Wednesday, 21 August 2013

Why you need disposable identities

When you care about privacy and security, then every system where you link to someone else - all social networks and communications methods - or any time you give someone a powerful piece of personal information (like a credit card number) then you have to build in temporary aliases that can be revoked later. Instant message accounts, emails, phone numbers, credit cards, mailing addresses, social network accounts. Every one of them needs to have two layers of identity in them: the real account details, known only to you and the service provider in question, and an ever-changing set of straw man contact details that are known to your peers and colleagues, but are only valid until you revoke them.

Because you will eventually have to revoke some of them, and you never know which ones those are in advance. Maybe you gave your credit card number to a dodgy internet site, or a friend's phone got stolen and now you're getting obscene phone calls at 3am. No matter who you trust or how you manage your life, these details will eventually cause you grief, and you need to be able to shred them without having to undo your whole life, change your phone number, move house and assume a new name.

Mokalus of Borg

PS - It does seem like an extreme position to take.
PPS - And in some cases, the risk is too small to bother.

No comments: