Identity theft is here to stay

David Holtzman: The most freeing quality of the computer age has also become its most troublesome aspect - every time we use services over the Internet or a network, we expose our identity.

One of the strengths of digital communications is the ability to momentarily borrow an insanely expensive computer network, such as using the Internet, to deliver a message, make a purchase or look up information.

Ironically, this most freeing quality of the computer age has also become its most troublesome aspect. Since we share these services with many other people, we have to identify ourselves with digital "keys" each time we use one. And it's these same identification keys, which provide the convenience of use, that can invite misuse by identity thieves.

E-commerce is a misnomer. Even if they have no online presence, most regional, national and global businesses have adopted the strengths and weaknesses of e-commerce. The main element of e-commerce is about restructuring a business so that it is database driven. This is the dirty secret of CRM -- that it dehumanises the customers and replaces them with numbers.

The obvious downside is a growing sense of customer disillusionment, decreasing brand loyalty and a hard-edged cynicism toward Corporate America that is no doubt contributing to current market conditions.

The real damage is subtler. The substitution of these identification keys for the person, while probably necessary, has created an environment that is conducive to identity theft. It is much easier to find a way to get the identification keys that will unlock an account than it is to break a window and leave with a television set.

There's sometimes more at stake here than just money. If you know the right keys to authenticate yourself to a computer system as someone, then for all intents and purposes you are that person in every possible way.

Not only can you withdraw money from someone's bank account, trade their stocks or sell their house, you also can lift their professional credentials and establish commitments and relationships under a fraudulent pose.

You don't need computers to carry off any of the above scenarios but they make it so much easier. Every new online capability carries the potential for abuse by identity theft if there is an incentive for someone to do so.

But what about the children? I call this Generation IM, because it is the first one that has grown up in an always-on world.

They view computers as structural material because almost every aspect of their life is computer-powered. In school, the traditional library card has given way to a terminal login with their student ID. At the office, they enter their hours worked into a computer system and withdraw cash from the bank via an ATM machine.

Their friends may move out of the school district, but they'll never really be out of touch via email unless they want to be. Their ID numbers, instant messaging handles, email addresses and domain names define the boundaries of who they are. As they get older, these keys will be the claim checks for retrieval of their memories.

This new generation, Generation IM, is the first one whose identity is completely defined by their online presence. They will therefore always be vulnerable to identity theft. Unfortunately, legislation will not effectively contain the identity theft problem. Here's why:

* It's too difficult to enforce, let alone prove, for legal action to be an effective deterrent. * It's completely orthogonal to homeland security. * Identity theft's cousin direct marketing is a protected species.

Judicial actions can be effective by building up a foundation of applicable case law and by being punitively brutal to the perpetrator when given a chance. Unfortunately, the basic ammo to load the judicial guns -- such as clear guidelines on identity -- is not at hand.

Identity theft is not about numbers and it's not about money. If it was, we could write laws to protect ourselves. We could easily create a national ID card with biometric identifiers and use it to identify ourselves in public areas, pay for all of our purchases and contain a sample of our DNA and medical history for health care. Every artefact that we have interacted with could know who we were and add what we did to governmental and commercially available transactional databases.

The easy way to solve identity theft is to systematically remove any ambiguity of who we are or what we are at any time or place -- in the real or virtual world. Anything less provides an opportunity for theft.

That is the price for freedom.

David Holtzman is editor-in-chief of GlobalPOV. The former CTO of Network Solutions, he managed the Internet's master root server during the late 1990s. Holzman was also a cryptographic analyst with the US Navy.

To have your say online click on TalkBack and go to the ZDNet UK forums.