DOCSLIB.ORG

Identity Theft Literature Review

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Identity Theft Literature Review The author(s) shown below used Federal funds provided by the U.S. Department of Justice and prepared the following final report: Document Title: Identity Theft Literature Review Author(s): Graeme R. Newman, Megan M. McNally Document No.: 210459 Date Received: July 2005 Award Number: 2005-TO-008 This report has not been published by the U.S. Department of Justice. To provide better customer service, NCJRS has made this Federally- funded grant final report available electronically in addition to traditional paper copies. Opinions or points of view expressed are those of the author(s) and do not necessarily reflect the official position or policies of the U.S. Department of Justice. This document is a research report submitted to the U.S. Department of Justice. This report has not been published by the Department. Opinions or points of view expressed are those of the author(s) and do not necessarily reflect the official position or policies of the U.S. Department of Justice. IDENTITY THEFT LITERATURE REVIEW Prepared for presentation and discussion at the National Institute of Justice Focus Group Meeting to develop a research agenda to identify the most effective avenues of research that will impact on prevention, harm reduction and enforcement January 27-28, 2005 Graeme R. Newman School of Criminal Justice, University at Albany Megan M. McNally School of Criminal Justice, Rutgers University, Newark This project was supported by Contract #2005-TO-008 awarded by the National Institute of Justice, Office of Justice Programs, U.S. Department of Justice. Points of view in this document are those of the author and do not necessarily represent the official position or policies of the U.S. Department of Justice. i This document is a research report submitted to the U.S. Department of Justice. This report has not been published by the Department. Opinions or points of view expressed are those of the author(s) and do not necessarily reflect the official position or policies of the U.S. Department of Justice. CONTENTS EXECUTIVE SUMMARY .......................................................................................................... iv 1. INTRODUCTION ....................................................................................................................... 1 2. DEFINITION OF IDENTITY THEFT ........................................................................................ 1 3. TYPES OF IDENTITY THEFT................................................................................................... 3 Exploiting Weakness in Specific Technologies and Information Systems ........................ 4 Financial Scams ................................................................................................................. 4 As a motive for other crimes.............................................................................................. 4 Facilitating Other Crimes................................................................................................... 5 Avoiding Arrest.................................................................................................................. 5 Repeat Victimization: “Classic” Identity Theft.................................................................. 5 Organized Identity Theft.................................................................................................... 5 4. EXTENT AND PATTERNING OF IDENTITY THEFT............................................................ 7 Sources of Data and Measurement Issues .......................................................................... 7 Agency Data ........................................................................................................ 7 Research Studies................................................................................................ 11 Anecdotes .......................................................................................................... 13 The Extent of Identity Theft............................................................................................. 13 Distribution in the U.S. .................................................................................................... 19 Geographic patterns ........................................................................................... 19 Offense-specific patterns ................................................................................... 20 Victims ........................................................................................................................... 21 Victim demographics......................................................................................... 22 Children as victims ............................................................................................ 22 Deceased as victims ........................................................................................... 23 Institutional victims ........................................................................................... 24 The elderly as victims ........................................................................................ 25 Repeat victimization .......................................................................................... 25 Offenders.......................................................................................................................... 26 Offender typology.............................................................................................. 26 Organizations as offenders................................................................................. 27 Relationship between victims and offenders.................................................................... 27 5. THE COST OF IDENTITY THEFT .......................................................................................... 30 Financial costs: Businesses .............................................................................................. 31 Financial costs: The criminal justice system.................................................................... 32 Financial costs: Individuals.............................................................................................. 34 Personal costs (non-financial) .......................................................................................... 35 Societal costs.................................................................................................................... 37 6. EXPLAINING IDENTITY THEFT: THE ROLE OF OPPORTUNTIY ................................... 38 Identity and its Authentication as the Targets of Theft .................................................... 39 Identity as a “Hot Product” .............................................................................................. 40 Exploiting Opportunities: Techniques of Identity Theft .................................................. 43 How offenders steal identities............................................................................ 43 How offenders use stolen identities ................................................................... 46 Why Do They Do It?........................................................................................................ 46 Concealment ...................................................................................................... 46 Anticipated rewards ........................................................................................... 46 A note on motivation ......................................................................................... 46 NEWMAN AND McNALLY ii This document is a research report submitted to the U.S. Department of Justice. This report has not been published by the Department. Opinions or points of view expressed are those of the author(s) and do not necessarily reflect the official position or policies of the U.S. Department of Justice. CONTENTS (Continued) 7. THE LAW ENFORCEMENT RESPONSE TO IDENTITY THEFT........................................ 47 Reporting and Recording of Identity Theft ...................................................................... 47 Harm Reduction ............................................................................................................... 49 Effective police response ................................................................................................. 49 Task Forces and Cross Jurisdictional Issues .................................................................... 51 State efforts to address the cross-jurisdictional issues ....................................... 52 Federal efforts to address the cross-jurisdictional issues ................................... 53 Attorney General’s Council on White Collar Crime Subcommittee on Identity Theft ................................................................... 54 The Know Fraud initiative ............................................................................................... 54 The FTC’s Efforts ............................................................................................................ 54 Investigation and Prosecution .......................................................................................... 56 State investigation and prosecution.................................................................... 57 Federal investigation and prosecution................................................................ 60 Sentencing and Corrections ............................................................................................
Load more

Recommended publications
  • Chapter 210-B. NOTICE of RISK to PERSONAL DATA
    MRS Title 10, Chapter 210-B. NOTICE OF RISK TO PERSONAL DATA CHAPTER 210-B NOTICE OF RISK TO PERSONAL DATA §1346. Short title This chapter may be known and cited as "the Notice of Risk to Personal Data Act." [PL 2005, c. 379, §1 (NEW); PL 2005, c. 379, §4 (AFF).] SECTION HISTORY PL 2005, c. 379, §1 (NEW). PL 2005, c. 379, §4 (AFF). §1347. Definitions As used in this chapter, unless the context otherwise indicates, the following terms have the following meanings. [PL 2005, c. 379, §1 (NEW); PL 2005, c. 379, §4 (AFF).] 1. Breach of the security of the system. "Breach of the security of the system" or "security breach" means unauthorized acquisition, release or use of an individual's computerized data that includes personal information that compromises the security, confidentiality or integrity of personal information of the individual maintained by a person. Good faith acquisition, release or use of personal information by an employee or agent of a person on behalf of the person is not a breach of the security of the system if the personal information is not used for or subject to further unauthorized disclosure to another person. [PL 2009, c. 161, §1 (AMD); PL 2009, c. 161, §5 (AFF).] 2. Encryption. "Encryption" means the disguising of data using generally accepted practices. [PL 2005, c. 379, §1 (NEW); PL 2005, c. 379, §4 (AFF).] 3. Information broker. "Information broker" means a person who, for monetary fees or dues, engages in whole or in part in the business of collecting, assembling, evaluating, compiling, reporting, transmitting, transferring or communicating information concerning individuals for the primary purpose of furnishing personal information to nonaffiliated 3rd parties.
    [Show full text]
  • Dod Enterpriseidentity, Credential, and Access Management (ICAM)
    UNCLASSIFIED DoD Enterprise Identity, Credential, and Access Management (ICAM) Reference Design Version 1.0 June 2020 Prepared by Department of Defense, Office of the Chief Information Officer (DoD CIO) DISTRIBUTION STATEMENT C. Distribution authorized to U.S. Government agencies and their contractors (Administrative or Operational Use). Other requests for this document shall be referred to the DCIO-CS. UNCLASSIFIED UNCLASSIFIED Document Approvals Prepared By: N. Thomas Lam IE/Architecture and Engineering Department of Defense, Office of the Chief Information Officer (DoD CIO) Thomas J Clancy, COL US Army CS/Architecture and Capability Oversight, DoD ICAM Lead Department of Defense, Office of the Chief Information Officer (DoD CIO) Approved By: Peter T. Ranks Deputy Chief Information Officer for Information Enterprise (DCIO IE) Department of Defense, Office of the Chief Information Officer (DoD CIO) John (Jack) W. Wilmer III Deputy Chief Information Officer for Cyber Security (DCIO CS) Department of Defense, Office of the Chief Information Officer (DoD CIO) ii UNCLASSIFIED UNCLASSIFIED Version History Version Date Approved By Summary of Changes 1.0 TBD TBD Renames and replaces the IdAM Portfolio Description dated August 2015 and the IdAM Reference Architecture dated April 2014. (Existing IdAM SDs and TADs will remain valid until updated versions are established.) Updates name from Identity and Access Management (IdAM) to Identity, Credential, and Access Management (ICAM) to align with Federal government terminology Removes and cancels
    [Show full text]
  • Are the Current Computer Crime Laws Sufficient Or Should the Writing of Virus Code Be Prohibited?
    Fordham Intellectual Property, Media and Entertainment Law Journal Volume 18 Volume XVIII Number 3 Volume XVIII Book 3 Article 8 2008 Are the Current Computer Crime Laws Sufficient or Should the Writing of Virus Code Be Prohibited? Robert J. Kroczynski Fordham University School of Law Follow this and additional works at: https://ir.lawnet.fordham.edu/iplj Part of the Entertainment, Arts, and Sports Law Commons, and the Intellectual Property Law Commons Recommended Citation Robert J. Kroczynski, Are the Current Computer Crime Laws Sufficient or Should theriting W of Virus Code Be Prohibited?, 18 Fordham Intell. Prop. Media & Ent. L.J. 817 (2008). Available at: https://ir.lawnet.fordham.edu/iplj/vol18/iss3/8 This Note is brought to you for free and open access by FLASH: The Fordham Law Archive of Scholarship and History. It has been accepted for inclusion in Fordham Intellectual Property, Media and Entertainment Law Journal by an authorized editor of FLASH: The Fordham Law Archive of Scholarship and History. For more information, please contact [email protected]. Are the Current Computer Crime Laws Sufficient or Should theriting W of Virus Code Be Prohibited? Cover Page Footnote Alexander Southwell, Shari Sckolnick This note is available in Fordham Intellectual Property, Media and Entertainment Law Journal: https://ir.lawnet.fordham.edu/iplj/vol18/iss3/8 KROCZYNSKI_022508_FINAL 2/25/2008 7:20:52 PM Are the Current Computer Crime Laws Sufficient or Should the Writing of Virus Code Be Prohibited? Robert J. Kroczynski* INTRODUCTION .............................................................................818 I. BACKGROUND OF CYBERCRIME AND VIRUSES........................820 A. DEFINITION OF VIRUSES AND TECHNICAL DESCRIPTIONS ....822 1.
    [Show full text]
  • Insert Reps Name
    Version 1.1 2019 TPO Approval Checklist For Consumer and Business Purpose Loans ***(This Broker Package is for Brokers who will be Brokering Consumer Purpose Loans, Commercial Real Estate Loans or Residential Business Purpose Loans)*** NO ALTERATIONS, MODIFICATIONS OR AMENDMENTS ARE ACCEPTED TO THIS AGREEMENT. Where to Send Completed Package - Please provide the following items indicated below to process the review of your Third Party Origination (“TPO”) application. Please submit all forms fully completed and in proper form to the following email address: Should you have any questions please contact your Athas Capital Group Wholesale Account Executive (“AE’): If you are not currently assigned or do not have an established relationship with an Athas Capital Group AE please call 877.877.1477 and ask to speak to one of our dedicated in house AEs. Athas Capital Group’s AE that Represents Your Account: _____________________________________________________________________ 1) TPO Company Description 2) TPO Disclosures 3) Non Tolerance Disclosure Regarding Mortgage Fraud 4) TPO Broker Agreement 5) Copies of Licenses from the respective Regulatory Agencies and the Nationwide Mortgage Licensing System (“NMLS”) for all states TPO intends to conduct business in with Athas Capital. Expired licenses will delay the processing of your package. 6) Company Contact List to include all Mortgage Loan Originators with Individual NMLS Identifiers, Sales Managers and Loan Processors. 7) Note: We do NOT require financial information or credit analysis on the
    [Show full text]
  • Privacy and Publicity: the Two Facets of Personality Rights
    Privacy and publicity Privacy and publicity: the two facets of personality rights hyperbole. In this context, personality In this age of endorsements and rights encompass the “right of privacy”, tabloid gossip, famous people which prohibits undue interference in need to protect their rights and a person’s private life. In addition to coverage in the media, reputations. With a growing number images of celebrities adorn anything from of reported personality rights cases, t-shirts, watches and bags to coffee mugs. India must move to develop its This is because once a person becomes legal framework governing the famous, the goods and services that he or commercial exploitation of celebrity she chooses to endorse are perceived to reflect his or her own personal values. By Bisman Kaur and Gunjan Chauhan, A loyal fan base is a captive market for Remfry & Sagar such goods, thereby allowing celebrities to cash in on their efforts in building up Introduction a popular persona. Intellectual property in India is no longer Unfortunately, a large fan base is a niche field of law. Stories detailing also seen by unscrupulous people as an trademark infringement and discussing opportunity to bring out products or the grant of geographical indications services that imply endorsement by an routinely make their way into the daily individual, when in fact there is no such news headlines. From conventional association. In such cases the individual’s categories of protection such as patents, “right of publicity” is called into play. trademarks, designs and copyright, IP laws The right of publicity extends to every have been developed, often by judicial individual, not just those who are famous, innovation, to encompass new roles and but as a practical matter its application areas of protection.
    [Show full text]
  • Identity Theft Harms Millions of Americans Every Year. Breaches of Personally Identifiable Information (PII) Across the Governme
    Safeguarding & Handling PI1 Each DOE employee and contractor needs to be aware of their responsibility to- b Encrypt personal information sent via email b protect personal information, b Label Privacy Act protected records "OFFICIAL USE ONLY - PRIVACY ACT b avoid unauthorized disclosures, DATA" b ensure that no records are maintained without Identity theft harms millions of Americans every b Do not collect personal information without proper public notice in the Federal Register, and year. Breaches of personally identifiable information proper authority, and only the minimum (PII) across the government have been well b report immediately, whether confirmed or necessary for carrying out the mission of DOE publicized and costly for individuals and Federal suspected, any breach or misuse of PII. agencies. These breaches have prompted the b Do not place Privacy Act protected data on Administration and Congress to take action to unrestricted shared drives, intranets, or the improve the protection of personal information. Internet For more information on Privacy and protecting PII, refer to DOE Order 206. I, Department of Energy b Report any loss or unauthorized disclosure of As Department of Energy employees and Privacy Program, located on the DOE Directives personal data immediately to your supervisor, contractors, you have a responsibility to protect all website: http://directives.doe.gov/ PII. DOE Order 206. I, Department of Energy Privacy program manager, Information System Security Program, defines PI1 as "any information collected or Manager, or Privacy Act Officer Questions should be referred to your supervisor, your local Privacy Act Officer, or the Privacy Office maintained by the Department about an individual, b Lock your computer whenever you leave your including but not limited to, education, financial at (202) 586-5955.
    [Show full text]
  • Federal Income Tax Returns--Confidentiality Vs
    Federal Income Tax Returns--Confidentiality vs. Public Disclosure* by Boris I. Bittker* * I. INTRODUCTION This article will examine the relationship between the individual's interest in privacy, reflected in such recent statutes as the Privacy Act of 1974, I and the public's right to know, which underlies legislation like the Freedom of Information Act. 2 The subject is of intrinsic impor­ tance, but it is particularly appropriate for an article in this lecture se­ ries, since privacy3 and disclosure4 were values of special interest to Justice Douglas. Neither the individual's right to privacy5 nor the pub­ lic's right to know6 is explicitly protected by the Constitution, but both do have constitutional overtones, and both are protected by various statutory provisions. Using federal income tax returns as the centerpiece of the discus­ sion, I propose to show how privacy and disclosure can come into con­ flict-a possibility that has been insufficiently recognized by the courts and the commentators. The leading treatise on political and civil rights,7 for example, treats the two subjects in separate chapters with virtually no acknowledgement that they are related, let alone that they • Copyright 1981 by Boris I. Bittker. •• Sterling Professor of Law. Yale University. This article is the modified text of a speech delivered at the Fifth Annual William O. Douglas Lecture Series. October 30. 1980. I. Pub. L. No. 93-579, § 3, 88 Stat. 1897 (amended 1975 & 1977) codified at 5 U.S.C § 552a (1976». 2. Pub. L. No. 89-554, 80 Stat. 383 (1966) (amended 1967, 1974, 1976 & 1978) (codified at 5 U.S.C § 552 (1976».
    [Show full text]
  • AI, Robots, and Swarms: Issues, Questions, and Recommended Studies
    AI, Robots, and Swarms Issues, Questions, and Recommended Studies Andrew Ilachinski January 2017 Approved for Public Release; Distribution Unlimited. This document contains the best opinion of CNA at the time of issue. It does not necessarily represent the opinion of the sponsor. Distribution Approved for Public Release; Distribution Unlimited. Specific authority: N00014-11-D-0323. Copies of this document can be obtained through the Defense Technical Information Center at www.dtic.mil or contact CNA Document Control and Distribution Section at 703-824-2123. Photography Credits: http://www.darpa.mil/DDM_Gallery/Small_Gremlins_Web.jpg; http://4810-presscdn-0-38.pagely.netdna-cdn.com/wp-content/uploads/2015/01/ Robotics.jpg; http://i.kinja-img.com/gawker-edia/image/upload/18kxb5jw3e01ujpg.jpg Approved by: January 2017 Dr. David A. Broyles Special Activities and Innovation Operations Evaluation Group Copyright © 2017 CNA Abstract The military is on the cusp of a major technological revolution, in which warfare is conducted by unmanned and increasingly autonomous weapon systems. However, unlike the last “sea change,” during the Cold War, when advanced technologies were developed primarily by the Department of Defense (DoD), the key technology enablers today are being developed mostly in the commercial world. This study looks at the state-of-the-art of AI, machine-learning, and robot technologies, and their potential future military implications for autonomous (and semi-autonomous) weapon systems. While no one can predict how AI will evolve or predict its impact on the development of military autonomous systems, it is possible to anticipate many of the conceptual, technical, and operational challenges that DoD will face as it increasingly turns to AI-based technologies.
    [Show full text]
  • The Unnecessary Crime of Conspiracy
    California Law Review VOL. 61 SEPTEMBER 1973 No. 5 The Unnecessary Crime of Conspiracy Phillip E. Johnson* The literature on the subject of criminal conspiracy reflects a sort of rough consensus. Conspiracy, it is generally said, is a necessary doctrine in some respects, but also one that is overbroad and invites abuse. Conspiracy has been thought to be necessary for one or both of two reasons. First, it is said that a separate offense of conspiracy is useful to supplement the generally restrictive law of attempts. Plot- ters who are arrested before they can carry out their dangerous schemes may be convicted of conspiracy even though they did not go far enough towards completion of their criminal plan to be guilty of attempt.' Second, conspiracy is said to be a vital legal weapon in the prosecu- tion of "organized crime," however defined.' As Mr. Justice Jackson put it, "the basic conspiracy principle has some place in modem crimi- nal law, because to unite, back of a criniinal purpose, the strength, op- Professor of Law, University of California, Berkeley. A.B., Harvard Uni- versity, 1961; J.D., University of Chicago, 1965. 1. The most cogent statement of this point is in Note, 14 U. OF TORONTO FACULTY OF LAW REv. 56, 61-62 (1956): "Since we are fettered by an unrealistic law of criminal attempts, overbalanced in favour of external acts, awaiting the lit match or the cocked and aimed pistol, the law of criminal conspiracy has been em- ployed to fill the gap." See also MODEL PENAL CODE § 5.03, Comment at 96-97 (Tent.
    [Show full text]
  • PERSONAL and SOCIAL IDENTITY: SELF and SOCIAL CONTEXT John C. Turner, Penelope J. Oakes, S. Alexander Haslam and Craig Mcgarty D
    PERSONAL AND SOCIAL IDENTITY: SELF AND SOCIAL CONTEXT John C. Turner, Penelope J. Oakes, S. Alexander Haslam and Craig McGarty Department of Psychology Australian National University Paper presented to the Conference on "The Self and the Collective" Department of Psychology, Princeton University, Princeton, NJ, 7-10 May 1992 A revised version of this paper will appear in Personality and Social Psychology Bulletin Special Issue on The Self and the Collective Professor J. C. Turner Department of Psychology GPO Box 4, ANU Canberra, ACT 2601 Australia Tel: 06 249 3094 Fax: 06 249 0499 Email: [email protected] 30 April 1992 2 Abstract Social identity and self-categorization theories provide a distinctive perspective on the relationship between the self and the collective. They assume that individuals can and do act as both individual persons and social groups and that, since both individuals and social groups exist objectively, both personal and social categorical self-categorizations provide valid representations of self in differing social contexts. As social psychological theories of collective behaviour, they take for granted that they cannot provide a complete explanation of the concrete social realities of collective life. They define their task as providing an analysis of the psychological processes that interact with and make possible the distinctive "group facts" of social life. From the early 1970s, beginning with Tajfel's research on social categorization and intergroup discrimination, social identity theory has explored the links between the self- evaluative aspects of social'identity and intergroup conflict. Self-categorization theory, emerging from social identity research in the late 1970s, made a basic distinction between personal and social identity as differing levels of inclusiveness in self-categorization and sought to show how the emergent, higher-order properties of group processes could be explained in terms of a functional shift in self-perception from personal to social identity.
    [Show full text]
  • Mass Surveillance
    Thematic factsheet1 Update: July 2018 MASS SURVEILLANCE The highly complex forms of terrorism require States to take effective measures to defend themselves, including mass monitoring of communications. Unlike “targeted” surveillance (covert collection of conversations, telecommunications and metadata by technical means – “bugging”), “strategic” surveillance (or mass surveillance) does not necessarily start with a suspicion against a particular person or persons. It has a proactive element, aimed at identifying a danger rather than investigating a known threat. Herein lay both the value it can have for security operations, and the risks it can pose for individual rights. Nevertheless, Member States do not have unlimited powers in this area. Mass surveillance of citizens is tolerable under the Convention only if it is strictly necessary for safeguarding democratic institutions. Taking into account considerable potential to infringe fundamental rights to privacy and to freedom of expression enshrined by the Convention, Member States must ensure that the development of surveillance methods resulting in mass data collection is accompanied by the simultaneous development of legal safeguards securing respect for citizens’ human rights. According to the case-law of the European Court of Human Rights, it would be counter to governments’ efforts to keep terrorism at bay if the terrorist threat were substituted with a perceived threat of unfettered executive power intruding into citizens’ private lives. It is of the utmost importance that the domestic legislation authorizing far-reaching surveillance techniques and prerogatives provides for adequate and sufficient safeguards in order to minimize the risks for the freedom of expression and the right to privacy which the “indiscriminate capturing of vast amounts of communications” enables.
    [Show full text]
  • The Impact of Digital Advancement in Banking Industry Marketing: the Case of Indonesia
    Proceeding Book of The 4th ICMEM 2019 and The 11th IICIES 2019, 7-9 August 2019, Bali, Indonesia ISBN: 978-623-92201-0-5 THE IMPACT OF DIGITAL ADVANCEMENT IN BANKING INDUSTRY MARKETING: THE CASE OF INDONESIA Handy Andriyas, Batara Maju Simatupang, and Kevin Bastian Sirait aFaculty of Economics, Parahyangan Catholic University bMagister Management, Post-Graduate Program, STIE Indonesia Banking School Email: [email protected] Abstract. This article investigates the impact of digital and technological advancement in the Indonesian banking industry based on the perspective of marketing. The application of technology in the marketing field enables the banks to gain a competitive advantage in introducing their product to the potential and current customers. On the other hand, these benefits are also exposing the banks' and its customer to the marketing fraud risk. To find the impact of digital and information technology (IT) utilization with the addition of marketing fraud risk, the questionnaire in this research is answered by the directors of the banks' that are classified to the Book 4 category in Indonesia. The linear regression analysis is implemented to find the relationship between the utilization of IT and marketing fraud risk to the impact of technological and digital advancement. Based on the analysis conducted in this research, it is found that the advancement of digital and technological advancement has a positive relationship with marketing fraud risk and IT utilization by the banks, and it is also found that marketing fraud risk may also increase if the banks increase their utilization on IT in regards to introducing their product to the current and potential customer.
    [Show full text]