June 19, 2007
Good wine matures slowly. Maybe we need to be patient and let eprivacy grows in tannin for a while more. Indeed several recent news stories show how old topics can move forward.
First to catch my eye was a report by Jon Swartz and Byron Acohido about a scam based on a massive data theft at TJX (*). Faithful readers know I said nothing when TJX first disclosed its information systems had been breached. I felt I said it all already, more than a year ago. I was more concerned by recent trends looking at ID theft as an overblown subject and painting activists such as Betty Ostergren as media hungry pesky pests. Jon Swartz and Byron Acohido now "advance the story", to use the consecrated expression, by blowing to smithereens these callous representations behind which the US Congress hides its inaction.
The crooks were caught raking a million dollars from counterfeited credit cards, a case of id theft. Beyond this simple scam, Jon Swartz and Byron Acohido correctly identify two ominous directions. First these crooks were just part of the retail end of the operation. Second the original security breach also exposed Social Security numbers. Must the US Congress wait for the follow up story on full blown ID theft before granting individuals their constitutional data rights?
Next Brad Stone used the N.B.A. finals to give us the latest news about scalping (**). When a sports franchise provides a ticket to individuals, its restrictive covenants go to book length. As Brad Stone quotes "Chris Tsakalakis, the president of Stubhub and general manager of eBay tickets", "it's not part of a free and open marketplace". Recall personal data is or at least ought to be, but a type of property. When an individual provides personal information to companies however, there is no limit to what they can do with it within the capacious scope of their privacy (invasion) policies. Welcome to the benefits of proanocracy, the government of the people by the lobbyists for the corporate interests.
Here the news is that scalpers are no longer the unsavory characters "lurking outside the stadium". The issue has shifted to a classic battle between new entrants and entrenched monopolistic powers keen to recover lost market share. Could the time be at hand when new entrants will also find an opportunity in letting people freely manage their private time and information as they would their arena tickets?
Last Brad Stone (Again? is it a case of stolen identity or a natural flair for eprivacy issues?) analyses the efforts at eBay to prevent fraud (***). I have warned against the failings of popularity-based truth. "Rob Chestnut, eBay's global head of trust and safety", is quoted as noting "that too many sellers had nearly perfect approval ratings". eBay has yet to gain acceptance for its new recommendation mechanism and building a satisfactory system is a challenging task as Google's example shows. But it is real good news that eBay acknowledges the issue.
In fact may I indulge in repeating myself? Why should the credit report agencies insist on a business model based on fencing consumer data? Why couldn't they realize they have first rate experience in building and operating recommendation mechanisms? Why couldn't they get eBay to outsource its fraud prevention program to them and get paid by the people who need to be recommended rather than by the people who check on the recommendations?
- (*) ...... TJX data theft leads to money-laundering scam, by Jon Swartz and Byron Acohido (USA Today) - June 12, 2007
- (**) .... Scalping, Aboveboard, by Brad Stone (New-York Times) - June 14, 2007
- (***) .. EBay Says Fraud Battle Is Going Well, by Brad Stone (New-York Times) - June 14, 2007