Trust: miiCard foresees a new world
in which you can "grant access to your spouse ...
with a simple touch on a screen"
That was the Guardian, last week, 23 April 2013. Very unpleasant.
AP Twitter hack causes panic on Wall Street and sends Dow plunging
Wall Street collided with social media on Tuesday, when a false tweet from a trusted news organization sent the US stock market into freefall.
The 143-point fall in the Dow Jones industrial average came after hackers sent a message from the Twitter feed of the Associated Press, saying the White House had been hit by two explosions and that Barack Obama was injured. The fake tweet, which was immediately corrected by Associated Press employees, caused a sensation on Twitter and in the stock market ...
Traders are paid to respond quickly and they did – "the market recovered within a few minutes".
That time, the hackers caused a few minutes of panic. Next time it will be a few seconds. People are beginning to understand that hacking is very hard to protect against. And that information has to be checked before we decide that it's a fact. Even if it appears to come from a trusted source like AP. Because it may not be them operating the AP Twitter feed, it may be hackers, as it was in this case.
Six days later, a lot slower than the traders, enter the marketing men:
It's not as though the individual sentences make much sense in the copy above but you get the drift.
TRUST BREAKDOWN - WHY WE NEED TO OWN OUR ONLINE IDENTITIES
Posted on April 29th 2013
By: James Varga
... People, businesses, and governments need to be more proactive about creating and then managing trust online so that we can both prevent things like this from happening, and also turn on the possibility for a new future where completely new products and services are available online because we can trust one another. Imagine being able to access your medical records online, grant access to your spouse, and then send them to another doctor for a second opinion – all with a simple touch on a screen. It can happen if we build the trust frameworks necessary to both secure and manage those identities involved ...
It may help to tell you that Mr Varga is the chief executive officer of miiCard, a company which claims to provide "the only way to prove you are who you say you are purely online". (Apart from all the other companies making the same claim, you will no doubt wish to add.)
You know what's coming:
"Eliminate the possibility of fraud, hacks, or even more dire scenarios" – eliminate?
Our own identity service is working closely with the White House driven initiative in the US, efforts in the UK, and a number of private coalitions – including The Respect Network – to help accelerate this process and deliver online trust today. But to be effective, this will also take a commitment by users and businesses and organizations to embrace the concept and make it standard practice. Only when everyone commits to owning their online identity, can we truly build trust online and eliminate the possibility of fraud, hacks, or even more dire scenarios.
That's a tall order. Even James McCormick, who was sent down for 10 years yesterday, might have trouble pitching that line.
Before you subscribe to the miiCard service in the hope of eliminating fraud, hacks or even more dire consequences from your life, do take a look at the terms and conditions. "We will use reasonable endeavours to provide alerts in a timely manner with accurate information", they say at clause 9, very good of them, "however, we neither guarantee the delivery nor the accuracy of the content of any alert". Oh.
And then they start shouting:
and they go on:
THE CONTENT AND ALL SERVICES AND PRODUCTS ASSOCIATED WITH THE SERVICE OR PROVIDED THROUGH THE SERVICE ARE PROVIDED TO YOU ON AN “AS-IS” AND “AS AVAILABLE” BASIS. WE MAKE NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, AS TO THE CONTENT OR OPERATION OF THE SERVICE. YOU EXPRESSLY AGREE THAT YOUR USE OF THE SERVICE IS AT YOUR SOLE RISK.
WE MAKE NO REPRESENTATIONS, WARRANTIES OR GUARANTEES, EXPRESS OR IMPLIED, REGARDING THE ACCURACY, RELIABILITY OR COMPLETENESS OF THE CONTENT OF THE SERVICE, AND EXPRESSLY DISCLAIM ANY WARRANTIES OF NON-INFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE. WE MAKE NO REPRESENTATION, WARRANTY OR GUARANTEE THAT THE CONTENT THAT MAY BE AVAILABLE THROUGH THE SERVICE IS FREE OF INFECTION FROM ANY VIRUSES ...
The Ts and Cs don't sound nearly as confident as Mr Varga's article, do they. In fact, there's a bit of a "trust breakdown" in the proceedings now, and it only gets worse if you move on to read the miiCard documents on:
WE SHALL NOT BE RESPONSIBLE OR LIABLE TO YOU OR TO ANY THIRD PARTY, WHETHER IN CONTRACT, WARRANTY, DELICT OR TORT (INCLUDING NEGLIGENCE) OR OTHERWISE, FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, EXEMPLARY, LIQUIDATED DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFIT, REVENUE OR BUSINESS, ARISING IN WHOLE OR IN PART FROM YOUR ACCESS TO THE SERVICE ...
- security – to subscribe to miiCard you have to store your bank account details with Yodlee, a company you may or may not have heard of.
- and privacy – miiCard promise to keep your data confidential unless they can't.