Cybersecurity Myths, Digital Scams & Fraud, Online Privacy, Personal Data Protection, Scam Prevention

Episode 27: Who Should Protect Us from Digital Fraud? – What Bruce Schneier Proposes

Welcome to another episode of FamilyCyber.ie — where we share simple digital safety habits and online privacy tips for those of us who want to make life harder for the digital Voldemorts out there.

🟢 This episode is based on the original Spanish version of CiberseguridadParaFamilias.com. It’s been translated using AI so more people can access these tips in English.

🔍 What exactly is “identity theft”?

Bruce Schneier argues that the term “identity theft” is actually an oxymoron—a contradiction.

Identity is not something that can be stolen.

What really happens is identity impersonation for fraudulent purposes: a criminal pretends to be another person by using that person’s personal data.

And this is not new: impersonation fraud is an ancient crime, but with digitised information it has become much easier to commit today.

🔑 Two distinct problems, according to Schneier

The article identifies two fundamental issues:

1. Privacy of personal data

  • The more information about us that is collected and sold, the easier it is for a criminal to use it.
  • Recent incidents such as large‑scale database leaks illustrate that risk.

2. Ease of committing fraud with that data

  • Nowadays, with only a little personal information, someone can open a bank account, request a credit card, or even obtain a forged identity document.

🛑 What Schneier criticises: mis‑focused solutions

According to Schneier, most proposals to curb identity theft focus on protecting the data… …when the real problem is that systems allow transactions to be performed without adequately verifying their legitimacy.

For example:

  • It should not be so easy to open an account merely by filling out a form.
  • Users should not have to constantly monitor their accounts or credit reports themselves.

🧾 Who should be responsible?

Schneier proposes a clear solution:

Financial institutions should assume responsibility for fraudulent transactions.

Just as it already works with credit cards—where the cardholder is liable only for the first $50 and the issuer covers the rest—banks have strong economic incentives to develop effective fraud‑detection methods. And they do.

💬 An open reflection

Schneier does not propose a single technical fix. But he is clear that the key lies in incentives: if banks are held responsible, they will find ways to curb fraud.

Until that happens, the situation will remain the same.

This episode is entirely based on Bruce Schneier’s article “Mitigating Identity Theft,” published in 2005 on schneier.com. Yes, 2005—quite a few years ago—but it is still just as applicable today.

We invite you to read the full article if you wish to dive deeper.

📌 This has been another episode of FamilyCyber.ie — where we share simple digital safety habits and online privacy tips for those of us who want to make life harder for the digital Voldemorts out there.

Tags: , , , , ,