General Assembly Resolution #653 “Prevention of Identity Theft” (Category: International Security; Strength: Mild) shall be struck out and rendered null and void.
Believing that while identity theft should be outlawed, it is neither necessary nor responsible to combine such a provision with a centralised database of stolen identities, such as the World Assembly Identity Database (WAID) established by Article 2 of GA#653,
Concerned that Article 2c requires that the information that people who believe themselves to be victims of identity theft submit about themselves to the WAID need only be checked “to verify their legitimacy and importance,” meaning that virtually any such information which is confirmed to be accurate may thereby be inputted into WAID, not only given its accuracy but also given that its presence in WAID is by definition of importance in “log[ging] and track[ing] stolen identities,”
Recognising that, while Articles 2a and 2d prevent unauthorised access to and leaking of information from WAID, there is nothing said about how exactly the information stored in WAID is to be secured from those not authorised to access it beyond Article 2a’s requirement that it “be kept confidential and encrypted,” without even specifying how strong this encryption is supposed to be or whether it can be cracked by an individual of reasonable technological skill,
Finding it deeply ironic that Article 2a provides that “[l]aw enforcement organizations in member states and member state governments are given full access to all of WAID’s identity data within their nation,” potentially opening up access to other people’s personal information by police officers and civil servants who may have committed identity theft in the past (or are at risk of doing so again), so long as they have done the training defined in Article 2b and are not banned from accessing WAID through Article 2d,
Concluding that, as a consequence of this, a treasure trove of information about virtually anyone who has volunteered their personal information to WAID can be freely accessed, and even shared on non-secure platforms, by any unauthorised person who can crack the encryption or indeed any authorised person who is willing to potentially lose their access to WAID, potentially resulting in the undesired outcome of these stolen identities being available to use for identity theft in perpetuity,
Further questioning the wisdom of simply allowing anyone to submit their personal information to WAID who believes, at the point of such submission, that they have suffered from identity theft, not only because WAID may well be protected by inadequate encryption and not only because it may later be proven beyond a doubt that such information was not used for identity theft, but also because there is no mechanism whatsoever by which personal information may be removed from WAID, and
Encouraging the passage of future international law which focuses on precluding identity theft without introducing an unwieldy and potentially vulnerable WA mechanism to combat the issue…
The General Assembly hereby repeals GA#653 “Prevention of Identity Theft.”