The recent hit on Hamas official Mahmoud al-Mabhouh in a Dubai hotel vividly demonstrates the concern we should all have for our personal information. Intelligence/paramilitary methods apparently used by the operatives in this assassination for their cover appears to have included using the identities of possibly 25 or more uninvolved European and Australian civilians. How closely the operatives came in their appearance to the real persons has yet to be made known, but there were likely at least some physical similarities.
These methods are not new, but the wealth of information available to intelligence agencies from which to choose agent cover has exponentially grown, most of it provided to them by -- ourselves! The amount of information we put out about ourselves on social networks, answering those pesky e-Mail questionnaires inquiring of our likes and dislikes (then forwarding them on to everyone in our mailing list for them to answer and pass on), and answering those security questions to Internet sites, banks, free trade magazine subscriptions (the list goes on) about eye color, our first car, our freshman English teacher's dog's middle name, etc., grants people with the right access a plethora of information they may need for a successful cover identity (even our personal pictures).
Before you think me an alarmist, this concern comes with longstanding and clear precedent (to a researcher, anyway). We have to go back to 1968 and the hunt for the killer of Martin Luther King. Pre-assassination, and during his get-away attempt, James Earl Ray used a number of aliases. But as the late Philip Melanson observed in his 1989 book, The Murkin Conspiracy ("Murkin"), the use of his aliases in the time frame of the infamous crime took on a whole new look than those that he used in his "petty" criminal career.
Previously, Ray would use mixtures of names of people he personally knew. However, in apparent connection with planning the assassination and fleeing prosecution, he used names of real people who bore a strong physical resemblance to himself, who lived in a Canadian city that he had never been in (and who lived within a couple of miles of each other!), and he even sought and obtained duplicate IDs with some of these individuals' names. Just the fact alone that they bore a close physical resemblance to him (even with scars on the same sides of their faces) would give any researcher with knowledge of intelligence methods reason to red-flag Ray as more than just a petty criminal. But his primary operative cover went much deeper than that.
Ray's main cover was the name Eric Starvo Galt. The real counterpart to his selected alias, Eric St. Vincent Galt, was a Canadian man who worked for a company doing secretive contract work for the U.S. military, and who had an extensive security file. Detailed in Murkin is how the real Galt's signature looked like Starvo for a middle name (abbreviated as St.V. where the periods in the signature made it look like Starvo). Curiously, the company initiated a computer system and required just a middle initial in names, so real Galt started signing his name with just an "S' in the middle; Ray started doing the same indicating an update of information on the alias had been provided to him. As I recall, the real Galt enjoyed dancing; Ray, using the alias Galt, took dancing lessons. Galt participated in outdoor sports, including the use of rifles. The Galt the FBI was originally looking for after the assassination was someone who, obviously, used a rifle and was considered armed and dangerous.
The personal information on Galt was believed to be in his extensive security files. Access to this information would have been limited, but easy for intelligence operatives. In some 1968 newspaper articles, a Canadian authority is even quoted that intelligence or underworld methods were being used by Ray, and that the waters were being muddied to impair the manhunt/investigation.
Today, we "wear' our personal information in so many places, we become easy prey for those who would steal more than just our names for monetary gain purposes. As Melanson postulated in Murkin, the real Galt could have been arrested early on in the investigation had his location, resemblance to Ray, and frequent travels to the southern United States become known early on in the investigation. Fortunately for him, he only became known to authorities just a matter of hours before Ray's fingerprints were finally identified by the FBI. Still, with the case against Ray and his identification by the FBI, the real Galt came under much scrutiny and suspicion.
That could so easily happen to any one of us. In intelligence circles, the cover of assuming someone else's identity is known as becoming an imposter, but with much more expert use of personal information. Fortunately for the civilians whose identities were used in the Hamas official's case, it has become known early on that they were used as a cover. It would be more difficult to prove one's innocence if one or more of the civilians bear a striking resemblance to one of the operatives, making the operatives a deeper intelligence defined look-a-like imposter. It would be worse still if one or more of them had been lured to Dubai during the general time frame of the assassination.
The suspicions and accusations of involvement of intelligence personnel is well placed in this case, even though it is not proven. Of course, we as citizens would expect no less from our own American Intelligence operatives, that their involvement in any operation would not be generally known, thus not tied back to the U.S. The likelihood that it was a Mossad operation is very strong, and just as likely that it will never become publicly known.
We should desist from revealing our most obscure personal data no matter how trivial we think it to be. I would suggest using random data for answering those security questions; just be sure to keep your answers privately accessible so that you can answer those questions to an operator or Web form for resetting a password. If your first defensive resistance is that it is lying, it really is just protecting your own security. It is not like your account status/credit worthiness matters if you give a random answer, it is just that your answer in the future needs to match to prove your identity. Think of it more as just an extra password, or key word, for protection of your personal data. Besides, what can bring a smile to your face quicker than using a pet dog's name in place of a mother-in-law's maiden name!?
It is interesting how our governments are trying to secure our IDs better by making them more difficult to duplicate, but intelligence agencies and operatives will always have access to thwart/duplicate those systems. It is a wasted effort to try to make our forms of ID more secure and it ultimately just takes away more of our freedoms in the name of security. It will not secure us against those in the intelligence world seeking to use our information for their purposes, but we can stop making it so easy for them, or granting them the least significant details of our lives that could end up being the most significant evidence against us should we ever end up having our identities used by an intelligence imposter, or, heaven forbid, end up playing the ultimate role of patsy in such an operation.
I have researched intelligence methods off and on for 30 years, and the methods used in Dubai do not surprise me in the least. What is surprising is that we still associate such nefarious things with the English word, "intelligence."