Comments on: If Everyone in the U.S. has their SSN stolen… http://spiresecurity.com/?p=216 Risk and Cybersecurity Analysis Wed, 21 Aug 2013 23:28:51 +0000 hourly 1 http://wordpress.org/?v=3.5.1 By: Pete http://spiresecurity.com/?p=216&cpage=1#comment-310 Pete Fri, 11 Jan 2008 14:45:57 +0000 http://spiresecurity.com/blog/?p=216#comment-310 @Matthijs -

I agree wholeheartedly, though perhaps more vehemently. ;-)

Pete

]]> By: Matthijs Koot http://spiresecurity.com/?p=216&cpage=1#comment-309 Matthijs Koot Fri, 11 Jan 2008 14:37:57 +0000 http://spiresecurity.com/blog/?p=216#comment-309 This idea occured to me too (after the recent data loss/theft incidents in the UK), and here is how I was looking at it. The SSN has historically been regarded to be a personal secret and was (understandably) used as a means of authentication, has it not? Assuming that this still is somewhat the case: if everyone loses their SSN (or its newly born Dutch cousin ‘Burger Service Nummer’ when taking a view from the Netherlands where I live), the remaining value of it as a means of authentication (finally) drops to zero.

If everyone’s SSN is publicly known, governmental, financial and commercial institutions are forced to (finally) move away from accepting mere knowledge of some personal information as sufficient way of authentication to buy some service. This, then, mitigates each individual’s risk of having their personal data be abused throughout such practices. Ofcourse this is all very speculative.

Unfortunately, disclosing everyone’s SSN, intentionally or not, might ring in the first phase of a privacy disaster. Then again, the latter is perhaps a dying and cliché way of looking at things.

]]>