The Panama Paradox

Who's Who?

The Panama Papers have been all the rage since they were publicized...& the full document collection isn't even available in the public domain yet. While some are starry-eyed about the almost infinite number of talk shows & opinion articles this means & others are lunging for their lawyer's phone number, there is one point that is getting very little attention even though it is probably the most important issue for the common man: Identity theft.

According to the media, several thousand people have had their identities stolen for the purpose of "legitimizing" various shell corporations created to launder or conceal the assets of Mossack Fonseca clientèle. While it is likely to be months before the facts are analyzed thoroughly & the confusion cleared up, it has made the global middle-class community somewhat uncomfortable, because in today's day, everyone is compelled to share personal information with literally hundreds of complete strangers scattered across dozens of countries.

Here Today, Gone Tomorrow

Case in point: The British Council is a British organization that specializes in international educational & cultural opportunities. In Pakistan, it is the sole source of British educational degrees & reportedly makes a handsome annual revenue from the fees for 'O' & 'A' Level examinations held in Pakistan alone.

But there is another side to it. The popularity of its educational programs means that every year, hundreds of thousands of Pakistani citizens from practically every financial & social demographic pour out almost an entire autobiography while filling out the forms required to register for British Council examinations, scholarships & competitions. Name, age, gender, address, identification document copies, etc. The whole 9 yards.

While the exact details are never furnished to the candidates, it is assumed that such extremely sensitive data is stored in a computer database somewhere in Merry Old England, under the care of a bunch of dedicated computer technicians. The general idea is that "it is in good hands".

But what if it isn't? What if it were to be stolen? Hackers are in the international headlines practically every day. They are so serious a menace that even a computer-savvy country like the United States claims to be tripping over itself, trying to find a fool-proof way to prevent hackers from penetrating US databases...generally from the comfort of their US homes. No wonder, according to the media, the Defense Advanced Research Projects Agency (DARPA) has reportedly announced that its latest project will be to create a 100% unbreakable computer code with which to protect sensitive information.

Getting back to the British Council illustration, personal information in the United Kingdom is covered by the Data Protection Act 1998 of which Part I, Section 5, Subsection 3 covers the entities that are entitled to protection (full text available at http://www.legislation.gov.uk/ukpga/1998/29):

(3) For the purposes of subsections (1) & (2), each of the following is to be treated as established in the United Kingdom -

(a) an individual who is ordinarily resident in the United Kingdom,

(b) a body incorporated under the law of, or of any part of, the United Kingdom,

(c) a partnership or other unincorporated association formed under the law of any part of the United Kingdom, &

(d) any person who does not fall within paragraph (a), (b) or (c) but maintains in the United Kingdom -

        (i) an office, branch or agency through which he carries on any activity, or

        (ii) a regular practice;

    & the reference to establishment in any other EEA State has a corresponding meaning.

Taking the case of a first-class Pakistani citizen who has neither ever gone abroad nor owns any assets abroad, but has taken examinations administered by, for example the British Council, does the aforementioned Act provide protection to him or her against the theft of personal information stored in or by the United Kingdom?

Clarifying The Central Concept

Investopedia (investopedia.com) explains identity theft as follows:

What is 'Identity Theft'

Identity theft is the crime of obtaining the personal or financial information of another person for the sole purpose of assuming that person's name or identity in order to make transactions or purchases.

BREAKING DOWN 'Identity Theft'

Identity theft is committed many different ways. Some identity thieves sift through trash bins looking for bank account & credit card statements; other more high-tech methods involve accessing corporate databases to steal lists of customer information. Once they have the information they are looking for, identity thieves can ruin a person's credit rating & the standing of other personal information. Many types of identity theft can be prevented. One way is to continually check the accuracy of personal documents & promptly deal with any discrepancies.