I have three different companies watching my cyber security and identity.
The Federal Government had a massive data leak. My data was in that leak, because someone used me as a reference when applying for secret clearance. So a hacker got into the federal government's database, got my data, and now the federal government is paying a cyber security company to keep an eye on my identity.
While working for a big tech company, my insurance company had their records stolen. My records were some of those records that were stolen. That insurance company is paying for another cyber security company to keep an eye on my credit and personal information and make sure they are not being used by nefarious nogoodniks.
I don't really use credit, but I do keep one big-name credit card in my wallet and charge a couple things to it every month, just to keep my credit rating alive and show some activity. A huge data breach included my information, and to help those of us "harmed" by this breach, the big name credit card company is paying a third cyber security company to keep an eye on my personal information and credit details to make sure my data doesn't get used in bad ways.
This is not a solution.
This is putting fingers into the face of a rapidly cracking dam, and hoping to hold back the trillions of gallons of water pushing from the other side.
As long as this data is tasty and transferrable, there will be a market for it. So hackers will find ways into systems run by overworked, tired, and not-up-to-date system administrators.
Someone needs to make consumer data non-transferrable. Everyone has a single unique PGP id, or something, that identifies the account, without identifying the individual.
That one layer of abstraction is all it would take to make the data unpalatable and therefore useless to hack.
Already solved in Estonia with similar mechanisms you are describing. Nobody even needs to pick up a pen to sign a document, and it's more secure than pretending your handwritten signature matters in the slightest. The problem with all reforms in the US is that they can be quashed with a single argument: it will remove jobs. For some reason this will get anyone to vote against a law. Doing such a thing will remove handwriting expert jobs, identity fraud companies, tax preparation organizations (TurboTax and the like), etc, etc, etc. The economic impact would be "disastrous", as would be argued in front of Congress, then boom law is gone.
Estonia has been my fave for many many years now. After the Berlin Wall came down, they got right down to business and modernized everything. They really have the tech side of things nailed. Of course, when you are a country of 1.2m people, it is a whole lot easier to get everyone on the same page. But they are a model that MANY other countries could learn a LOT from.
Here are a couple of places to start:
This is amazing. Closest thing I've ever seen to technocracy in the real world. And here I am, making fictional worlds, where seeming science fiction lives on and people embrace it as a fact of life. Amazing. Thanks for sharing the articles. I would've never known, given Russia's biased opinion of the Baltic states.
What makes the data useless to hack is it's largely bullshit. I, too, had three different companies monitoring my identity because three large organizations screwed the pooch. Guess what? not one of them discovered that I moved. The other thing that makes stuff work is the fact that consumers need 100% trust in the system or they won't use it, which means the banks and credit cards will bend over backwards to keep confidence up. That puts the onus on improved security on the guys charging 2.7% on every charge. And I think they, too, know that paying for useless credit monitoring for every man, woman and child with a social security number is no system, either. obviously everyone should rely on cryptocurrency so we've got all that and software bugs too
I don't think any of these cyber security companies "monitoring" my data are actually doing anything at all. I expect they all have the same postal address in Delaware, that is a drop box in the back of a strip mall, and they have 5 employees, none of who have ever met each other. Cyber security companies are total scams. Complete BS.