Hacker News new | past | comments | ask | show | jobs | submit login

> The problem with the phrase "identity theft" is that it puts the onus of security onto the consumer to secure their personal details instead of onto the bank/telcos/etc to secure their systems.

And it's really even worse than that, as you are assigned blame for something that the party blaming you is itself forcing you to do. Like, they won't open an account for you unless you tell them your SSN, but then they blame you if you don't keep your SSN secret.

It's reasonable to some degree to expect that you keep your password secret. It's a different thing altogether to take information that is unavoidably known to lots of parties, or in many cases even outright essentially public info (like, stuff you can just buy as a database) as proof of identity, and then insist that you are legally responsible for a contract or whatever they made with someone who knew your DOB or something.

It's really not much different than just throwing darts at a phone book, and then pretending that the fact they hit your name proves that you now have a contract with them ... no, it doesn't, and it's your fucking problem if you think it does.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact