Self-made Data Protection – is it Enough? Prevention and After-care of Identity Theft
The Cambridge Analytica scandal was not the first data breach that shattered users’ expectations of internet services. Many online services had similar incidents before, based on flaws in IT-security or caused by a member of the company. All of them have one thing in common: the data breach leads to a massive risk for personal data and the user’s identity. Further, the consequent damage could hardly be limited or stopped because data can be copied and shared infinitely. Therefore, preventive services for identity leaks has been created – so-called identity leak checkers. These services certainly help to protect individuals’ digital identities. However, the legal and technical aspects are rarely discussed. This article analyses these leak checking services and outlines their positive and negative aspects. Then, focussing on the negative aspects, it outlines guidelines for a revised version of an identity leak checker. Including both legal and technical aspects, this revised version would lead to “Effective Information after an Identity Theft” (EIDI) – also the name of an actual German research project with the same acronym explained in detail in the article.