and again… and numerous times more.
In the Norwegian newspaper, Aftenposten, one can read about Malin who were told that her name had been used for selling viagra, cars etc. through emails (also known as spam). “This is the easiest form of id theft” states Christian Meyer, senior advisor at NORSIS and suggest there may be a need for a national ID center for dealing with issues related to identity.
I have experienced that not only my name, but my domain (klungvik.com) has been used for spam and there’s not a damn thing I can do about it. It’s the hazard I take by (just existing as a human being and) having an online presence with full credentials. I even once experienced that an obscure US law firm sent me a warning and letting me know that I was banned from their services. A warning I easily ignored since I don’t think I ever will use them, and because they revealed their technical ignorance just by sending me a warning.
Sending spam is easy if one looks at how it’s done technically. Forging email identity is really easy and I don’t think there’s much a national ID center can do about it. What makes spam and online forging of ID even more difficult is that it usually spans country borders – it’s an international problem.
It’s far worse if one’s identity have been used for making loans, purchasing goods etc. My current house loan I managed to get without ever showing up at the bank. All they wanted was a copy of my passport and a signature, and it was all done through the phone and postal system. They never saw me in person. A copy of my passport, and anybody can take up a loan on my behalf.
Stealing credit card details are also easy if one person have tried to purchase goods at the wrong website (and how anybody dare buying goods from spam is beyond my understanding). But all it requires is to cancel ones credit card and order a new one.
A national center for dealing with these kinds of issues can be a good idea and not only for electronic reasons. A national center can be used for dealing with issues related to immigrants that gives wrong name or deny telling their identity at our borders.
But couldn’t online id theft be managed by The Data Inspectorate (datatilsynet), and immigrants managed by The Ministry of Foreign Affairs (UD)? They certainly have the knowledge and resources needed. May be what we need isn’t a new national center (which we have for every thinkable issue anyway), but expanding the area of responsibility of existing agencies. Or may be NORSIS wants to do this themselves?