So, T-Mobile have been caught out... And actually, you know what? I am actually quite glad this story has come to light as for some time now I've been arguing that businesses and consumers alike need to wake up to the fact that personal identity information is a hugely valuable commodity. Every time we hand over our personal details to a busienss or other "unknown" we should be questioning a) why they need the information at all, b) what they will then do with it and finally, c) how they will keep it safe.
Whether the information is available through a computer system, written on an application or survey form or even photocopied from core identity documents and then stored in some warehouse somewhere, we should all be asking what will happen with it - and who else will have access to it?
What the T Mobile case may well do is make consumers aware of the actual cost in pounds and pence of the information they hand over to businesses and govt institutions on a daily basis. A report last year by Symantec revealed that sensitive information about a credit card and its holder can cost a minimum of $6 U.S. up to a maximum of $30 U.S. And email addresses are the third most sold item on the online black market.
This could in fact put more control into the consumers’ hands – but with that comes responsibility. We have long argued that if the asset we know as “identity” is properly valued, businesses will be much more careful about who can see what, who has access to which parts of the customer database (and why) and ultimately being able to justify any usage to the regulators or the customer himself. Good identity management practice has to become the goal for every business. Only in this way can we stop the increasingly lucrative trade in personal identity information
Just maybe .... the T Mobile theft will turn out to be the best thing to happen in the world of identity for a very long time!