Sunday, October 29, 2006

Curing data libels by poisoning the well

Our alleged sins and misdemeanors are widely available; worse yet, some of the sins are untrue. (Schneier on Security). Banks, airlines, marketers and Homeland Security don't care about the untruths -- as long as they are not too widespread. A few casualties can be ignored.

There is little hope of rescue from government, our rulers are hopelessly corrupt. Is there a way out?

There may be lessons in the techniques of spammers. They are increasingly adept at "poisoning the well"; feeding spam detectors messages that reduce their specificity. The spam detectors begin rejecting too many non-spam messages. The only quick fix is to make the detectors less sensitive, so more spam slips through.

Imagine if a group of mercenary black hats were to insert vast amounts of false data into huge numbers of credit records. If the error rate becomes too high, the information becomes worthless. There are then two options; either the industry gives up on reputation management (unlikely) or they invest in ensuring information is correct and verified. Either option is better than the current situation.

No comments: