You are viewing a read-only archive of the Blogs.Harvard network. Learn more.

ID Please

October 25th, 2017

The conversation that I brought to the dinner table this week was quite an interesting one. “Where will we be in 20 years in terms of identification?” This was the question I posed to my friends as they leaned in to ponder the quandary. The logical response that I got was, “Well, what do you mean?” I continued on to explain what I meant. In the last few weeks there’ve been recent events surrounding Equifax and their large data spill. With huge amounts of personal data open to the public, it is becoming increasingly less reasonable to expect something like a Social Security Number to uniquely identify a person. Imagine how easy it would be to learn someone’s Social Security Number and use it to impersonate them. Which begs the question, “What should we use to identify people?” In India they think they have it figured out. Scans of a person’s fingerprints and iris are hashed together to uniquely connect each person to an ID number. There is no way to look up the person in coordination with their name, but they can trace a face and connect it to an ID number. This shows things like whether or not someone is a citizen or if they’ve already signed up for a program. A portion of the iris is saved and pieces of each of the 10 fingerprints are spliced together; it’s almost like taking a fingerprint of a fingerprint. This way they don’t have to try and make the data that they obtain completely secure. Rather, the government can decrease the value someone would gain in obtaining access to the information. The question is never if someone will hack into a database but when. Knowing this to be true, it is wise to decrease incentive of hacking into the database. In the future of America, there will likely be companies that fight for the opportunity to be the unique identifying force. If you have that status, you basically control a big part of the economy. No one will be able to identify people apart from through your company.* Some companies already seem to be on their way to this reality. A lot of information is necessary in order to recognize faces. The facial recognition software that is been becoming increasingly more popular could also play into this idea. The race is on for companies trying to become the means of identification for people in America.

It is an important part of a government to know their constituents and to be able to identify who their citizens are. Some governments that are smaller and can’t afford to do it themselves will outsource identification methods, but this could go very wrong if a war were to break out and the country that had all of the identities in a database were to withhold the information from the country who used them as a resource. Countries like America would prefer to do it themselves, but that doesn’t mean that they would likely keep this type of job within the realm of the state. In the future, we could very possibly see companies forming a monopolies or even duopolies to take over the game of identification. Who knows how we’ll be filling out our government forms in the year 2050. Surely someone is out there right now trying to figure that out.

*Ideas based on seminar discussion with David Eaves

Posted in Uncategorized | 6 Comments »

6 Responses to “ID Please”

  1. Mike Smith Says:
    October 28th, 2017 at 5:40 pm

    Identification is a tough topic. I’m glad to see that you’ve started to put the issues together. I still have trouble thinking through all the implications and situations. The use in India is a nice context to try and think through the issues in an important use case. And like you say, the way identity technologies evolve in the U.S. will be different because begins in a different place with different societal norms.

  2. Jim Waldo Says:
    October 29th, 2017 at 7:20 pm

    This is a great set of questions…

    One direction you might want to go in your thinking is to incorporate the distinction between identification (which is being able to link data to some identifier, like a social security number) and authentication (which links you in the physical world to the identity). When talking about authentication, the gold standard is often stated as something you know (like a password), something you have (like your phone, a la Harvard key) and something you are (like the Indian biometrics).

    If you have to authenticate in some fashion, just knowing the identifier is a lot less useful. Part of the problem with the Equifax leak is that some of that information is used as both identification and as authentication…which is a really bad combination.

  3. USA Private Proxies Says:
    December 18th, 2017 at 7:02 pm

    Do you mind if I quote a few of your articles as long as I provide credit and sources back to your blog? My website is in the very same area of interest as yours and my users would really benefit from some of the information you present here. Please let me know if this alright with you. Cheers!

  4. jadynbroomfield Says:
    December 18th, 2017 at 9:17 pm

    That’s okay with me! Happy blogging!

  5. Private Proxies Says:
    December 18th, 2017 at 7:05 pm

    Currently it appears like BlogEngine is the best blogging platform available right now. (from what I’ve read) Is that what you are using on your blog?

  6. jadynbroomfield Says:
    December 18th, 2017 at 9:16 pm

    No, this is WordPress.

Leave a Reply

Proudly powered by WordPress. Hosted by Pressable.