Introduction and summary
A byproduct of improved information technology has been a loss of privacy. Personal information that was once confined to dusty archives can now be readily obtained from proprietary data services, or it may be freely available (and, as Facebook users know, often voluntarily provided and accessible) through the Internet. While the increased collection and dissemination of personal data have undoubtedly provided economic benefits, they have also diminished people's sense of privacy and, in some cases, given rise to new types of crime.
Is this loss of privacy good or bad? Press accounts repeatedly argue the latter: Too much data are being collected in ways that are too easy for criminals to access. (1) But in a thought-provoking essay, Swire (2003) argues that a meaningful answer to this question requires some notion of efficient confidentiality of personal data--that is, of a degree of privacy that properly balances the costs and benefits of our newfound loss of anonymity. In this article, we explore the concept of efficient confidentiality, using some ideas from economic theory.
Loss of privacy: The costs are large and easy to find
The most dramatic consequence of the increased availability of personal information has been the emergence of a new form of payment fraud, identity theft. The 1998 U.S. Identity Theft and Assumption Deterrence Act (ITADA) defines identity theft as the knowing transfer, possession, or usage of any name or number that identifies another person, with the intent of committing or aiding or abetting a crime. Traditional varieties of identity theft, such as check forgery, have long flourished, but over the last decade, identity theft has become a major category of crime and a significant policy issue. (2)
Identity theft takes many guises, but it is divided into two general categories: existing account fraud and new account fraud. Existing account fraud occurs when a thief uses an existing credit card or similar account information to illicitly obtain money or goods. New account fraud (traditionally) occurs when a thief makes use of another individual's personal information to open one or more new accounts in the victim's name. Both types of identity theft depend on easy access to other people's data.
Today, identity theft is big business. A study conducted by the Federal Trade Commission (FTC), encompassing both new account fraud and existing account fraud, indicates that in 2006 identity thieves stole about $49.3 billion from U.S. consumers. (3) When the time and out-of-pocket costs incurred to resolve the crime are added in, identity theft cost U.S. consumers $61 billion in 2006 (Schreft, 2007). Even this is a conservative estimate, however, as it omits certain categories of identity theft and some types of costs that are not generally known to consumers. For example, an increasingly prevalent type of identity theft is fictitious or synthetic identity fraud, in which a thief combines information taken from a variety of sources to open accounts in the name of a new fictitious identity (Cheney, 2005; and Coggeshall, 2007). There is no single victim, in contrast to traditional types of identity theft, but retailers and ultimately consumers end up bearing the cost.
Much of the data used in identity theft is obtained through low-tech channels. In consumer surveys, victims who know how their identifying information was stolen commonly attribute identity theft to stolen wallets or mail or to personal acquaintance with the identity thief(Kim, 2008). In these same surveys, however, the large majority of identity theft victims are unable to pinpoint how the thief obtained their data. Available evidence suggests that much of these data are obtained through illicit access (called "breaches") of commercial or government databases.
Statistics on data breaches are available from information security websites, such as Attrition. …