Identity Slippage, and what’s the weirdest thing you’ve been e-mailed by accident?Posted: January 26, 2012 | Author: Hilary Mason | Filed under: blog | 31 Comments »
I have an old, short, and concise gmail address (my first initial and last name at gmail.com). There are many other hmasons in the world who have since signed up for gmail, with variations on the “hmason” theme. Every so often, they mistype the address, or someone mishears it. I now receive between four and ten pieces of e-mail per week meant for other hmasons. This was pretty amusing until someone opened an amazon account on that address (which I had to shut down). Poor Holly has never seen a single Citibank credit card statement (and Citibank won’t remove the e-mail address from the account when I call, since I’m not the account holder). Heidi hasn’t linked her Paypal account to her bank account, but I’m waiting for someone to send her money.
This sort of unwitting misattribution results in an identity slippage that could actually have some fairly interesting consequences. We’ve settled on e-mail as a unique identifier across platforms, but we increasingly cannot rely on that assumption.
I saw Chris Adam‘s comment on Twitter this morning and can’t agree more — it should become standard practice to confirm an e-mail address before sending personally identifiable or sensitive data. Now, please.