Flyers left under windshield-wipers for the car’s owner. This practice assumes a relatively tight correlation between user and object (that is, leaving a flyer on a car is the same as handing it to someone) and a relatively small temporal lag (that a flyer left on a car will be received the same day or so).  Our automobiles as proxy for our selves—a metal body standing in not for our flesh-and-blood incarnations, but for us. The car becomes our body, the windshield wiper no different than a hand. 

In this way, the car is like a part of our data shadow. A data shadow is the mass of information that follows us around—bank records, social security information, voter records, tax returns, phone numbers, email addresses. It is the shorthand for a system too large to process people and which must instead process information. We are not authenticated—at the airport, at the bank, during a credit-card transaction—our data shadow is. The data shadow acts as proxy, and the system assumes a tight (or tight-enough) correlation between us and our data shadow that each may stand in for the other. The system reveals itself in its breakdowns: Minors are able to buy alcohol not because they are 21, but because they can manipulate their data shadow through borrowed or forged ID to say they are 21. The data, not the person, is authenticated. (And even our proxies have data shadows—the car has its VIN, license plate number, automated toll boxes. Or are our proxies’ data shadows a part of our own?)

The more central and integral things become in our day-to-day lives the easier they are able to act as our proxies: murder suspects are exonerated by their MetroCards or their cellphones. How long before these proxy assumptions are hacked, and a bank robber, say, is caught on security camera in Manhattan at the same time his cell phone and MetroCard place him in the Bronx? When do proxies cease to be trustworthy?

Or more directly, what qualities keep proxies trustworthy? Security researchers have proposed all manner of proxy tests, from the “security questions” we have to jump through to get at our bank accounts to the PINs that have been with us since the checking card reared its plastic head. But these rely on the user providing a second set of information—a second key—to authenticate the first, which reduces abuse but does nothing to solve the root problem that information is itself a proxy. One of the more interesting proxy tests does not ask for information but instead asks decision-based questions: Would you do this or that? People can forget information, the system reasons, but they are unlikely to fundamentally change how they make decisions. 

As more and more proxy services converge in a single device—email and telephony on my iPhone, or library, dining, print/copy, and door-access services on my school ID—the value of that device increases. Will we soon realize über-devices—devices that integrate every proxy service, every data shadow link we need? This tightens the data shadow and strengthens its link to the shadow’s owner, but does nothing to solve the critical failing of a data shadow: regardless of how tightly it fits its owner, it is still separate from its owner. The flip of an über-device is a world of ultimate disposability, where we have no proxies and our data becomes a part of us. Might biometrics be the answer?