLY think that's going to work reliably over the phone?
No complication, no computer needed.
Eh, let's see. We're going to relay a 20-character random text key twice over the phone, in and out of a $100 computing device. How is this either one of "No complication" or "no computer needed" !?!?!? What is that $100 thingy if not a limited-function computer?
What happens if you lose your $100 thingy?
Ultimately secure? Not.
Meaning, it isn't even a particularly good assurance of what you're after.
But anything like this would be VASTLY better than relying on the same 9-digit fixed number (the SSN) that appears in cleartext on every kind of document, and of which there are hundreds of copies lying around in offices around the country, from banks to insurance companies to medical offices to schools to universities to... you get the idea.
The problem is that you are trying to solve a social problem with a technical solution. You can't do that. No amount of technology usage would eliminate crime. Your solutions is simply too complicated and expensive to work well. Furthermore, it doesn't fail gracefully. Somebody gets your $100 thingie, and they suddenly can do whatever they want with your bank accounts and whatnot.
I STRONGLY recommend that you read some of Bruce Schnier's work. He started out like you - thoroughly convinced that the proper use of encryption could solve all of society's security ills, through his best-selling book "Applied Cryptography".
But then, the real world showed him how he was simply wrong. He was smart enough to swallow his pride and learn his lessons, and he's subsequently become one of the worlds leading experts on system security. Some of his best works include "Secrets and Lies", and his most recent: "Beyond Fear".
Give it a chance. You could make a 6-figure career by applying his principles!
I have no problem with your religion until you decide it's reason to deprive others of the truth.
Yes and no. Not everyone gives out business cards indiscriminately.
-William Shatner can be neither created nor destroyed.
Business cards have the same implicit confidentiality/privacy as letters?
Business cards are handed out by people to put their contact information out there for potential future business partners. It's not uncommon for people to go to a business convention and just put out a stack of business cards for strangers to take. It's also not uncommon for one person to pass on another's business card to someone else whom they feel might be interested in contacting the person listed on the card.
Letters don't exchange hands the same way. Letters are written and directed at a specific person, and it's not customary to pass on to other people a letter someone has written you in confidence. Sorry, but that's just a piss poor analogy. An appropriate analogy would be passing a particular company's brochure to another person. These are "business" documents which aren't directed at any specific individual and contain information that people want to put out to facilitate their business.
No one is going to get ahold of you via your business contacts or want that info. unless they want contact you regarding some business related matter. And if you don't want other people to solicit your business through a particular contact then you don't list it on your BUSINESS card.
Business cards are handed out by people to put their contact information out there for potential future business partners.
Talk for yourself, don#t talk for others.
Currently I run my own business, and I indeed give out business cards for the reason you mention. A couple of years ago however, I was a systems engineer for a huge IT company, and whenever I gave a business card to someone it was because of that specific individual having a need to contact me and me approving of him contacting me.
The morale of the story is that what you happen to do is first of all not representative, and second, might change over time.
A business card as such is copyrighted both in its design and its content. Taking that content and copying it is a violation of my copyright on my card, and you cannot do that without my permission.