Identity Theft, Privacy, and the Architecture of Vulnerability

Daniel J. Solove

George Washington University Law School

Hastings Law Journal, Vol. 54, p. 1227, 2003

missbruk av personlig information

This Article contrasts two models for understanding and protecting against privacy violations. Traditionally, privacy violations have been understood as invasive actions by particular wrongdoers who cause direct injury to victims. Victims experience embarrassment, mental distress, or harm to their reputations. Privacy is not infringed until these mental injuries materialize. Thus, the law responds when a person’s deepest secrets are exposed, reputation is tarnished, or home is invaded. Under the traditional view, privacy is an individual right, remedied at the initiative of the individual.

In this Article, Professor Solove contends the traditional model does not adequately account for many of the privacy problems arising today. These privacy problems do not consist merely of a series of isolated and discrete invasions or harms, but are systemic in nature. They cannot adequately be remedied by individual rights and remedies alone. In contrast, Professor Solove proposes a different model for understanding and protecting against these privacy problems. Developing the notion of “architecture” as used by Joel Reidenberg and Lawrence Lessig, Solove contends that many privacy problems must be understood as the product of a broader structural system which shapes the collection, dissemination, and use of personal information. Lessig and Reidenberg focus on “architectures of control,” structures that function to exercise greater dominion over individuals. Solove argues that in addition to architectures of control, we are seeing the development of “architectures of vulnerability,” which create a world where people are vulnerable to significant harm and are helpless to do anything about it.

Solove argues that protecting privacy must focus not merely on remedies and penalties but on shaping architectures. Professor Solove illustrates these points with the example of identity theft, one of the most rapidly growing types of criminal activity. Identity theft is often conceptualized under the traditional model as the product of disparate thieves and crafty criminals. The problem, however, has not been adequately conceptualized, and, as a result, enforcement efforts have been misdirected. The problem, as Solove contends, is one created by an architecture, one that creates a series of vulnerabilities. This architecture is not created by identity thieves; rather, it is exploited by them. It is an architecture of vulnerability, one where personal information is not protected with adequate security. The identity thief’s ability to so easily access and use our personal data stems from an architecture that does not provide adequate security to our personal information and that does not afford us with a sufficient degree of participation in the collection, dissemination, and use of that information. Understanding identity theft in terms of architecture reveals that it is part of a larger problem that the law has thus far ignored. Solove then discusses solutions to the identity theft problem. He engages in an extensive critique of Lynn LoPucki’s solution, which involves the creation of a public identification system. After pointing out the difficulties in LoPucki’s proposal, Solove develops an architecture that can more appropriately curtail identity theft, an architecture based on the Fair Information Practic

Keywords: identity theft, databases, architecture, privacy, Internet, identification, LoPucki, social security numbers, Fair Credit Reporting Act, credit reporting, password


Abstrakt på svenska:

Identitetsstöld, sekretess och personuppgifter i en matematisk arkitektur för sårbarhet

sveriges rikes lag

Myndigheter har för lätt tillgång till våra personuppgifter!!

Olika tjuvar och sluga brottslingar stjäl vår personliga information i databaser. Daniel J. Solove, professor i juridik vid George Washington University Law School synliggör den odemokratiska och oetiska, politiskt styrda digitala cybervärlden:

“Enligt den traditionella uppfattningen är privatlivet en individuell rättighet och åtgärdas på initiativ av den enskilde. Men med de nya teknologierna som invaderar hem, kränker privatlivet med invasiva åtgärder, och som direkt orsakar skador för offren –  finns det ingen lagstiftning som skyddar offren som erfar förnedring, förlägenhet, fysiskt och psykiskt lidande och skador på deras ryckte.
Dessa privatlivproblem består inte enbart av ett antal isolerade diskreta invasioner eller skador, utan är av systematisk karaktär.”

Sammandrag från Social Science Research Network finns här:  Identity Theft, Privacy and the Architecture of Vulnerability


” I’ve got nothing” to hide and other misunderstandings of privacy

Beskrivning av objektorienterade system med hjälp av designmönster:,d.ZWU

~ by mindcontrolinsweden on February 9, 2015.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: