In addition to my 22 years in the ski industry, the past 6 years I have made a career in personal Identity Theft protection and corporate ID Theft risk mitigation.  In the past few years we have seen a dramatic increase of corporate initiatives which utilize personal usage tracking and social media integration, and we find this to be alarming.

We have found that ID protection begins with a company focus of helping customer/consumer/user educate themselves to the risks. With proper user awareness initiatives incorporating RFID, social media, and customer usage can be a relatively safe, fun, and useful. Unfortunately marketing programs such as “Broomfield Resort’s” Epicmix creates serious concerns, and their reckless promotion of the program is what we find alarming. We don’t believe that the these companies can or should police themselves.

The purpose of this post is to let you know about the “Database You”, and how it has been created without your knowledge or permission.  Before I expand on the topic, be aware of the language spewed from PR departments to make you overlook the obvious.

Here are a few notable Privacy Breaches:

CBS News resports on Facebook –

General Breach

sexual orientation

December 31, 2011 Summit Daily Article –

Epicmix has users wanting more

In the case of Epicmix and your usage tracking, rather than informing its users of safe online practices, VR’s company policy has been to tell the users that there are “no privacy concerns”. The are mostly likely referencing their data handling policies and having them fall within their “Privacy Policy”. This stance is disingenuous at the very least as it is self-serving for the corporation which permits open usage data sharing with its partners. It is potentially damaging to the end user as data aggregation services using “public” and “user-shared” data continue to proliferate. When a user submits their “accomplishments” on social media sites such as Facebook and Twitter the data is now in the public domain ready to be data-mined. And as this “Public” information is merged with “private” database information which can be acquired through “affiliate or partner” agreements, comprehensive Heuristic Models are created and used by companies which maintain these models. Perhaps you are aware of this, and you are “OK” with it. And that is fine. But if you are not good with this, then you can email VR – comments@vailresorts.com and ask NOT to have your data shared with their Partners.

Your data is out there. It happens globally.

You may not have heard of:    The Database You – 2006 Database you.ppt

You may download and keep the “Database You” attachment. I created these slides in 2006 for presentation around the US. Since that time we have seen the advent of Facebook and other social media sites in which an incredible amount of information is freely given, this has filled in the blanks for the database of “YOU”.

For a simple example of the Database You, go to www.Spokeo.com a new online USA phone book w/personal info: pics you’ve posted on FB or web, your approx credit score, home value, income, age, etc. You can remove yourself! Search for yourself on their site (don’t buy the access) , copy that URL of your page,and then go to the bottom of the page and click on the PRIVACY button to remove yourself. Copy & repost so your friends are aware. Also, for a more comprehensive list of these Online Data Brokers, you may visit the Privacy Rights Clearinghouse for more information.

Spokeo.com is only one of more than a hundred public sites which do this type of data aggregation. Private databases are even more numerous and comprehensive. The fact is the more information that is out on the web and stored in servers, the more your personal data and privacy is at risk. It is not just about how many vertical feet your skied or how many days you skied. And if you want to track it, fine. But be informed about the pitfalls of freely providing the your specific information and habits.

Your information CAN and WILL be used against you in some form. e.g. Increase in health insurance rates for the top Vertical feet “winners” on Epicmix by rewarding their “risky behavior”. User specific “Spear-phishing” emails sent to you from “friend look-a-likes” which can contain many types of malware. Or becoming a target of a theft ring, by posting something like “I can’t wait to take the entire family to Vail for the weekend”.

SPEAR-PHISHING –

The more specific information you give, the easier it is to create a method someone else profiting from you. Beware of being one of the Sheep. Protect your data where you can, and take it upon yourself to become educated. Because “Broomfield Resorts” and many of the corporations have their best interests in mind, not yours. We use SkiPassDefender to limit the amount of usage data we provide, and to shield our unique pass information. It is simple to use, and still allows the user to fully use Epicmix or a similar program like it, if YOU choose to do so.

With regard to taking time by trying to protect your information by shielding RFID passes, Breckenridge spokeswoman Kristen Petitt says there is little point.

“We’ve been tracking people and collecting information about them anyway for years,” she said with a wry smile. “With EpicMix, we just finally let you see that information.”

Jonathan Lawson has been an expert in the field of Identity Theft Risk Management since 2005.  Mr. Lawson has held dozens of education seminars for minors, adults, and seniors regarding identity theft and risk mitigation. Breckenridge Instructor since 1993, and former Keystone Golf Professional. Staff Trainer Vail Resorts until 2010.

Filed under: NewsUncategorized

Like this post? Subscribe to my RSS feed and get loads more!