I recently past 10 years as a US citizen and, as a result, was returning from Europe with a new passport. To celebrate this occaision the INS decided to put me through a manual check – apparently my name matched someone on the watch list. Now it should be noted that nothing else did – I was born somewhere different, am a different height, have different colored eyes etc etc. Despite the single match (my name, not exactly an uncommon one after all) the folks at INS had to spend 30 minutes checking me out and I had to wait while they did. Then I heard about this class action suit based on a similar problem – simple name matching being used to stop benefits to “fleeing” felons.
In both cases the systems involved have more information than just a name but in both cases stupid decisions are being taken based only on a name match. Of course, <sarcasm>no felon or terrorist would ever change their name </sarcasm> so this is a great approach!
If those designing these systems had put some thought into the decisions and had built them so they could be refined and updated easily – using business rules say – then more effective checks could be in place and changes could be made as and when needed. Sadly no-one did and dumb systems and wasteful processes are the result.