As you will see in the article “Urban legend phenomenon strikes our hotel keys,” a widespread warning regarding credit card numbers stored on hotel key cards is sweeping the Internet. While completely without merit, the situation highlights a very valid issue that impacts all members of the identification technology community.
To spread, an urban legend must capitalize on real fears existing in the population. Fears of physical harm foster the growth of urban legends such as the ‘headlight murderers’ or the ‘kidney bandits.’ Similarly, a fear of personal privacy invasion and identity theft is fostering legends such as the hotel key threat.
This myth is spreading quickly because of the very real fear of identity theft that has taken hold. People are leery of identification and credentialing technologies. Why? I believe there are a number of reasons.
- People are bombarded with stories and warnings regarding identity theft
- Identity theft requires the theft of personal information, information that by its very nature is often a part of the identification systems
- ID cards are issued by figures or bodies of authority and many modern societies have forged a general distrust for authority and governance
- Typically ID cards are distributed not via choice, but via mandate
Further, as new technologies are added to cards the individual is forced to trust the issuer to an even greater extent. In the early days, the cardholder could see the personal data printed on the card. Today, barcodes, mag stripes, and computer chips contain data that the cardholder cannot see or even read on his own. He must trust that the card issuer is looking out for his interests. Add the Orwellian implications of biometrics and data transmitted via radio waves and the suspicion multiplies.
So what can be done? What are the lessons of the new urban legends and the rising mistrust of ID systems? For campus card programs, the best defense may be a good offense. Be proactive in telling your constituents just what information is stored on their card. Promote your privacy policies and use federally-mandated privacy controls along with campus-initiated privacy policies to ease concerns. Don’t make the mistake of thinking that by saying nothing you are avoiding the concern. It is already rampant in the general population and college students are no exception.
Chris Corum, Editor, [email protected]