Document Type


Publication Date



This paper builds on the theory of human identification proposed by Professor Roger Clarke and uses the product as the basis for a proposed solution to the identity theft problem. The expanded theory holds that all human identification fits a single model. The identifior matches the characteristics of a person observed in a first observation with the characteristics of a person observed in a second observation to determine whether they are the same person. From the theory it follows that a characteristic used for identification in the credit reporting system, such as social security number, mother's maiden name and date of birth, must be known to all entities participating in that system. Because those characteristics - and any substitute for them - must be distributed so widely, it is unrealistic to think they can at the same time remain secret. Hence the current efforts to curb identity theft by keeping personal information secret are doomed to failure. As an alternative solution to the identity theft problem, this paper proposes a system by which persons concerned about identity theft can register their identities through a government agency that will make their names, social security numbers, and non-sensitive contact information publicly available on an open-access website. Credit grantors and credit reporting agencies would have the option to contact the registrant to verify that he or she is in fact the credit applicant. Creditors who opted to use the system to identify a borrower would retain their current exemption from legal liability for misidentification. Those who did not would be liable for misidentification under common law principles, including theories of defamation, invasion of privacy, and negligence. In cases in which credit grantors and credit reporting agencies used the system, the effect would be to give the individual person control over the process of his or her own identification in credit transactions, with no meaningful loss of privacy.

Included in

Privacy Law Commons