Identity theft is the deliberate assumption of another person's identity, usually to gain access to their finances or frame them for a crime. Less commonly, it is to enable illegal immigration, terrorism, espionage, or changing identity permanently. It may also be a means of blackmail, especially if medical privacy or political privacy has been breached, and if revealing the activities undertaken by the thief under the name of the victim would have serious consequences like loss of job or marriage.
Techniques for obtaining identification information range from the crude, such as rummaging through rubbish (dumpster diving in the USA), to infiltration of organizations that store large amounts of personal information.
Identity theft is usually the result of serious breaches of privacy. Except for the simplest credit-related cases, it is usually not possible without breakdowns in
- customer privacy, in which case the consequences may be limited to fraud on one corporation, typically the one that leaked the data in the first place, e.g. account numbers.
- consumer privacy, more serious, where credit card numbers or other generally-useful identity data is stolen and used much more widely.
- client confidentiality and political privacy, making it easy to effectively impersonate someone, by using confidential information that an ordinary impersonator would not have access to.
Consequences of identity theft
Many governments now claim that identity theft is the fastest growing offence. In the USA, for example, a Federal Trade Commission survey in 2003 showed that 27.3 million Americans had been the victims of some form of identity theft over the preceding five years. In the United Kingdom in 2005 the consumer group Which? issued a report claiming that one in four people had been the victim of identity theft, or knew someone that had been a victim. This misleading claim (linking victims with those who know victims in a single statistic) achieved wide publicity. The Home Office in Britain does not collate data on identity theft, but does nonetheless, claim that the activity is reaching epidemic proportions.
It is difficult to fully quantify the extent of real identity theft. One reason for this is that identity theft is often a precursor to other crimes such as fraud or theft. Records of these crimes may be filed under the "strongest" crime, leaving the identity theft to get lost in the mix. Furthermore, many instances of fraud - particularly in connection with the use of credit cards - are loosely regarded as identity theft when in fact they are simple fraud.
Increase and contributing factors
Instances of identity theft have increased as the availability of personal information, and its volume held by third parties, has increased. In the USA much personal information, including mortgage details, social security numbers, and driving license details, are publicly available. Such sensitive information is far harder to obtain in most other countries, but it is typically held by numerous government and private sector bodies, and is consequently available to their many employees and associate organisations. Of particular concern is the comprehensive personal financial information and other related data held by credit reference agencies. The proliferation of junk mail from many of these organisations, which often includes name and address, has exacerbated the situation.
In the United Kingdom companies such as car hire agencies, car dealerships, solicitors and banks now routinely take a copy of identity documents as a condition of doing business. This practice means that the subject is, in effect losing control, of his identity documents.
As a result of data protection legislation in the United Kingdom many organisations now require telephone callers to disclose personal details such as date of birth and mother's maiden name before they will enter into discussion. This allows eavesdroppers to collect this valuable data.
Another reason for the prevalence of identity theft in the USA is that financial institutions have an interest in not publicizing cases and have a disincentive for making identity and credit information secure. It is estimated that credit card companies in the United States lose up to $5 billion dollars (US) a year and they accept that as a "cost of doing business", since making credit information secure would make using credit somewhat less convenient and might discourage people from using it.
Precautions against identity theft
To guard against identity theft:
- Take out insurance against credit card loss. This allows the immediate cancellation of all your cards by a single phone call.
- Check your bank accounts each week online or at an ATM. You can catch unusual activity more quickly than if you wait for monthly statements.
- Shred credit-card receipts, junk mail and other such documents, as they may contain private information.
- Mail letters from the post office. In America, where standalone mailboxes are common, install a lock on the box.
- Don't give out personal information to telemarketers or others who initiated the call to you. Get a phone number to call marketers back if it is an offer you'd like to pursue.
- When shopping online, make sure the company is reputable and displays an approved security symbol. Also, make sure you log out of the site when finished.
- Request your own credit report each year and check the reports for inaccuracies. If you've been the target of identity fraud, check the data every six months. (In the United States, if you are unemployed and looking for work you are permitted a free copy of your credit report once a year from any credit reference agency). You can request a free copy from www.annualcreditreport.com
- If you are a target, keep copies of police reports and records of who you talked to and when, so that you can back up the claim of fraud.
- Limit the amount of personal information you publish on the web. Small fragments here and there may be enough for someone to impersonate you in many ways. Be especially careful with information used as security keywords for banks, e.g. mother's maiden name .
- Don't divulge personal information such as date of birth to organisations that have no need of it - nearly all commercical organisations.
- Don't routinely carry identity documents unless obliged by law to do so.
- Do not allow anyone to copy your identification documents. If commercial organisations require you to submit a copy as a condition of doing business either don't do business with them, or retrieve the copy when your business ends (a written statement that they have not taken further copies should be obtained).
In the USA:
- Don't order checks preprinted with your driver's license or social security number. If you can keep your address off them, do so.
- Don't carry your social security card. Don't give out the number unless it is absolutely necessary or legally required (employers, landlords etc.). In states where your drivers license number is your social security number, be equally careful about who sees your license.
Wikipedia article (the free online encyclopedia) reproduced under the terms of the GNU (General Public License) Free Documentation License.