Economic Impact of Online Identity

Economic Impact of Online Identity Theft

In evaluating the research necessary for the paper on Identity theft and its economic impact, it was important to understand the necessary elements that compromise such a project. These components were an evaluation of the term and types of identity theft and how it has changed over time, the current state of Identity Theft in the computer age and the possible legislative and judicial remedies and safeguards in place. There fore the literature would need to be in these three areas of definition and history; current trends and cause; and governmental response. This review will present a thematic description of these three components through the literature used in this research.

One of the initial references in this type of research begins with a standard search of the encyclopedia, in this case the Columbia Encyclopedia (2007). It gives the generic definition of Identity Theft, which is the misappropriation of the idiosyncratic information of an individual in order to commit fraud, theft or other crimes. Regarding an individuals personal data such as date of birth, social security numbers and the like can be used to purchase items online or open cellular phone numbers and/or bank accounts etc. They may also use this information when their own personal identification may cause them trouble, as with having a criminal record.

Identity theft not only causes financial loss but almost always affects a person's credit rating as well. This is also propounded in the article by Bielski (2001, p. 27) in which he views this as the duplication of a person, almost like the process of cloning. This helps to cement the creepy and intrusive nature of Identity Theft as he more dramatically calls it the "usurpation of another's self" by stealing the vital and unique substantiating information that makes us our particular selves in this society.

Identity theft has been around for a very long time, long before the advent of the internet and computers. It was still the theft or at least the copying of another person in order to substantiate yourself within a community. In modern times there are many levels and parameters that this crime can reveal itself. A sergeant with the Los Angeles county police department, Sunil Dutta, reveals some of these unique attributes as well as the fact that most of the perpetrators get away "scott-free." (2007, p. 290) Sergeant Dutta also reports that in certain cases the Identity Thief can commit crimes under the assumed identity, registering his own fingerprints in the stolen name, and the victim can be in very serious trouble. He analyzes some of the usual methods of ID theft, but some that may not be so apparent. ID thieves can rummage through a garbage pail and find gold. Tossing out those offers of credit along with any other personal information is a recipe for disaster. Lost or stolen wallets are another simple way of attaining enough information to ruin a person.

There are countess other scams and cons that can be perpetrated when doing some of the what may seem the simplest things. The internet is an obvious "use with caution" system, but sometimes one can still give up enough personal facts without realizing it. Posting a resume online, with phone number and schools attended, can give enough information to a would be ID thief. (Dutta, 2007, p. 290). Telemarketing frauds and bogus e-mails promising the transfer of fortunes are other methods of ID theft (Alt, 2007 p. 47). Even the personals, which can be inherently dangerous to begin with, often find ID victims plentiful. (Alt, 2007 p. 81). Home health caretakers have access to great deal of information form a unwary client as well. (Alt, 2007 p. 99).

Statistics are plentiful and growing in the area of Identity Theft. The Department of Justice tracks the costs of ID theft and one of these costs is in the criminal justice system itself. The extremely difficult nature of not only prosecuting Identity Theft criminals, but even discovering these crimes is enormous. (Cost of Identity Theft, 2008) in fact many people simply choose to try to get their lives back on track and often do not pursue criminal prosecution in the courts because of the almost insurmountable difficulties involved. (Federal Trade Commission, 2007)

Historically, what we know as ID theft today came with the dawning of the age of credit cards and plastic money. Not only did create a rise in fraud and ID theft, but a totally different consciousness regarding money and how it is spent (Manning 2000). Originally called charge plates, Credit Cards are one of the most vulnerable areas of ID theft. (History of Credit 2008) now, several levels of security are in place to help prevent the online use of stolen credit card numbers such as require special ID codes and answers to security questions. Also, there are services in place to minimize the damage a stolen credit card can cause. (Holmes, 2007) Electronic Fund Transfers (EFT's) are another area of potential risk. Any transfer of funds that does not require the physical presence of the customer always has a potentially higher risk of fraud and theft. (Guttman, 2003)

There is also the problem that has been termed Negligent Enablement that has occurred when Identity Thieves create bogus accounts at store that do not have the victim as a real customer. Many businesses refused to take any action on the victim's behalf, or even so much as talk to them to help them clear up this fraudulent activity. (Howard, 2005) Now there is in place legal precedence for making corporations ultimately responsible for ascertaining the true identity of their customers as well as assisting victim of Identity theft with adequate resolutions and remedies.

In the criminal justice system Identity Theft is often linked with computer crimes, or at least has some connection with the Internet and the tremendous access to information as well as banking and credit card transactions. This became even more difficult when the nature of legal jurisdiction became involved. A high percentage of the time the victim and the criminal an in entirely geographically different locations, often outside the United State, bring to beat extradition difficulties and other legal problems. (Jacobson & Green, 2002) of the Fair and Accurate Credit Transactions Act of 2003 or FACTA was an important step in helping to ameliorate the difficulties involved in prosecuting Identity theft criminals. (Linnhoff & Langenderfer, 2004)

There are also concerns for privacy, both for Identity Theft Victim as well as the consumer who has not been affected, but may have some of their privacy rights eased due to the need of government monitoring of some of the Internet's more vulnerable areas. This is now a concern of the ACLU and of the organizations trying to balance citizens' rights and the laws that protect them from ID theft. (Thierer & Crews, 2003) Computer Crime in general has been notoriously hard to detect as well as prosecute. Many companies often do not reveal the extent of on outside intrusion into their data network, not wanting to let the public know of their security inadequacies. (Yang & Hoffstadt, 2007) This has until recently been a major stumbling block to law enforcement, but is slowly giving way to greater due diligence and transparency to the public.

Up until 2004 these number were on the rise, but thanks to law enforcement and better legal remedies the situation has come under some control. But this due diligence has to extend to a public that is often too willing or unmindful of their own responsibility regarding their identity. (Svoern, 2004) There always new and more efficient techniques for thieves to steal identity, like phising and other nefarious Internet tools (Stafford, 2004). However the only remedy is for not only the government and corporations to have heightened security and better fact checking protocols, but for the consumer to keep a watchful eye on their wallets, their e-mails and their credit scores.

Economic Impact of Online Identity Theft

While it may seem that identity theft is something new, it is a crime almost as old as there are names. It has even been romanticized in such tales from the legend of King Arthur and the Prince and the Pauper to more modern versions as clones in the Sixth Day and face transplants in the movie Face Off. Although nothing new, Identity Theft has increased exponentially over the past couple of decades. This has primarily been due to the proliferation of the World Wide Web and the potential access to electronic information. However it is also in no small part due to the unfortunate ease with which information can be accessed by credit card agencies and other financial institutions as well as the low threshold of security when verify identity in certain situations.

This paper will revue the current meaning of identity theft as well as the various forms it can take. There will be research presented on the various institutions that are also culpable in the many scenarios of identify theft. The onus of who is responsible, the consumer, the private institutions, or even the government will come into question. A brief revue of the history of the credit card is also in order since the use of "plastic" money has certainly contributed to the identity theft crisis. Past and current legislation will be analyzed regarding this new crime in both its cyber and analog presentations. Lastly, an opinion and possible suggestions for the consumer to help safeguard their identity as well as what government and corporate institutions can do to not only help the consumer avoid identify theft, but if it has occurred, to assist them in rectifying the situation before too much damage is done.

What is Identity Theft? The encyclopedic definition of identity theft is the use of another person's identity, i.e. financial, personal, geographic or other source, to commit fraud or other types of misrepresentation. By using another person's social security number, driver's license number, date of birth, address, online information one may open bank accounts, apply for loans and credit cards, get a cell phone and so on. In addition to financial loss that can result from identity theft, by using another's identity the credit history and even the legal history of the victim can be damaged in the extreme. ("Identity Theft," 2007)

According to the Identity Theft and Assumption Act of 1998, identity theft (ID theft), occurs when someone is "knowingly transferring or using, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, in the unlawful activity that constitutes a violation of federal law." It is a federal crime. (Alt, 2007, p. 67)

Another form of identity theft that is for the most part non-financial is referred to as Criminal Identity theft. This occurs when someone gives another person's ID to a policeman or other law enforcement official when they are being arrested. This allows the perpetrator to use a clean citizen's record to make it appear as if they are committing a first offence. This often reduces the punishment but also goes on the arrest record of the honest citizen who is the victim. The frequency of identity theft increased markedly beginning in the late 1990s due to the computerization of records and the ability to use another's personal information anonymously and virtually without any prosecution at the time over the Internet. ("Identity Theft," 2007) until very recently, the only loss likely to occur -- the financial sort -- was a crime without a face, unless you happened to be a hapless, also somewhat invisible, victim. Known as identity theft, it's the practice of taking over another's financial life that's bilking the system out of millions -- and it shows no signs of stopping. Last year [2000], there were an estimated 500,000 cases annually at an average cost of $17,000 per victim, according to statistics compiled by the Federal Trade Commission. (Bielski, 2001, p. 27)

That number has been on the rise.

Other forms of Identity Theft are bank fraud, phone & utilities fraud, job related misrepresentation, consumer fraud, government documents and benefits fraud. Medicare, Medicaid and other health insurance related fraud is also on the increase. (Alt, 2007, p. 68) Furthermore, once someone has stolen an Identity, the victim usually experiences more than one type of fraud regarding their personal information as the following figure illustrates:

The areas of overlap indicate multiple intrusions of identity theft. Furthermore, 58.9% of all victims experienced the misuse of an existing credit card. A total of 48.6% of victims experienced the misuse of existing accounts other than existing credit card accounts and 21.9% of victims had their personal information used to open a new account or commit some other kind of fraud. 38.1% of all victims the misuse of an existing credit card was the only form of ID theft suffered, and approximately one-third of victims who experienced the misuse of an existing credit card also experienced another type of ID theft. (Federal Trade Commission, 2007 13)

Identity theft, as has been mentioned, is an old crime. Prior to computers and most forms of organized governments and the science of photography, it was also a quite violent crime. Nefarious persons would murder and then assume the identity of their victims, move to another district or country where their victim was not known and use their good name to settle into a new life. As time went on certain forms of ID were standardized, passports adopted, etc. And it became harder to completely impersonate another human being. It could still be done, but with a bit less impunity. In fact Identity Theft is becoming prevalent among the influx of illegal aliens in the United States. Passports and other forms of ID are finding their way into black market vendors who sell them to aliens seeking ingress into other countries

Another issue in identity theft is the problem of the time to discovery of the crime. In many cases the crimes may not be discovered until a great deal of damage has been done. The following chart illustrates the different types of fraud and their subsequent discovery times:

Nearly 40% of all ID theft victims discovered the misuse of their information within one week of the start of the misuse. However, the discovery period was significantly different depending on the type of fraud experienced. Victims in the Existing Credit Cards Only (22%) and the Existing

Non-Credit Card Accounts (21%) categories were about twice as likely as those in the New Accounts & Other Frauds (10%) category to find out about the misuse the day it started. Nearly one-quarter (24%) of New Accounts & Other Frauds victims did not find out about the misuse of their information until at least 6 months after it started - compared to just 3% of Existing Credit Cards Only and Existing Non-Credit Card Accounts victims. Where discovery of the misuse occurred more quickly, victims reported lower out-of-pocket losses and thieves obtained less. (Federal Trade Commission, 2007 p. 23-24)

In his book, Credit Card Nation: The Consequences of America's Addiction to Credit, Robert D. Manning postulates that the rise in Identity Theft is in direct relation to the rise of America as a Credit Card nation. It began as a paradigm shift in the economy of the world began to occur. While the industrial revolution certainly changed the world economy from agriculture to manufacturing as the predominant sector, there was a shift in the twentieth century that shifted the focus from industry to banking and financial products. This became a trend that meant that financing consumption was now a more lucrative business than traditional goods-producing industries. (Manning, 2000, p. 4) With this new mentality, the finance industry would search for more and more ways to introduce new products and services to its consumers. In many ways this also required a change in perspective from the traditional "Puritan Ethic" of the American psyche.

Installment credit was the first to make the scene and initial critics of the system stated "that consumer credit (as a repudiation of Puritan thrift) not only tempted people to sin, it provided the means for sinning as well." (Manning, 2000, p. 3) but as time wore on the consumers needs outweighed their original philosophy and another attitude became prevalent.

A the extension of consumer installment credit historically served to enforce rather than undermine the moral virtue of hard work, budgeting, and saving. This leads to the assertion that increased consumer consumption has served to discourage moral laxity by rewarding strict adherence to installment contracts with additional sources of credit for financing new forms of consumption. (Manning, 2000, p. 3-4)

With this change in consciousness now accomplished a myriad of new ways for consumers to spend money they did not yet have came into being. Paper or Plastic? This query from your local grocery store takes on a whole new perspective when applied to the financial shift taking place by the mid twentieth century.

While paper currency was also a representational form of commercial exchange, it was at least tangible, analogous to wealth and savings. The advent of credit and credit cards made this currency of debt a bit too intangible, digitizing it and creating an appearance of available money to spend, when in fact it was unearned and often came with the high price of interest.

This tangible difference was all part of the paradigm shift in money and economics in the twentieth century. Identity Theft was certainly wrapped up in this shift as well. While someone could feasibly steal your cash by ripping out of your cold dead hand, it was quickly discovered that it was certainly going to be easier to appropriate a credit card in you name to do so without you even knowing about it for some time.

The first items that resembled credit cards were called shopper plates and came into use at department stores, oil companies / gas stations and hotel chains in the 1920's. The first real credit cards were issued thirty years later. In 1950, Diners Club and American Express launched their charge cards in the U.S.A., the first real "plastic money," which could be used in a variety of stores. In 1951, Diners Club issued the first credit card to 200 customers who could use it at 27 restaurants in New York. But it was only until the establishment of standards for the magnetic strip in the 1970's that the credit card became part of the information age. Also rendering it more susceptible to cyber-identity theft.

A more old-fashioned means of identity theft is to steal a purse or wallet. A few years ago, thieves were interested only in the cash inside your wallet; now the most valuable items in your wallet are your Social Security number, ATM card, credit cards, bank checks, and any other items containing your personal information. (Dutta, 2007, p. 3)

The credit card has played a major role as both a regulatory and technological synergist in the transformation of not only banking industry but the entire economy of the world. In some sense credit cards have been a part of globalization efforts making it possible to use funds around the world with a single swipe of the card. Initially it caused a great deal of upheaval as one of the earliest and most successful challenges to many federal regulatory statutes such as interstate banking and so on. It also developed into the ideal product for financial institution in the development of automated consumer banking systems (ATMs).

During the 1980's the banking industry was even able to circumvent the state usury laws, but not for too long. This coupled with a dramatic reduction in national inflation led to the enormous profitability of bank credit cards.

This surplus of profit was strategically allocated to help with the dangerously low capital reserves of many major money center banks in the late 1980s and early 1990s.

Hence, by contributing to the stock appreciation spiral, credit cards helped to sustain the bank merger frenzy of the 1990s that further enhanced the equity position of commercial banks. These trends, along with merger related cost-cutting and escalating bank fees, intensified the industry's diversification pressures that finally demolished the firewalls of federal banking regulation in 1997 and 1998. Bank credit cards played an instrumental role in the transformation of the banking industry, with Citicorp leading the way as can be seen in Table one.. (Manning, 2000, p. 70)

Until recently Identity Theft was difficult to prosecute for a number of reasons. One of the biggest problems is that large companies often refuse to publicize their involvement when someone has hacked into their system and stolen data or damaged programs and information. By Assets ($ billion)

Citicorp

BankAmerica

Chase Manhattan

J.P. Morgan

Banc One

First Union

Wells Fargo

Bankers Trust

Fleet Financial

National City revealing that their systems have been compromised a company may subject itself to a loss of consumer confidence and potentially loose many clients, depending on the product or service they offer. The company may also be subjected to lawsuits from clients who claim that there was no due diligence preformed as regards the security of their information. It is estimated that between twenty-five and fifty percent of all business have experienced some sort of intrusion or breach of security of their computer networks. (Yang & Hoffstadt, 2007, p. 208).

Another reason is the multi-jurisdictional nature of the problem regarding the quite often substantial difference between the location of the crime and the criminal. The crime may be committed upon an individual who resides in the United States while the criminal may be in a completely different part of the world and in a country that has no extradition agreement with the U.S. (Jacobson & Green, 2002, p. 275).

This will of course require cooperation between governments far beyond the usual means in order to facilitate the capture and prosecution of these particular cyber criminals.

There are several fronts that need to be addressed when attempting to prevent and/or prosecute Identity Theft. Businesses themselves need to make the effort to keep their security up-to-date and be willing to prosecute the criminal. Software and hardware manufactures have to work in conjunction with business to help prevent these security breeches and combat an ever increasingly intelligent cyber criminal, individuals must safeguard their information and finally government must be the primary central source for the impetus of all this:

Government involvement is essential to coordinate and assist with the international aspects of cyber-crime, to facilitate standardized security protocols and unfair practices over the Internet, and to prosecute persons who commit the acts legislatures deem harmful enough to make criminal. (Yang & Hoffstadt, 2007, p. 213)

The government is making great strides in constructing laws to address Identity Theft. However, it is difficult to find the appropriate regulatory balance between whether an individual should have a privacy right and, if so, what form this right should take. For instance, cookies are not protected as an intellectual property right of the consumer who is the subject of the information.

Some privacy protection for consumer data may be sought -- "for example, when there is concern over such data being collected and used without the consumer's knowledge or agreement. A potential conflict exists between the social benefits of disclosure (such as the creation of new databases), and an individual's desire to control the further dissemination of consumer information (perhaps out of concern over reputation, a general taste for privacy or autonomy, or the possibility of identity theft). (Thierer and Wayne, 2003, p.164)

One of the largest issues facing both the prevention and detection of identity theft is the fact that for more than half of the victims of identity theft it is unknown how the information was at first obtained. The following pie chart in figure 4 represents this data. Here, interestingly enough, although 56% of the victims did not know how their information was found out, of the 44% that did know, the largest percentage was from people they did know personally at 16%. A more recent entrant in the identity theft genre is phishing. Compromising 1% of the total category, "Phishing occurs when fraudulent e-mails are sent to online users by impersonating Internet service providers (ISPs), merchants, and banks, in an attempt to steal financial information" (Stafford, 2004, p. 201)

Another issue for victims of identity theft was the lack of a satisfactory remedy. If you are the customer of a company that has had a security breach and parceled out your personal information you have some recourse in both the form of statutory as well as common law claims. However, individuals who never intended to become the company's customers or perhaps were never even aware of the company existence lack similar support because a business generally does not owe a non-customer the same duty of care. (Howard, 2005, p. 1264)

One of the most recent strides in this area is the implementation of the Fair and Accurate Credit Transactions Act of 2003 or FACTA. This act was signed into legislation by President Bush in December of 2003. It main goal was to limit the amount of information that an individual exposes to public scrutiny. This includes the compulsory truncation on receipts of credit card number usually listing only the last four digits. It also requires that card issuers investigate any changes of address and new card requests by collecting verification from individuals. There is also increased fraud alert requirements mandated from credit reporting agencies, they are also required to omit any identity theft related information from the credit reports they produce. The most notable function of this legislation is that these reporting agencies supply free annual credit reports to any consumer. Other issues that this statute addresses is that credit reporting agencies divulge consumer credit scores to the consumer involved and it also provides for a vast improvement of the resolution process available to the consumer once they have discovered that identity theft has occurred.

It also includes several measures that limit the sharing of medical information in the financial system. The statute goes along way to improve the protection and rendition available to the consumers in the event of Identity Theft. (Linnhoff, and Langenderfer, 2004, p. 206)

FACTA is aimed at two prongs of the identity theft problem -- reducing the incidence of theft and limiting the impact once theft has occurred. Credit card receipt truncation and change of address protection should help reduce the number of identity theft incidents. The reduction is likely to be small, however, as most credit card companies already have similar measures in place. More effective are FACTA's provisions to limit the damage post-theft. One-call fraud reporting will reduce the burden on victimized consumers as will the credit report blocking and re-pollution measures. (Linnhoff, and Langenderfer, 2004, p. 208)