Mexico fell for Michael Finkel. The charismatic New York Times journalist, now raconteur, was on assignment covering Mayan mysticism in 2001. He held easy court with tourists and locals; Finkel’s pursuit of the dangerous and different had thrust him on the trail of black-market organ traders, reporting the tragedies of the Gaza Strip’s dying child soldiers, and travelling in the leaky hull of a Haitian boat that almost killed him and 40 refugees.
Janina Franke, an amateur photographer, fell hardest for Finkel. After a chance meeting they travelled south where she would score a massive career break snapping photos of Mayan ruins for Finkel’s piece in the Times.
Michael Finkel at the IAPP conference. Image: Darren Pauli, Telstra Exchange
Franke made it to the Mayan port city of Tulum, 130 kilometres south of Cancun, but she never got her break. She watched as Finkel, real name Christian Longo, was pulled out of a cabana by a swarm of armed police bearing a US federal arrest warrant.
Longo had co-opted the identity of the real Michael Finkel having fled Portland, Oregan, where he was wanted for the gruesome murder of his wife and three children.
“He (Longo) chatted with tourists in Mexico about stories he said he had written, quoted from them,” the real Finkel told us while in Melbourne for the IAPP privacy conference. “They all unquestionably believed he was Michael Finkel from the New York Times.”
According to those he charmed Longo was polite and intelligent, “totally cool”, with a good sense of humour. He scrawled notes, memorised articles, and gave budding writers a fake Times email address to make his possession of Finkel’s character total.
Finkel heard of Longo’s exploits from a local journalist and soon arranged to meet the murderer then, and now, incarcerated on death row in Oregon State Penitentiary (there is a moratorium on executions in that state).
He did not, as some identity theft victims do, feel assaulted by Longo’s co-opting of his identity. Longo did not steal Finkel’s passport, drain his bank account, or hack his social media. He just studied the journalist to a level of intimacy that he could become him. The co-opting of identity made the journalist curious.
Longo first wanted to prove Finkel was the real Finkel. In a twist of irony the journalist struggled to answer Longo’s 13-question identity quiz that drew on minutia contained in Finkel’s stories filed over years. “It was this existential conundrum,” Finkel says.
Longo, now 43, always wanted to be a globe-trotting journalist writing stories on the weird and wonderful. In short, he always wanted to be Finkel. Instead he married at 19 years-old, had three children, and over years turned a failing business into a web of deceit that would ultimately drown his family in debt.
His hijacking of Finkel’s identity at a time when Finkel was out of a job quickly drew the writer to Oregon State Penitentiary’s visitor’s centre.
Finkel says he would not ordinarily be drawn to speak to a murderer. He pursues curiosity and complexity, not distasteful and often unidimensional killers.
But it was the duplicitous character of Longo – a Proteus who in one instance was a witty and highly intelligent (his IQ was measured at 130) man and at another a mendacious murderer – that appears to have kept Finkel glued to what became an intensely personal story spanning years.
Treatment, but not cure
You can limit but not prevent identity theft.
We regularly send identity documents to brokers and banks. This places our identity in the care of the recipient and their security controls, of which are often ineffective and little understood (weak Outlook Web Access defences, bad passwords, and exposed remote access features are common).
Reduce your risk:
- Find and delete all duplicate copies of your identity documents from any cloud or email service you have. Lock down the single remaining copy. You can protect it in various ways, including through a password-protected archive (like 7z, rar, and zip) or ‘zero knowledge’ encrypted services like sync.com.
- Change your real details held in sites and apps to something fake. Consider using an alias online to make recalling data points like your fake date of birth easier.
- Deploy two-factor authentication wherever it is offered, including Instagram, Facebook, Google, Microsoft, LinkedIn, and Twitter.
- Rarely share your home address and restrict the places you provide your real details, even if requested.
- Put restrictions on the amount of money that can be transferred out of your bank account before a two-factor authentication alert (say via SMS) is triggered.
“If Christian Longo was sitting right here, he’d be funny, he’d be witty,” Finkel says. “You would have no idea he did something so unimaginable.”
Finkel tells the story in the nonfiction book True Story, also a major film adaption by the same name. He tells how he scrutinised Longo’s initial claims of innocence, witnessed how the murderer disassociated with his fellow death row prisoners, of whom many were also murderers, telling Finkel in a letter that he was “surrounded by so much degeneracy and perversion”, and watched and even assisted Longo’s attempts at redemption.
His latter act of redemption was a push to allow prisoners to donate their organs during their incarceration and at their point of execution. Reforms did eventuate that allowed prisoners to donate.
Finkel, himself now a father, has cut ties with Longo, and is pursuing his next story: a master art thief who stole a billion euros worth of art.
“I’m genuinely interested in these people,” he says. “More than, say, CEOs and popstars.”