Today on the radio I heard the story of Benjaman Kyle. What struck me was a comment by the host, “Without a Social Security Number, it doesn’t matter, he can’t get a job, he can’t go to a shelter, he can’t do tax stuff. All he has is a card that says ‘Oh yeah you’re Benjaman and you live in Jacksonville Beach.”
No SSN, no official existence. How many things do we realize are actively tied to a number originally intended to track New Deal Social Security accounts for individuals.
Even Wikipedia calls the SSN out as a “de facto national identification number”. And the de facto nature is exactly the problem, there’s a lot of baggage hanging on this number that has slowly changed the way we work and live. And it’s sometimes questioned, but usually we’re just told to protect your SSN like the keys to the kingdom, but to also give it to anyone who “needs” it. And need is determined by the asker, with no option and discretion on the part of the holder. The choice isn’t between using your SSN and a random identifier, but using your SSN and not being employed.
We aren’t our papers, but we’ve got this systemic need for disambiguation for a number of reasons. The government needs to track us for taxation and benefits purposes. The banks want to track us to judge credit risk. The public utilities and your rental agency want to access the banks risk judgement to make sure you’ll pay your bills on time. Each of them want to make sure that the records they find match the person in front of them. And that disambiguation has gained primacy in too many areas. The primary issue with identity is that there isn’t a single identity for any of us. The primary issue with a de facto standard for disambiguation is that it’s horrendously easy to defraud, since all of this burden was imposed on a system not designed to address it.
Identity vs Identification
Identity is not a login / password combo. Identity is not a singular entity. My identity changes based on who I’m interacting with, like Clark Kent vs Superman. My work identity uses certain skills, and only certain parts of my life are exposed, some through necessity for HR purposes and others for credibility / credentialing. Anyone with an employer and a personal Twitter account knows this: “My views not my employers”. Blogging raises the same issues, which persona are you representing. Your identity as Dad is different than your identity as CPA than your identity as Friday Night Poker King. Our identities are multi-fact and multi-facet, but each face towards a particular situation. Usually, “embarrassing” moments are when you show the wrong face to the wrong group. The outrage over employers searching social media stems from this same separation of persona.
As such, when we look at identity, any solution has to take into account these personas. And these personas should only be valid within a particular scope. Role Based Access Control, anyone? When I’m at work, I’d be fired (or at least get a black mark) for using a personal email address to send corporate information. And we already limit access to data based on requirements and policy. Why should access to my personal data be any different? Every sector should have a separate and non-related set of minimum data that sector needs about me to operate. Within that sector, that set of data should be my “identity”. Doctors, hospitals, and maybe even insurance companies, need a view of me that represents my health facts: conditions, providers, bills, etc. The health care sector doesn’t need to know anything about my banking information, my tax status, my music preferences.
“Views” of singular master identity is not the same as separated personas. The idea of a master sole source of identity should be terrifying. Someone I know spent several years attempting to correct a bill collector and credit report after a hospital reported someone else delinquent on a series of medical bills. Someone with a completely different name, a completely different address. But, the Social Security Number taken by the hospital was wrong. And that’s all that mattered. No shared addresses, states of residence, names, made no difference what so ever to the hospital, the billing agency, and the credit system at large.
Thinking about the massive amount of linked issues when SSN is used and misreported by the collecting entity, linking even more to a single identifier is a step in the wrong direction for everyone. How can you prove that the purported you isn’t you?
Privacy is paramount when discussing personas, since much of the differentiation in persona is about sharing. Privacy is not secrecy. Privacy is the opposite of publicity. If you wouldn’t tell a randomly selected person on the street, that’s private. Anything you think is no one’s business except those you tell, that’s private. Maintaining privacy in a computer based environment requires secrecy (or encryption) where sharing occurs.
There does need to be an inter-sector exchange means. If my government identity provides access to certain health benefits, then there does need to be some way to validate that the health-me is the government-me. But that’s still a sector specific problem.