The Current Meaning of Identity Theft - Essay Example

Identity Theft While it may seem that identity theft is something new, it is a crime almost as old as there are names. It has even been romanticized in such tales from the legend of King Arthur and the Prince and the Pauper to more modern versions as clones in The Sixth Day and face transplants in the movie Face Off. Although nothing new, Identity Theft has increased exponentially over the past couple of decades. This has primarily been due to the proliferation of the World Wide Web and the potential access to electronic information. However it is also in no small part due to the unfortunate ease with which information can be accessed by credit card agencies and other financial institutions as well as the low threshold of security when verify identity in certain situations. This paper will revue the current meaning of identity theft as well as the various forms it can take. There will be research presented on the various institutions that are also culpable in the many scenarios of identify theft. The onus of who is responsible, the consumer, the private institutions, or even the government will come into question. A brief revue of the history of the credit card is also in order since the use of “plastic” money has certainly contributed to the identity theft crisis. Past and current legislation will be analyzed regarding this new crime in both its cyber and analog presentations. Lastly, an opinion and possible suggestions for the consumer to help safeguard their identity as well as what government and corporate institutions can do to not only help the consumer avoid identify theft, but if it has occurred, to assist them in rectifying the situation before too much damage is done. What is Identity Theft? The encyclopedic definition of identity theft is the use of another person’s identity, i.e. financial, personal, geographic or other source, to commit fraud or other types of misrepresentation. By using another person's social security number, driver's license number, date of birth, address, online information one may open bank accounts, apply for loans and credit cards, get a cell phone and so on. In addition to financial loss that can result from identity theft, by using another’s identity the credit history and even the legal history of the victim can be damaged in the extreme. ("Identity Theft") According to the Identity Theft and Assumption Act of 1998, identity theft (ID theft), occurs when someone is "knowingly transferring or using, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, in the unlawful activity that constitutes a violation of federal law." It is a federal crime. (Alt 67) Another form of identity theft that is for the most part non-financial is referred to as Criminal Identity theft. This occurs when someone gives another person’s ID to a policeman or other law enforcement official when they are being arrested. This allows the perpetrator to use a clean citizen’s record to make it appear as if they are committing a first offence. This often reduces the punishment but also goes on the arrest record of the honest citizen who is the victim. The frequency of identity theft increased markedly beginning in the late 1990s due to the computerization of records and the ability to use another's personal information anonymously and virtually without any prosecution at the time over the Internet. ("Identity Theft") …until very recently, the only loss likely to occur--the financial sort--was a crime without a face, unless you happened to be a hapless, also somewhat invisible, victim. Known as identity theft, it's the practice of taking over another's financial life that's bilking the system out of millions--and it shows no signs of stopping. Last year [2000], there were an estimated 500,000 cases annually at an average cost of $17,000 per victim, according to statistics compiled by the Federal Trade Commission. (Bielski 27) That number has been on the rise. Other forms of Identity Theft are bank fraud, phone & utilities fraud, job related misrepresentation, consumer fraud, government documents and benefits fraud. Medicare, Medicaid and other health insurance related fraud is also on the increase. (Alt 68) Furthermore, once someone has stolen an Identity, the victim usually experiences more than one type of fraud regarding their personal information as the following figure illustrates: The areas of overlap indicate multiple intrusions of identity theft. Furthermore, 58.9% of all victims experienced the misuse of an existing credit card. A total of 48.6% of victims experienced the misuse of existing accounts other than existing credit card accounts and 21.9% of victims had their personal information used to open a new account or commit some other kind of fraud. 38.1% of all victims the misuse of an existing credit card was the only form of ID theft suffered, and approximately one-third of victims who experienced the misuse of an existing credit card also experienced another type of ID theft. (“Federal Trade Commission 13”) Identity theft, as has been mentioned, is an old crime. Prior to computers and most forms of organized governments and the science of photography, it was also a quite violent crime. Nefarious persons would murder and then assume the identity of their victims, move to another district or country where their victim was not known and use their good name to settle into a new life. As time went on certain forms of ID were standardized, passports adopted, etc. and it became harder to completely impersonate another human being. It could still be done, but with a bit less impunity. In fact Identity Theft is becoming prevalent among the influx of illegal aliens in the United States. Passports and other forms of ID are finding their way into black market vendors who sell them to aliens seeking ingress into other countries Another issue in identity theft is the problem of the time to discovery of the crime. In many cases the crimes may not be discovered until a great deal of damage has been done. The following chart illustrates the different types of fraud and their subsequent discovery times: Nearly 40% of all ID theft victims discovered the misuse of their information within one week of the start of the misuse. However, the discovery period was significantly different depending on the type of fraud experienced. Victims in the Existing Credit Cards Only (22%) and the Existing Non-Credit Card Accounts (21%) categories were about twice as likely as those in the New Accounts & Other Frauds (10%) category to find out about the misuse the day it started. Nearly one-quarter (24%) of New Accounts & Other Frauds victims did not find out about the misuse of their information until at least 6 months after it started – compared to just 3% of Existing Credit Cards Only and Existing Non-Credit Card Accounts victims. Where discovery of the misuse occurred more quickly, victims reported lower out-of-pocket losses and thieves obtained less. (“Federal Trade Commission” 23-24) In his book, Credit Card Nation: The Consequences of America's Addiction to Credit, Robert D. Manning postulates that the rise in Identity Theft is in direct relation to the rise of America as a Credit Card nation. It began as a paradigm shift in the economy of the world began to occur. While the industrial revolution certainly changed the world economy from agriculture to manufacturing as the predominant sector, there was a shift in the twentieth century that shifted the focus from industry to banking and financial products. This became a trend that meant that financing consumption was now a more lucrative business than traditional goods-producing industries. (Manning 4) With this new mentality, the finance industry would search for more and more ways to introduce new products and services to its consumers. In many ways this also required a change in perspective from the traditional “Puritan Ethic” of the American psyche. Installment credit was the first to make the scene and initial critics of the system stated “that consumer credit (as a repudiation of Puritan thrift) not only tempted people to sin, it provided the means for sinning as well." (Manning 3) But as time wore on the consumers needs outweighed their original philosophy and another attitude became prevalent. …the extension of consumer installment credit historically served to enforce rather than undermine the moral virtue of hard work, budgeting, and saving. This leads to the assertion that increased consumer consumption has served to discourage moral laxity by rewarding strict adherence to installment contracts with additional sources of credit for financing new forms of consumption. (Manning 3-4) With this change in consciousness now accomplished a myriad of new ways for consumers to spend money they did not yet have came into being. Paper or Plastic? This query from your local grocery store takes on a whole new perspective when applied to the financial shift taking place by the mid twentieth century. While paper currency was also a representational form of commercial exchange, it was at least tangible, analogous to wealth and savings. The advent of credit and credit cards made this currency of debt a bit too intangible, digitizing it and creating an appearance of available money to spend, when in fact it was unearned and often came with the high price of interest. This tangible difference was all part of the paradigm shift in money and economics in the twentieth century. Identity Theft was certainly wrapped up in this shift as well. While someone could feasibly steal your cash by ripping out of your cold dead hand, it was quickly discovered that it was certainly going to be easier to appropriate a credit card in you name to do so without you even knowing about it for some time. The first items that resembled credit cards were called shopper plates and came into use at department stores, oil companies/ gas stations and hotel chains in the 1920’s. The first real credit cards were issued thirty years later. In 1950, Diners Club and American Express launched their charge cards in the USA, the first real "plastic money,” which could be used in a variety of stores. In 1951, Diners Club issued the first credit card to 200 customers who could use it at 27 restaurants in New York. But it was only until the establishment of standards for the magnetic strip in the 1970’s that the credit card became part of the information age. Also rendering it more susceptible to cyber-identity theft. A more old-fashioned means of identity theft is to steal a purse or wallet. A few years ago, thieves were interested only in the cash inside your wallet; now the most valuable items in your wallet are your Social Security number, ATM card, credit cards, bank checks, and any other items containing your personal information. (Dutta 3) The credit card has played a major role as both a regulatory and technological synergist in the transformation of not only banking industry but the entire economy of the world. In some sense credit cards have been a part of globalization efforts making it possible to use funds around the world with a single swipe of the card. Initially it caused a great deal of upheaval as one of the earliest and most successful challenges to many federal regulatory statutes such as interstate banking and so on. It also developed into the ideal product for financial institution in the development of automated consumer banking systems (ATMs). During the 1980’s the banking industry was even able to circumvent the state usury laws, but not for too long. This coupled with a dramatic reduction in national inflation led to the enormous profitability of bank credit cards. This surplus of profit was strategically allocated to help with the dangerously low capital reserves of many major money center banks in the late 1980s and early 1990s. Hence, by contributing to the stock appreciation spiral, credit cards helped to sustain the bank merger frenzy of the 1990s that further enhanced the equity position of commercial banks. These trends, along with merger related cost-cutting and escalating bank fees, intensified the industry's diversification pressures that finally demolished the firewalls of federal banking regulation in 1997 and 1998. Bank credit cards played an instrumental role in the transformation of the banking industry, with Citicorp leading the way. (Manning 70) Assets ($ billion) Citicorp * $700 * BankAmerica $572 Chase Manhattan ** $367 J. P. Morgan ** $281 Banc One $246 First Union $229 Wells Fargo $186 Bankers Trust $173 Fleet Financial $101 National City $81 Until recently Identity Theft was difficult to prosecute for a number of reasons. One of the biggest problems is that large companies often refuse to publicize their involvement when someone has hacked into their system and stolen data or damaged programs and information. By revealing that their systems have been compromised a company may subject itself to a loss of consumer confidence and potentially loose many clients, depending on the product or service they offer. The company may also be subjected to lawsuits from clients who claim that there was no due diligence preformed as regards the security of their information. It is estimated that between twenty-five and fifty percent of all business have experienced some sort of intrusion or breach of security of their computer networks. (Yang & Hoffstadt 208). Another reason is the multi-jurisdictional nature of the problem regarding the quite often substantial difference between the location of the crime and the criminal. The crime may be committed upon an individual who resides in the United States while the criminal may be in a completely different part of the world and in a country that has no extradition agreement with the US (Jacobson & Green 275). This will of course require cooperation between governments far beyond the usual means in order to facilitate the capture and prosecution of these particular cyber criminals. There are several fronts that need to be addressed when attempting to prevent and / or prosecute Identity Theft. Businesses themselves need to make the effort to keep their security up to date and be willing to prosecute the criminal. Software and hardware manufactures have to work in conjunction with business to help prevent these security breeches and combat an ever increasingly intelligent cyber criminal, individuals must safeguard their information and finally government must be the primary central source for the impetus of all this: Government involvement is essential to coordinate and assist with the international aspects of cyber-crime, to facilitate standardized security protocols and unfair practices over the Internet, and to prosecute persons who commit the acts legislatures deem harmful enough to make criminal. (Yang & Hoffstadt 213) The government is making great strides in constructing laws to address Identity Theft. However, it is difficult to find the appropriate regulatory balance between whether an individual should have a privacy right and, if so, what form this right should take. For instance, cookies are not protected as an intellectual property right of the consumer who is the subject of the information. Some privacy protection for consumer data may be sought—for example, when there is concern over such data being collected and used without the consumer's knowledge or agreement. A potential conflict exists between the social benefits of disclosure (such as the creation of new databases), and an individual's desire to control the further dissemination of consumer information (perhaps out of concern over reputation, a general taste for privacy or autonomy, or the possibility of identity theft). 29 (Thierer and Wayne 164) One of the largest issues facing both the prevention and detection of identity theft is the fact that for more than half of the victims of identity theft it is unknown how the information was at first obtained. The following pie chart in figure 4 represents this data. Here, interestingly enough, although 56% of the victims did not know how their information was found out, of the 44% that did know, the largest percentage was from people they did know personally at 16%. A more recent entrant in the identity theft genre is phishing. Compromising 1% of the total category, “Phishing occurs when fraudulent e-mails are sent to online users by impersonating Internet service providers (ISPs), merchants, and banks, in an attempt to steal financial information” (Stafford 201) Another issue for victims of identity theft was the lack of a satisfactory remedy. If you are the customer of a company that has had a security breach and parceled out your personal information you have some recourse in both the form of statutory as well as common law claims. However, individuals who never intended to become the company’s customers or perhaps were never even aware of the company existence lack similar support because a business generally does not owe a non-customer the same duty of care. (Howard 1264) One of the most recent strides in this area is the implementation of The Fair And Accurate Credit Transactions Act Of 2003 or FACTA. This act was signed into legislation by President Bush in December of 2003. It main goal was to limit the amount of information that an individual exposes to public scrutiny. This includes the compulsory truncation on receipts of credit card number usually listing only the last four digits. It also requires that card issuers investigate any changes of address and new card requests by collecting verification from individuals. There is also increased fraud alert requirements mandated from credit reporting agencies, they are also required to omit any identity theft related information from the credit reports they produce. The most notable function of this legislation is that these reporting agencies supply free annual credit reports to any consumer. Other issues that this statute addresses is that credit reporting agencies divulge consumer credit scores to the consumer involved and it also provides for a vast improvement of the resolution process available to the consumer once they have discovered that identity theft has occurred. It also includes several measures that limit the sharing of medical information in the financial system. The statute goes along way to improve the protection and rendition available to the consumers in the event of Identity Theft. (Linnhoff, and Langenderfer 206) FACTA is aimed at two prongs of the identity theft problem--reducing the incidence of theft and limiting the impact once theft has occurred. Credit card receipt truncation and change of address protection should help reduce the number of identity theft incidents. The reduction is likely to be small, however, as most credit card companies already have similar measures in place. More effective are FACTA's provisions to limit the damage post-theft. One-call fraud reporting will reduce the burden on victimized consumers as will the credit report blocking and re-pollution measures. (Linnhoff, and Langenderfer 208) However, the bill falls short in a number of ways. Its primary intention is to address credit-reporting institutions. One major difficulty is that the bill preempts state law and severely limits individual state efforts to enact stronger privacy policies than are fixed at the federal level. While having a variety of state laws also poses a problem for businesses that operate nationally as they can face a complex nightmare when trying to deal with fifty different state laws states as well as other U.S. territories. “But when federal law is inadequate to protect the public, preemption effectively denies relief to citizens of those states inclined to provide it.” (Linnhoff, and Langenderfer 209) Another problem is that the legislation fails to address in any significant way the prevalent use of Social Security Numbers as identifiers that are often freely exchanged on many levels. This threatens the consumers with pervasive identity theft and also gives both legitimate businesses as well as criminal the ability to quickly put together a very thorough background on virtually anyone. This ability is troubling not only because it increases the incidence of identity theft but also because of the privacy implications. SSN use and display limitations would help prevent identity theft and also improve privacy in an era in which consumers are becoming increasingly uncomfortable with the amount of personal data that is routinely collected and stored. Truly effective identity theft legislation will deal on a national level with the entire identification system, replacing the current hodgepodge with one that is safe and difficult to duplicate. (Linnhoff, and Langenderfer 210-11) Another issue is that although free annual credit reports are now available, very few consumers are taking advantage of this. In 2004, as the following chart illustrates, only 22% of those surveyed actually received their free credit report. The cart in figure 4 illustrates this point. Prior to this the Fair Credit Reporting Act (FCRA) was written into legislation in 1970 and has been amended almost yearly up to 2003. This was the first attempt by the government to address the problem of Identity Theft. The FCRA provides consumers with a private right of action for a credit reporting agency's willful or negligent noncompliance with any of the duties imposed by the FCRA. Under this FCRA provision, consumers may recover their actual damages, attorney fees, and costs; when the credit reporting agency has acted willfully, the consumer may also recover punitive damages. Another statutory enactment, the Identity Theft and Assumption Deterrence Act makes identity theft a federal offense and gives victims rights and means to be compensated for their losses. (Howard 1267) Banks and other institutions that issue credit cards have become a bit more wary of handing out credit on little more than a handshake. Initially one could get credit or conduct financial transactions with two forms of ID, a social security number and a driver’s license. Some states at the time did not eve require a picture to be on the license, so even that level of security was not present. (Howard 1264) These low-level ID’s also bled into the online realm with the ease with which information was passed onto merchant sites and possibly leaked to others. Credit Card information was and is still easily shared over the Internet and while companies build better and better firewalls and encryption methods, the Identity thieves are often one step ahead. One way credit card companies are protecting their cardholders is by requiring them to provide online merchants with additional information such as their mother's maiden name. That way, even if a thief gets hold of a number, he or she can't use it. The idea is to "make the cardholder feel comfortable that it is a secure transaction," says Bruce Rutherford, vice president and senior business leader with MasterCard Worldwide. (Holmes 163) Also, even as far back as 1996 an agreement between MasterCard and Visa came about to introduce a single “secure electronic transaction’”(SET) format for credit-card purchases on the internet. This paved the way for the take-off of e-commerce. (Guttmann 6) Identity theft does not only affect individuals, but can have some major impact on merchants, retailers and other business both in the short and the long term. Although information on these crimes is often hard to come by as business by and large refuse to divulge or admit to any problems with identity theft and their customers data safekeeping. In a sense they are more inclined to take the loss quietly rather than have a negative impact on their credibility. The two largest credit card companies estimated that "aggregated identity-theft-related losses from domestic operations rose from $79 million in 1996 to $114 million in 2000, an increase of about 43 percent." Most credit card companies do not consider categories such as lost or stolen cards, never-received cards, counterfeit cards, mail order or telephone order fraud to be identity-theft-related. A serious lack of data on these issues inhibits research into possible intervention strategies that could reduce the harm. (“Cost of Identity Theft”) It is estimated that approximately 3.2 million consumers had become victims of identity theft in 2007. Thieves who opened new accounts in their names, obtained new identification documents or took other steps to impersonate their victims targeted them. Another 6.6 million were victims of credit fraud, in which thieves who gained access to account numbers raided credit card or bank accounts. (Sovern 236) While more and more government regulations and penalties are being put into place, these measures are like closing the barn door after the horses got out. Consumers need to be more aware of their information and safeguard their credit history by maintaining a heightened level of vigilance. Consumers must not rely on governments or corporations to protect them completely if they are randomly giving out their information over the internet whether accidentally or intentionally. The information age is a two-edge sword, making knowledge readily accessible with the touch of a few keystrokes and the click of a mouse, but have you ever tried googling yourself. You might be surprised by what comes up! Works Cited Alt, Betty L., and Sandra K. Wells. Fleecing Grandma and Grandpa: Protecting against Scams, Cons, and Frauds. Westport, CT: Praeger, 2004. Bielski, Lauren. "Identity Theft." ABA Banking Journal 93.1 (2001): 27 “Cost of Identity Theft.” United States Department of Justice. (2008) National Institute of Justice The Research, Development, and Evaluation Agency of the U.S. Department of Justice. Dutta, Sunil. "IDENTITY THEFT : A Crime of Modern Times." World and I Oct. 2003: 290. Griffin, Jake. "Madigan, Police Warn Bloggers of Online Predators Chief Says All Ages Can Be Victimized." Daily Herald (Arlington Heights, IL) 15 Dec. 2005: 3 “Federal Trade Commission 2006 Identity Theft Survey.” Federal Trade Commission (2007) FTC.gov http://www.ftc.gov/os/2007/11/SynovateFinalReportIDTheft2006.pdf Guttmann, Robert. Cybercash: The Coming Era of Electronic Money. New York: Palgrave Macmillan, 2002 “A History of Credit Cards.” CreditCard.com (2008) < http://www.creditcards.com/history-of-credit-cards.php> Holmes, Tamara E. "Is Your Credit Card Number Safe Online? New Technology Offers Consumers Added Protection." Black Enterprise Sept. 2006: 163. Howard, Heather M. "The Negligent Enablement of Imposter Fraud: A Common-Sense Common Law Claim." Duke Law Journal 54.5 (2005): 1263-1278 "Identity Theft." The Columbia Encyclopedia. 6th ed. 2007. Jacobson, H., & Green, R. Computer Crimes. American Criminal Law Review. 39.2 (2002): 273-278. Linnhoff, Stefan, and Jeff Langenderfer. "Identity Theft Legislation: The Fair and Accurate Credit Transactions Act of 2003 and the Road Not Taken." Journal of Consumer Affairs 38.2 (2004): 204-211. Manning, Robert D. Credit Card Nation: The Consequences of America's Addiction to Credit. New York: Basic Books, 2000. Sovern, Jeff. "Stopping Identity Theft." Journal of Consumer Affairs 38.2 (2004): 233-247. Stafford, Marla Royne. "Identity Theft: Laws, Crimes, and Victims." Journal of Consumer Affairs 38.2 (2004): 201-217 Thierer, Adam, and Clyde Wayne Crews, eds. Who Rules the Net? Internet Governance and Jurisdiction. Washington, DC: Cato Institute, 2003. Yang, D. W., & Hoffstadt, B. M. Countering the Cyber-Crime Threat. American Criminal Law Review, 43.2 (2006): 201-213. Read More