You May Be Insured, But What About Your Digital Identity?

from the fire,-auto,-health,-home dept

As long as personal information remains vulnerable -- and it will because humans are fallible so breaches happen -- identity theft will continue to be a problem. So while companies ought to take better safeguards to protect data, the next best alternative may be to mitigate the effects of identity theft. Earlier this week, AOL announced that it would offer computer damage and identity theft insurance, to continuing subscribers. This might be the beginnings of a trend, as Louisiana State University has announced a deal with Equifax to buy credit monitoring and identity theft insurance for its staff and students. The deal will also protect the university against any liability arising from a data breach; the university recently lost information on 67 students when a USB drive was stolen. Of course, there's an irony in Equifax selling this kind of insurance, since its had its own share of breaches and arguably has done very little to stem identity related fraud. Ultimately, insuring against identity theft doesn't reduce the impact of the practice, but it can spread around the risk, so that no one individual is harmed too much. Between these deals and a recent announcement that people can buy policies to protect their digital assets, it's good to see the demand for new kinds of insurance in the digital age is being met.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Gerry, Sep 14th, 2006 @ 10:18am

    It's been out for awhile...

    ID theft protection has been available for while at a very reasonable rate. My whole family is protected. Check out the guys over at Zander Insurance. They offer an ID theft protection plan. Before anyone asks, I don't sell, nor am I affiliated with these guys in any way. I just realy like their product.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Egat, Sep 14th, 2006 @ 11:31am

    New Kinds of Insurance?!

    Wait just a second. This is just stupid. Why should *I* have to pay for insurance because a trio of corporations have collected enough personal information on me to make identity theft possible. At the same time they have taken few, if ANY, measures to protect that data. Not to mention that they are opaque with how they acquire, distribute, store, process and maintain the data.

    Indivuals have no control over the process, why is it OK to shift the identity theft burden to them?

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Sep 14th, 2006 @ 11:59am

    Re: New Kinds of Insurance?!

    -- Wait just a second. This is just stupid. Why should *I* have to pay for insurance because a trio of corporations have collected enough personal information on me to make identity theft possible. --

    This isn't because of a 'trio' of companies. I work in database administration for a fortune 50 company. 30% of US residents reading this in the US have personally identifiable information with this company. Just minutes ago I locked down an application account because some idiot contactor (from India) disclosed the username and password in an email sent to over 100 people.

    I was forced by my supervisor to unlock the account because the application is hardcoded to require that password (same as the username).

    The application vendor is from Israel and they require the account username and password to be the same. We have requested they change this and they refuse (been over a year).

    As a result your name, telephone #, SSN address and other personal information are now more or less publically available.

    This is why the insurance is necessary.

    You could try to sue the company that played loose with your info, but good luck proving which of the many corporations with your info had the security breech.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Egat, Sep 14th, 2006 @ 12:24pm

    Re: Re: New Kinds of Insurance?!

    I'm not trying to deny the necessity of the insurance. As many articles posted on Techdirt have pointed out, there are no meaningful repercussions for a company that exposes personal data. Therefore, there is no reason for any company to make more than empty gestures towards protection of the data.

    There are more examples such as yours than I care to think about. I wish there was a system which would give you whistleblower protection for exposing practices like that to the public.

    I take issue with the implications of the article, which seem to hearld this insurance as a Good Thing. With the classic types of insurance (fire, home, flood, car, etc.), there are tangible assets which are at risk. If those assets are lost or damaged, there is a negative impact to the owner. There is a similar negative financial impact with the loss of someone's digital personal information. However, the situations differ in who benefits from the insured items. With traditional insurance, the insured gets a direct benefit from whatever the insurance policy covers. With identity theft insurance, the information only benefits a corporation, which is already making money using that information.

    Why should indivuals be required to take out insurance against irresponsible corporations?

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Sep 14th, 2006 @ 1:20pm

    I agree, this insurance is stupid. No individual should have to insure their ID against theft. This should be a corporate tax levyied against those entities that play fast and loose with our personal info.

    Of course this would just make it more attractive to relocate offshore.

    And with the government tax breaks for the most well to do corporations, it would really just get rolled into the income tax against individuals anyway.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    mroonie, Sep 14th, 2006 @ 1:29pm

    This isn't what I call insurance....

    Okay Insurance is definitely a good idea. But if my information gets lots due to no fault of my own but instead due to the fault of my ISP, my bank, my financial advisor, etc....I would NOT be willing to pay for this insurance. Medical insurance doesn't work this way. I don't pay for insurance just in case the doctors screw up, I pay for it because one day I might break my leg or get cancer. Insurance is a backup plan for when unexpected things happen. This is different than a screw-up plan.

    All in all, business just need to be held more accountable for their decisions, or should I say their inability to make good decisions. Like how long has been phishing been going and how many companies have actually done something about it? Paying for this screw-up plan is only saying "Hey! It's okay by me if you make mistakes with MY personal information."

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Mila, Sep 14th, 2006 @ 2:17pm

    AOL? go figure

    I think it's funny that now AOL is offering insurance, after the customer search data scandal and being labeled "BadWare". They haven't had a good reputation for years now, and with all the privacy concerns they're obviously trying to step up to move into a more positive light. Maybe they should invest this money into better securing the subscribers' information...

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This