By: Accident attorney Michael P. Ehline, Esq. After Google Places had merged our business law firm listing with a competitor about 40 miles away, we started researching identity theft. Hence, we created this pretty comprehensive treatise.
Identity theft occurs when another person assumes an individual’s identity. Here, the thief knows how to access financial resources. So they obtain credit and other benefits using the person’s name.
Identity theft makes a victim of the individual. So it is he or she who suffers the adverse consequences of the thief using their credit. Sadly, victims are forced to pay all these costs. Plus, the name, Social Security number, credit card, or bank account number are all exposed without permission. Criminals do this to commit crimes or fraud.
The term identity theft has been used since 1964. Yes, it’s not possible to steal a person’s true identity. But the criminal can impersonate or assume their financial identity to commit fraud. Identity theft and data breaches can be challenging to recognize. After all, in most cases, the victim does not know that anyone else has personal or financial information.
According to the Federal Trade Commission, victims often don’t know how someone stole their information after a data breach. But they also found that identity fraud was not always a consequence of identity theft. After all, someone can steal or misappropriate personal information without committing fraud.
And this can occur when there is a significant data breach. According to a U.S. Government Accountability Office study, most data breaches did not result in detected occurrences of identity theft. But the report did state that the full extent of data breaches is unknown.
An unpublished study by Carnegie Mellon University reported that most cases of identity theft are unknown. But the probability of becoming a victim of data breach identity theft is approximately 2%. One of the most significant data breaches consisted of about 4 million records. And according to the association of consumer information companies, it resulted in approximately 1800 instances of identity theft.
An article entitled “Cyber Crime Made Easy” discussed the level that hackers are using malicious software. Security specialist Gunter Ollmann asked: are you “Interested in credit card theft? There is an app for that.” What he was alluding to is the ease that hackers are accessing information online.
One of the newer programs that are infecting computers is called Zeus, which is hacker-friendly. And this makes it easy to use, even for an unknown hacker. It might be easy to use, but it is devastating for the computer user it affects.
The article said criminals could use Zeus programs to steal credit card information, relevant documents, and those necessary for homeland security use. Hackers gaining this information could not only use it for identity theft but possible terrorist attacks.
The non-profit Identity Resource Center has divided identity theft into five categories, as follows:
Other crimes are funded with ID theft.
Also, identity cloning can be used to attack payment systems. Examples include online credit card processing and medical insurance.
This occurs when an identity thief impersonates another human to conceal their real identity. People that do this could be a person hiding from creditors or other persons. It could be an illegal immigrant or another who wants to become anonymous for personal reasons. Another type of euphemism for this is a “poser.”
A poser is a person that uses another’s photos and information on social networking sites, and they further relay credible stories. And many involve friends of a natural person they are attempting to imitate. One of the other things this type of ID thief does is acquire false credentials that will pass authentication in daily life. And this can continue indefinitely, without detection.
So this is a great question. This theft happens when a thief assumes another’s name to conceal their real identity. So, for example, this is their form of the witness protection program. So let’s say they want to avoid being found by an ex-spouse or partner. And now, this can continue for an indefinite amount of time. And this remains especially true if the person can obtain false credentials in the assumed name that appears authentic.
This type of identity theft has become familiar with the use of characters that are either partially or wholly fictitious. Commonly the way this is done is by using an actual social security number, with a birth date and name that is not attached to this person. The stolen social security number will create adverse credit effects. And this holds concerning any creditor who issues a credit to the thief.
It’s hard to track this type of identity fraud since it does not usually show directly on the natural person’s credit report. And this could even show as a new file at the credit bureau or as a sub-file on the victim’s credit record.
This type of identity theft uses an individual’s name and some of their information to obtain medical care, services, or drugs. The data they may use can include insurance information. The victim has no clue their name or other information is being used.
When this type of event occurs, it can cause the insurance’s real owner to receive improper medical care. This can also lead to a potentially life-threatening medical decision since lowlifes placed incorrect information in the victim’s medical records.
Child identity theft is caused when a criminal steals a minor child’s social security number to gain credit. And it also increases other personal advantages. Of particular interest, the child has no credit history. So this makes this social security number very valuable to the theft that wants to steal it. They can obtain credit, get a driver’s license, and make large purchases, like buying a house, all under the guise that the social security number is their own.
So here, a family member or friend can be the culprit. But it can be done by a stranger that targets children. The fraud can continue undetected for years. After all, the victim is a minor who will not be using their number for years.
According to Carnegie Mellon Cylab, Richard Power discovered that approximately 10.2% of children were identity theft victims using data from All Clear ID. So about 40,000 children had information exposed.
These criminals need to obtain personal information to use another person’s identity to appear authentic. Some of the methods they use people are aware of.
But other methods exist.
The person is often unaware of how naïve they are. So they are careless with their personal information or login information.
Identity thieves count on this. And they can steal information like:
The US Federal Trade Commission, websites, and the Canadian Phone Busters organizations address identity theft. And they and offer recommendations on how to prevent personal information from reaching another person’s hands.
You can partially eliminate identity theft by not using identifying information unnecessarily. IT systems and organizations should not require an excessive amount of personal data for identification and authentication purposes.
The requirement and data storage of personally identifying information such as social security numbers, driver’s license numbers, credit cards, national identification numbers, and other info will increase the risk of identity theft. This theft will keep happening unless adequately stored all the time.
In some cases, the thieves use obituaries, gravestones, and other sources to rip off a deceased person’s identity. They do so between their passing and the closing of their accounts. So this is a combination of a grieving family lacking concentration. And it’s also the credit checking process. Moreover, this type of crime can continue for an undetermined amount of time. And it won’t stop until a family member or credit company notices the events.
Commercial identity theft protection services are available in many countries. For example, they offer protection from an annual or monthly membership fee. How it works is the service will typically set fraud alerts on your credit files. Also, each of the three major credit bureaus gets alerted. These heavily advertised services are helpful. But the actual value has been questioned.
The Federal Trade Commission testified in May of 1998 in front of the United States Senate. There, representatives discussed the sale and use of personal identifiers and Social Security numbers by data miners and credit raters. They agreed to self-regulating by the industry to restrict access to information on credit reports.
The industry restrictions vary according to the category of the customer. This variance exists because credit bureaus gather, disclose personal and credit information on a wide business range. Inadequate security by organizations holding personal data results in unauthorized access. So this places victims at risk of ID theft.
According to Privacy Rights Clearinghouse, they have documented more than 900 data breaches since January 2005 by U.S. government agencies and companies. This breach has involved over 200 million records that contained sensitive personal information. The data included many that had social security numbers.
Most of all, there was a decrease in the number of victims in the United States between 2003 and 2006. This decreased the dollar amount of identity fraud from $47 billion in 2003 to $15.6 billion in 2006. This scam resulted in personal losses of $4,789 in 2003 and $1,882 in losses for 2006.
In the United States, the increase in this crime has led to the enacting of the Identity Theft and Assumption Deterrence Act. In other words, the Federal Trade Commission appeared before the U.S. Senate to discuss FTC crimes. And that meeting happened after the mass exploitation of consumer credit.
How the Exploited Data Was Used:
The Identity Theft Deterrence Act amended U.S. Code Title 18, § 1028. This statute says it is a federal crime to steal an ID. But it’s tricky because the perp must use an ID document issued by the United States. So you have to show the thief intended to defraud the United States. All this gets tried on a federal level if it exists. Get it?
Yes, it’s true. This sentence is outlined in 18 U.S.C. § 1028 and can carry a 5, 15, 20, or 30-year prison sentence in federal prison. Also, § 1028 (aggravated identity theft) permits consecutive sentencing. This act provided the Federal Trade Commission with the authority to track incidences and dollar losses of particular interest.
Their body mainly focuses on consumer financial crimes. And it does not include the full range of all identification crimes. Charges brought by states or local law enforcement agencies will have different penalties than criminal charges on a federal level. It will depend on the state laws, in which each state can differ in its punishments.
California and Wisconsin have created the Office of Privacy Protection. This department helps citizens avoid issues with theft and identity theft recovery. Other states have followed California’s mandatory data breach notification laws. And this has resulted in all companies reporting data breaches to their customers.
Of particular interest, the IRS created the IRS Identity Protection Specialized Unit. Now taxpayer victims of federal tax-related identity theft have recourse. The taxpayer was required to submit Form 14039, which is their Identity Theft Affidavit.