our social security number on our traintickets ?

If you are living in the US you would be falling from your chair by now or just think that this is a joke. No, this is EID land Belgium and they didn't learn anything from what has happened to the social security number in the US and all the problems that arise from that universal use as an Unique Identifier.

So on the site of our national railwaycompany they are so proud to have found the egg of columbus. They have in fact to find a way to link your electronic ticket to your Identity and have some real proof that you are the same person sitting before the controller.

They have decided to use the National Register Number (which is the same). How the privacycommission could agree to something like that is a big question because normally the privacycommission is very reluctant about the use of that number - just because it is an unique identifier. But as the privacycommission is an institution without enough money, resources and political cloud and in which you can find as advisers the same people that have to decide about their own projects (ehealth for example) you shouldn't be surprised that you can do whatever you want with our national register number. source

And so your national ID unique identifier is becoming without any legal basis or protection or overview an Unique Identifier for a lot of things and applications. This way Identitytheft is becoming nearer at an increasing speed.

For privacyadvocates it is also worrying that electronic traintickets can be identified and linked to a person. If you have problems with that, don't use electronic tickets. Less electronic is better privacy.


  • I was on a short seminar about EID in KaHo Sint Lieven in November 2008. Willem Debeuckelaere from the Privacy Commisssion had a lecture there. He said that the National Register Number was not a real problem. It only told you age and sex. He told that it wasn't such a big problem to use that as unique number. Their was the argument from the audience that if only that number is used, it could be matched to a lot of services and that you could get a real good profile of somebody. He argumented that is was illegal to do that matching. He also argumented that using the sex, postal number, birth of date and occupation does a pretty close individual matching and that almost nobody tries to protect that information.

  • While I am against the use of a global identifier - I don't believe in ID cards either - for privacy reasons, it is wrong to say that we will have the same problems as the US.

    The US problems are two-fold:
    First, they have no ID issued by the federal government which is uniform and can be used for all purposes of identification and rely on state versions.
    Second and most importantly, the Social Security Number in the US has been used as a shared secret between companies and customers/employees. The shared secret aspect of the SSN is what makes it a bad idea to publish this. In Belgium our RRN is used as unique identifier and not as a secret, thus we should not have the same problems.

    Having said all that, I do believe that the way IDs are used right now are wrong from a privacy point of view. There should be no requirement to have to ID yourself to police on their demand. I believe a federal ID card can be useful for voluntary identification (e.g. opening a bank account, etc.), but the mandatory identification requirement (which is often abused by police officers) is wrong. Mandatory identification should only be required after a court order.

The comments are closed.