People, Parts, Provenance
Things lie on their resumes, just as employees do.
Dateline: New York, 2nd November 2023.
Well, this is ironic (and not just merely annoying, like rain on your wedding day). Marianna Spring, the BBC’s first disinformation correspondent, has been called out for embellishing the truth on her resume while applying for a job a few years ago. Is that really disinformation though? I mean, come on, we’ve all jazzed up our capabilities on a resume haven’t we? It’s the normal course of human affairs, candidates lying to their prospective employer just like hiring managers lying to the candidates that they are interviewing. Maybe that’s about to end though, as continuous real-time online reputation management becomes the norm and the provenance of people (as well as things) becomes public, unforgeable and immutable.
People And Provenance
Given that candidate fraud has pretty much doubled since the pandemic (and that a fifth of job hunters cheat on tests), recruitment clearly has some challenges. Since it’s been years since I actually interviewed a candidate, I can’t say what the modern approach to this sort of thing is. If I were hiring someone tomorrow, I’d probably look at their LinkedIn profile rather than their resume, since I would have thought it much more difficult and risky to adjust your LinkedIn profile to show your years as Elon Musk’s right-hand man than to add a bit of embellishment to your Google Docs resume. Although it seems there’s a lot of tweaking there too. While LinkedIn estimates that only 15-20% of candidates are dishonest in the way they present themselves, which I am sure must be on the low side, the need to create some infrastructure around employment credentials would seem obvious.
(Actually LinkedIn are making some efforts to clean things up with new verification features that enable users to authenticate aspects of their identities and job histories. Users will now have a few different options to verify their identity and current jobs on LinkedIn, options which presumably will at least hamper miscreants making fake profiles.)
The verification of employment history and educational achievements (as discussed here recently) is not just about dampening down some resume hype, because LinkedIn is not only used by recruiters and candidates. To highlight one recent case of note, a Chinese spy is alleged to have used LinkedIn to contact thousands of British officials and lure them into handing over state secrets on the British secret services over a period of five years.
(The most prominent used was Robin Zhang, so you might want to check your network).
Things, just like people, have resumes. Is your engagement ring from a blood diamond? Is your Rolex real or a far Eastern knock off? Is your date wearing new clothes? Is the engine on the jet you are on fitted with genuine tested and certified parts? Wait, what…
That jet engine example isn’t made up for rhetorical purposes. It just happened when European regulators discovered that a London-based company, AOG Technics Ltd., supplied fake parts for jet engines powering many older-generation Airbus A320 and Boeing 737 planes. The company was almost immediately hit by a lawsuit from an engine manufacturer which revealed that falsely certified components were fitted to 68 of its engines. In fact according to the European Union Aviation Safety Agency, many "Authorised Release Certificates" from the company were forged and the legitimate manufacturers have confirmed they did not produce these fake certificates or parts.
This is serious stuff. A number of airlines, including Delta, have found these parts already installed on some of their planes.
Uh oh.
But that’s only the beginning of the story. The LinkedIn profile of AOG Technics chief commercial officer appears wholly bogus. His profile picture turns out to be a stock photo that's used elsewhere on the web and his former employers have never heard of him. Not only were the parts fake, the people were too!
Person
How can fake companies, fake officers and fake parts exist in a world in which digital signatures, verified credentials and tamper-resistant hardware exist? It should be impossible for company A to fake a certificate from company B because company A has no access to company B’s private key. It should be impossible for LinkedIn to list a non-existent person but it should demand an IS-A-PERSON credential. It should be impossible for a fake part to usurp the provenance of a genuine part because the provenance is recorded in an immutable ledger. You get the picture.
Now, I’m not suggesting that we need to know everything about that CCO to do business with the company. As in many other cases, it may be enough to know that a social media profile belongs to a human — this could solve most of the problems that Mr. Musk complains about on Twitter — or have some very basic information about the person, such as country of residence.
Provenance And Privacy
That does not mean that people have to share all of their personal information with everyone! As Michael Miebach, the Mastercard CEO, pointed out in the Harvard Business Review recently, the proper use of technology means that ID verification can be used to increase privacy, not take it away. He illustrates the point with the canonical example that if someone needed to confirm their age to buy alcohol, they wouldn’t need to share all the information on a typical driver’s license — name, age, address, photo. Using appropriate and well-designed digital identity infrastructure, confirmation would exist as a simple yes or no question — is this person older than 21 or not? And that’s the only information someone would need to share: not the data (a date of birth) but the relevant credential (IS-OVER-21), not to mention IS-GENUINE-PART or WAS-EMPLOYED-BY-MASTERCARD or whatever might be need to enable a transaction.
with kind permission of Helen Holmes (CC-BY-ND 4.0)
Everywhere you look, the lack of an infrastructure for digital identification, authentication and authorisation is the source of chaos, confusion and crime. Some of the time it’s people stealing pictures of chimpanzees with sunglasses on from cryptobros and we can all chuckle at that. Some of the time it’s horses going into the grinder instead of cows and we all survive. But sometimes it's parts for jet engines for airplanes, and that might not be so funny. Whether we are dealing with people, things or bots in all cases, society needs digital identity to protect it from the fraudsters and fakers. And it needs it now.
Are you looking for:
A speaker/moderator for your online or in person event?
Written content or contribution for your publication?
A trusted advisor for your company’s board?
Some comment on the latest digital financial services news/media?