Informed Consent for Identity Verification is Changing The Face of Privacy

Opinion

Identity is what makes us human. It’s how we shop, travel, and vote. It allows us to recognize one another and navigate both the physical and digital worlds.

Today, both of those worlds are simultaneously expanding and contracting. We used to be confined to a 10-mile radius, then it grew to 100 miles, then 1,000 miles. Now, we have easy and immediate access to any place (or person) on the planet. We’re all venturing further from our immediate surroundings, and every interaction we have with others makes the world a little bit smaller, and it opens us to a wider variety of experiences. Today, we’re all connected in ways that our grandparents never could have imagined.

However, this interconnectivity comes with its own set of challenges and perils.

Individuals no longer have control over their personal information. The more information we share, the less we control it. Once we release our data out onto the Wild West of the World Wide Web, we no longer decide (or even know) who sees, distributes, or profits from it. This can lead to enraging situations where companies sell user data for their own benefit, or incidents that expose our data in ways that are downright dangerous, given the way we use that data to prove who we are.

Fraudsters need only a bit of personal information to impersonate victims. Signing into important online accounts requires but a small amount of personal data, be it a pet’s name, maiden name, address, or anything else. Currently, when users use this information to access an account, the company stores the data, taking it out of the hands of those users and leaving it vulnerable to attacks and mismanagement.

This kind of loss of control over identity spells a loss of access to the world, both online and in person.

But as the Internet matures, consent laws are finally finding ways to cover consumers in a meaningful way. In light of recent events — data hacks at large companies like Facebook, Marriott, Quora or Google — regulation is expanding. The EU’s General Data Privacy Regulation (GDPR) went into effect last May, protecting European users’ data, and California’s AB 375 allows users to know who has access to their information. With these new consumer protections, companies are required to obtain explicit consent before distributing data.

At Civic, we strive to give every person on the planet greater control over his or her digital identity. Each user’s data is stored on that user’s device and only on that user’s device, keeping third-parties out of the equation and thus ensuring that they never mishandle data. This way, you can be 100 percent sure that your data never falls into the wrong hands.