Mandate cryptographically secure ID by credit bureaus, in light of Equifax data breach
This petition had 670 supporters
Because of data breaches like the recent Equifax data theft that leaves almost half the country vulnerable to identity theft, it's apparent that traditional proof of identity like social security numbers can no longer be relied upon. As long as consumers are required to provide this information, it will never be safe. The data breaches prove we cannot rely on any organization, private or government, to keep private information secure.
For credit-making decisions, the government must issue new IDs. These IDs will never be shared. Instead, credit bureaus will use the cryptographic hashes of the IDs for proof. A cryptographic hash cannot be reversed, therefore any theft of stored hashes will not compromise the ID. Any situation requiring a new ID would require an extensive check with many different factors to ensure identity.
Additionally, the government must ensure that the liability burden of identity theft never falls on the victims. Credit-worthiness must be restored quickly with no cost being passed to the identity theft victim. It is only through incentivizing the credit bureaus with liability that will cause them to take appropriate safeguards and immediately report any breaches.
Today: Christopher is counting on you
Christopher Easton needs your help with “Federal Trade Commission: Mandate cryptographically secure ID by credit bureaus, in light of Equifax data breach”. Join Christopher and 669 supporters today.