You Want Privacy? Get a Shredder
By: Valerie Steeves
February 8, 2005
Last year, I was at a government meeting about the rising incidence of identity theft. Everyone agreed that it was a problem, and that swift action was called for. The action that was suggested was a public education campaign to “teach” Canadians that we all need to go out a buy a shredder. After all, all those pre-approved credit card application forms we receive in the mail are a menace to our privacy and it’s our responsibility to protect ourselves.
Feeling tired yet? I have to “protect my privacy” every time I go to the drug store and get asked, for the zillionth time, “Are you a member?” Not only do I have to take the bath and pay the extra money built into the price to cover all those “discounts” that go to card-carrying customers, I have to spend at least 2 minutes explaining why I don’t want to join - every time I fill a prescription. Then there were the two hours I spent trying to book the local gym club for my daughter’s birthday party because I refused to provide them with her full name, school, hobbies and birth date. My favourite part of that memory was when the booking clerk told me that privacy laws required me to provide this information because they weren’t going to share it with anyone. Now my mailbox has become a privacy menace, that can only be countered with a $50 shredder. Zena the Warrior Princess, move over.
Protecting my privacy is becoming a full time job. And that’s because I’m surrounded by organizations that want access to the intimate details of my private life. And fair information practices haven’t stemmed the flood. In fact, I argue that they’ve opened the floodgates by legitimizing the ubiquitous collection of personal information. But that’s not what I want to talk about today. I want to pick up on something that Hilary posted last month about metaphors of privacy and security.
That meeting last year struck me as odd because of the way policy makers were talking about identity theft. The “metaphor” was one of a new, threatening form of criminality that created such an intimate violation - the loss of self - that it justified invasive measures such as giving the police the power to search through credit rating reports without a warrant, and embedding biometric identifiers into the equivalent of a national identity card that would be required to transact business. The logic was that if people are under seamless surveillance in which anonymity is not possible, the state can then, and only then, bring this new criminal scourge under control.
But identity theft isn’t new - people have been committing the crimes of fraud, personation, and forgery for millenia. So what’s so “new” about identity theft? It isn’t the crime - it’s the opportunity. Corporate and government information practices are providing criminals with whole new pools of data that can be used to commit fraud. Social Insurance numbers are increasingly printed on loan applications, credit reports and employee documents. Health data flows from some doctors’ offices to multi-million dollar pharmaceutical companies. My VISA company profiles my every purchase, and my bank wants to “know me better” so they can “serve me better”. On bleaker days, I think they mean serving me for dinner.
In this environment, the metaphor of identity theft isn’t helpful precisely because it implies the only problem is the thieves, and not the information practices that put the individual at risk of being victimized. We don’t need shredders. We need policies that will make companies responsible for practices that facilitate fraud, like sending me a pre-approved credit application in the mail so anyone can open up an account in my name. Greater surveillance may promote a technocratic agenda, but it won’t protect me from identity theft. To do that, we need to reinvigorate the right to transact business anonymously.