Carole King said it best
“It’s too late, baby”
Yeah, I’m dating myself, but Tapestry was huge, and she and Goffin had some serious songwriting chops.
Anyway, the “it” about which it’s too late is, yes, a relationship. An important relationship. A relationship which, while admittedly not exclusive, is “open” in a hopefully honest, fulfilling, respectful way. That relationship is the one you have with your personal information.
Well, bad news. That info is all over town, for anybody who can pay the bills, and you don’t know the half of it. That, at least, is the opinion of David Cowan, a VC at Bessemer Venture Partners, blogging about Lifelock:
It would be quite a stretch for you to imagine that somehow your data remain safely stored among all the vendors, doctors, banks, web sites, and government agenices[sic] whom you’ve engaged in your lifetime. More likely, your personal credentials are all for sale in black market exchanges like this one.
In other words, the horses are out of the barn. There’s little point trying to re-tool or regulate the world’s IT infrastructure to contain consumer data. Even if your concern is future generations whose identities are still safe from thieves, there are so many ways for data to leak that it’s futile to expect brittle secrets like our social security numbers to be both useful and sustainably confidential.
Here, Cowan echoes the response I got over a beer when I asked a knowledgeable observer of the financial industry how he’d estimate the number of compromised identities (I figured he’d know about fraud detection and so on). I knew I was in for some fun when his response began with “You’re not going to like the answer…”. It seems that in his opinion all our PII belongs to them. It’s merely a question of monetizing it. (Listen closely — that sound you hear is Lindstrom saying “Yessss!!!”)
I am not qualified to assess whether Lifelock or Debix, or any other player in this space is a sensible investment. I will say that, as I understand it, their value proposition could be obliterated with a stroke of the pen, which leads me to a conclusion, and to a question.
That smart people are willing to attach their names and wallets to these enterprises shows me that US consumers won’t have true control over access to their personal information for the foreseeable future because legislation providing it is seemingly not forthcoming.
To those who argue that the data are already all out there, my question is “Is that a falsifiable hypothesis?”