Blog

How Easy is it to Identify Someone Online? Really Easy!

Ara Trembly
Insurance Experts' Forum, February 1, 2010

In other columns, I’ve had quite a bit to say about the questionable security of social networking sites—especially where insurance and financial services entities are concerned. A recent visit to the Electronic Frontier Foundation Web site, however, has significantly upped the ante in the game of privacy. 

An article there by Peter Eckersley lays out just how easy it is to use a few pieces of information to deduce who you are—and chances are someone trying to do that has a nefarious purpose in mind. According to Eckersley, “If all I know about a person is their ZIP code, I don't know who they are. If all I know is their date of birth, I don't know who they are. If all I know is their gender, I don't know who they are. But it turns out that if I know these three things about a person, I could probably deduce their identity!”

This deduction happens by way of a statistical formula that you can check out in the article. OK, so someone looking on my Facebook account can mathematically deduce who I am. So what? After all, I probably have lots of personal information on my Wall, but only my “friends” can see it, right? Not so fast! EFF says the same methods can also be used to tell Web browsers apart, or to identify subtle and unique differences in my browser that positively identify me, even when I have provided no information. Thus, even when I am operating in a more “secure” online environment, someone utilizing these methods could conceivable identify my computer and gather information on me. It could be used to determine when I visit a particular Web site, and what parts of the site interest me. In short, it puts my privacy at great risk.

How unique is the “fingerprint” of my particular Web browser? It turns out that EFF has a software tool on its Web site that can determine that. When I pushed the test button found at http://panopticlick.eff.org, it took only a few seconds for the application to find aspects of my browser that are unique—that identify me without any help from foolish actions such as placing personal information on public social networking sites where my well-meaning friends have other “friends” who can now access that data. In another EFF article, Seth Schoen writes: “Our intuition that certain information is ‘anonymous’ is often wrong. Given the proper circumstances and insight, almost any kind of information might tend to identify an individual; information about people is more identifying than has been assumed.”

Perhaps you’re OK with the notion that someone using such snooping methods can follow your every movement. Then again, maybe the idea that someone is watching and formulating plans to send you targeted spam is a bit disquieting. And it could get worse—to the point where identity theft and other criminal activity is involved. Why? Because it’s profitable! In fact, online sources report that stolen Twitter account information, for example, can be sold for hundreds of dollars.

This very real possibility again points to the heightened vulnerability of our online information—whether or not we post it on a social networking site. The very idea of personal privacy seems ludicrous in such an environment. It remains to be seen whether or not technology can be developed to block the near instant harvesting of such identifying information.

It begs the question: Do insurers—whose livelihood is based on public trust—want to be named as part of the chain that takes down the privacy of an individual or group, doing financial and emotional damage? Can carriers and brokers really take that kind of hit—or must they do everything possible to limit their own online exposure to protect their most valuable asset—customer information?

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

The opinions posted in this blog do not necessarily reflect those of Insurance Networking News or SourceMedia.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

It’s Okay to Take a Breather from the Technology Maelstrom

Even in technology, good things may take time.

Customers for Life

Insurers once had a monopoly on lifetime customers, but technology has changed the game.

Smarter Tablet Use Could Transform Insurance

By reducing administrative tasks and automating paperwork, tablets can increase agentsí selling time and help them respond to customers in seconds, not hours.

Insurance Wake-Up Call: Embrace the Shared Economy Opportunities

SMA believes that insurers must embrace a "shared economy," crowdsourcing and open innovation to get ahead in the new marketplace.

The Lion and the Mouse: Start-ups Pitch to Top Insurer

Insurers should be on the lookout for innovative partnership arrangements that produce unique and valuable solutions.

Silicon Valley Ventures

A trip to area hotbed of technological innovation calls into question the potential viability of insurers' legacy systems, operations and processes.