My ID Score (https://www.myidscore.com/IDInput.jsps) is a site that was launched by ID Analystics that offers corporations and customers a service to help protect them against identify fraud. The site scans the its ID Network, advertised as the largest identity fraud database in the U.S., to see what types of credit activities and purchase transactions have been made under your name. Parsing hundreds of variables and data points, the site looks for anomalies, such as credit card applications submitted on the same day with different addresses.
To access the site, you register giving ID Analytics private information such as name, birth date, address, phone number and social security number (optional) in order to get an assessment of your identity fraud risk rating. In addition to giving you a score, there’s information on how to obtain free copies of credit reports, links to other sites with information about identity fraud, and companies that offer monitoring services.
This raises a question, how much private information are you willing to give away and for what return on the level and sensitivity of your private data?
There are many registration sites that you must register for to download white papers and information. Do you care what happens to your private data after you’ve registered for an event or as a request for a resource? In many cases, there's not a clear privacy statement or commitment pertaining to what your private and potentially sensitive information is collected for and how it will be used.
While a bit dated, one survey (http://caveatemptorblog.com/2008/04/17/do-not-give-away-your-identity-for-a-candy-bar/) found 576 office workers willing to give out information such as passwords, dates of birth, phone numbers and addresses for a chocolate bar. Much like cards to be filled out at a cashier’s counter promising a vacation sweepstakes or gym membership; it would be interesting to find out what and how much private data you’re willing to give out.
Everyone has their 'price'. What's yours?
Deanna J. Locke, CISSP, CISA, CIPP, is a privacy and information security professional based in the Seattle area. She serves as the Co-Chair of the WTIA Security SIG.