1

Identity Theft: Past, Present, Future Michael McMahon #1015041 The Criminal Justice Process

Identity theft as defined by Merriam-Websters Dictionary is the illegal use of someone else's personal information in order to obtain money or credit (2009). The laws of the state of Illinois have a similar definition, yet they are even more detailed and cover a multitude of scenarios including the transfer of information or even the use of someone elses information without legal authority whether or not another crime was committed with that information (Illinois General Assembly). In essence this crime involves pretending that you are someone you are not and using their rightful information for your financial gain. This is a crime that has exploded in notoriety and exposure in recent years but it is a crime that has been around for a long time, it has just seen a shift in how it has been carried out as technology has changed and criminals have evolved to capitalize on this. In years past identity theft was a crime of financial gain yet started with murder. In the years before computers, regulated, standardized identifications with pictures and quick reliable communications, criminals would simply kill their victim and take over their life (Anderson, 2006). Their name, their lifestyle and their money would all be utilized by the offender who would act as a sort of chameleon and live as their victim. This method of identity theft is clearly seen in the 1955 novel, The Talented Mr. Ripley. In Highsmiths book, Tom Ripley is sent to Italy to bring back Dickie Greenleaf, a playboy living abroad and without responsibility on his familys money and whose lifestyle is envied by Ripley. Ripley plots and executes Greenleafs murder, then uses Greenleafs name to live off of his money and creates a fake will purportedly drafted by Dickie in which he leaves all of his money to Ripley (Highsmith,

1955). While a rather extreme and dramatic version of this crime, it captures the manner in which early identity thieves would steal their victims name, life and money. As mentioned before the changes in technology have changed the way in which identity thieves have operated. The telephone has become another tool in the criminals toolbox for committing identity theft. As a general rule people tend to be trusting and hopeful and these thieves have capitalized on these characteristics to enable them to steal information and use it for their own gain. Identity thieves have used telephone calls to victims pretending to be from a lottery or other prize distributing service and told their victim that they need some information from them to verify the winners information so that they can process and give them their prize. The problem is that the victim will give out this information on the phone and wait and wait for a prize the does not exist. In the meantime the criminal has used their information to open lines of credit or withdraw funds in their name (Anderson, 2006). A mess that can ruin their financial well being and take them years to fix. Another way in which identity thieves can obtain information is through a technique known as dumpster diving. This is just what it sounds like. Criminal will actually go through peoples garbage looking for sensitive information that may have seemed like garbage and been carelessly throw in the trash. Just like telephone scams the criminal, once he has pulled the information from the trash in your can, will take that information and put it to good use. Credit accounts will be quickly maxed out, new credit accounts will be established in the victims name and even more elaborate scams such as mortgages in another name can be executed. Imagine checking your credit report and finding out that you own a half million dollar home in Seattle and have a mortgage that you know nothing about, let alone the three

credit cards that you never opened. These thieves can also obtain your information by simple thefts of a wallet or purse. We all carry sensitive information in our wallets and purses and losing this allows an identity thief the perfect opportunity to access this information. The next time you hear of someone having their purse or wallet stolen you must ask yourself, was this a simple theft of a wallet and the cash in it or was it a theft for the purpose of obtaining someones drivers license or other information? Finally we come to the internet, the means that has made identity theft the fastest growing crime in the United States over the last few years (Kinsey, 2006). No longer does the sophisticated and smart criminal have to leave his house. No longer does he have to stick his face in a pile of rotten fruit to get vital financial and personal information about you, he can sit back on his couch, open a cold one and with the speed of hitting the send button execute a scam to gather information on hundreds of people in an instant. This is the modern thief. Why take the risk of pulling a gun on someone on the street for a few hundred dollars when you can steal tens of thousands from a bunch of people? Unlike a stick-up there are no real witnesses and unfortunately fewer law enforcement agencies that have a handle on these crimes and how to investigate them. The internet has created the near perfect crime (Guyer). There are a number of ways that these criminals steal information using technology. Phishing, key loggers, and online resources are three major ways that identity thieves access and obtain the information they need to steal our identities and profit from it. Phishing is a means of committing identity theft that preys on the trusting nature of people, especially when confronted by what appears to be official looking documents or e-mails. A common way of executing this scam involves sending out thousands of official looking emails to

America Online account holders. In the email the criminal will explain that they are updating account information and that in order to verify the holders information and account status they need some information. They will ask for name, birthday, address and either a social security number or credit card number. This message will be complete with AOL logos which add an air of legitimacy to the message. Unfortunately the unsuspecting victim will think that this is a real email from AOL and fill out the information. They will then click on the .button that says send and unbeknownst to them they will send the information not to AOL as they think, but to a criminal across the United States or even the world who has cleverly duped the victim into revealing information that they can use to steal the victims identity. They can send this phony message to thousands of people in seconds and even if only a fraction of them fall for it, they have gained access to all sorts of valuable information. Another way that a criminal can steal information through computers is through the use of a key logger. This is a simple device that connects from a keyboard and a computer and is no bigger than a quarter. This theft enabling device records every keystroke that is made from that keyboard allowing the thief to then download that information into a computer. Imagine the loss if just one of these devices was placed on a computer in a bank or college registrars office. Finally online resources can provide identity thieves with almost limitless access to the personal information people across the United States. Sites such as Accurint and Entersect as well as a site as simple as Google contain information regarding a persons name, birthday, even their social security number. While these sites do charge a fee, what is spending seven dollars for a full report from Accurint when you are gaining access to all of that persons information, allowing you to

open credit cards or even purchase a house using that persons information as your own (Guyer)? While traditionally we see identity thieves stealing a persons information for financial gain, this is only one type of identity theft that is out there. As identified by Kinsey, there are five different types of identity theft, character identity theft, Social Security identity theft, medical identity theft, drivers license identity theft, and finally credit or financial identity theft. Character identity theft involves using a victims information after they have been arrested for a crime. The real offender avoids having the crime linked to him and the true victim has to deal with warrants being issued when the real offender fails to appear for court. This means that the victim may get arrested and jailed while awaiting fingerprint records to clear them and then need to spend hours in court trying to explain the situation to a judge. Unfortunately this process may happen over and over again. A similar process happens with drivers license identity theft where the criminal uses the victims information when getting cited for traffic violations. This can cause the real victim to have their license suspended or revoked or warrants being issued for them when the real violator doesnt show up in court. Medical identity theft allows an offender to receive medical benefits from insurance or public medical assistance using someone elses information. This hurts the victim in that they may be held accountable for deductibles for medical services performed as well as using up finite medical benefits rightly deserved by the victim. Social security identity theft is using a persons legally issued social security number illegally in order to work. While this does not directly steal money from the victim, it can leave the victim accountable for any taxes that are due as well as impacting unemployment benefits that are rightfully due to the victim. This scam

is usually discovered when the victim begins receiving W-2 forms in the mail from a company or companies that they have never worked for in a state half way across the country. The last and most widely known form of identity theft is financial identity theft.

This type of identity theft occurs when the offender uses a victims personal information to open credit cards or credit accounts, access bank or other financial accounts and in some high end scams, even purchasing homes or other property (Kinsey, 2006). The numbers involved in identity theft are staggering. Nationwide this crime has taken off, expanding rapidly as criminals have discovered the ease and scale that this crime can be carried out. As long ago as 2003 the Federal Trade Commission [FTC] reported that they were receiving over one thousand complaints related to identity theft a week and estimated annual losses to banks as roughly eight billion dollars a year (ID Theft May, 2003). These numbers and their impact have not really improved over the past seven years either. Federal Trade Commission statistics for 2004 revealed that four out of every ten complaints relating to frauds involved identity thefts. These complaints display clearly that while there are other types of identity theft, financial identity theft is the most prevalent. Of these complaints in 2004, credit card related crimes accounted for one third of them, fraudulently obtained utilities was about twenty percent and identity thefts relating to banks made up another roughly twenty percent. Just these three types of financial identity theft alone accounted for nearly seventy percent of all identity theft related complaints lodged with the FTC (Piazza, 2005). A Bureau of Justice Statistics survey in 2005 attempted to shed light on hard date pertaining to identity theft and how widespread it has become. Unlike may crimes that disproportionately affect lower class communities, this study found that those making

more than $75,000 a year were twice as likely to become the victims of identity theft as opposed to those making less than $50,000 a year. Obviously if you are going to use someone elses financial information it makes sense to use someone who has a higher income, yielding greater spending power or higher credit limits. Another shocking statistic was that over one million people reported the theft or unauthorized use of financial accounts other than credit card frauds with another one million reporting that someone had used their information, including social security numbers without their consent (Identity Theft, 2006). Another source of hard data as it pertains to identity theft comes from a 2006 identity theft survey, again carried out by the FTC. Based on their survey results over eight million people were the victims of identity theft, however estimates put this total at closer to ten million. Just victims who reported the misuse of their existing credit card information accounted for over three million people. These numbers reflect the sad truth that nearly four out of every hundred people is the victim of some type of identity theft (Federal Trade Commission, 2007). Although these numbers are disheartening, there is reason to think that statistics are headed in the right direction. Based on surveys conducted in both 2005 and 2006, there is evidence that monetary losses are declining. In 2005 American consumers lost approximately $55 billion dollars to identity theft while in 2006 consumer losses fell to $49 billion dollars, a drop of over ten percent (Leyden, 2007). Even with this drop it is still a staggering dollar figure, and those figures fail to represent the time and aggravation that being victimized can cause. While a dollar figure can be put on the actual loss by consumers there is no way to quantify the heartache and stress goes along with this crime.

Identity theft, like any other crime will never go away (ID Theft May, 2003). That being said there are things that individuals can do to lessen their chances of being a victim. One of the biggest things a consumer can do is be more protective of their personal information. While we throw out receipts and old credit card statements thinking that they are just trash, to the identity thief documents like this are a means to access your account or other financial information. This also pertains to businesses or other places that routinely ask for your social security number. Except in a few instances there is no obligation for a person to reveal their social security number. Therefore people should be wary of revealing that information in a public setting where a person near them could overhear and potentially misuse that information. Running yearly credit checks through the three major credit bureaus is another smart thing a person can do to avoid being victimized. This should help a consumer by allowing them to catch fraudulently opened accounts, file fraud claims with the reporting businesses and file a police report. Another way to help combat identity theft is by becoming more suspicious of and aware of internet scams. People who are more computer aware know that AOL will never send out a message soliciting for your personal information, yet those who are more trusting or not as internet aware may not see these phishing emails for what they really are (Guyer). In a nutshell the biggest thing is for consumers to be more vigilant. We would never think to leave our doors unlocked at night, walk down a dark alley or leave our keys in our car with it running and the door open but may expose our personal information without even realizing it. It is up to us as consumers to be as vigilant with our personal information as we are with other aspects of our day to day lives.

10

Over the years there have been two major problems with combating identity theft from a legal perspective. Law enforcement has run into an issue of jurisdiction, if the victim lives in one place and the offender uses their information in another, who has jurisdiction to investigate this crime? Another legal issue related to this is the legal definition of identity and theft. Usually theft involves some sort of monetary loss however some forms of identity theft involve no actual monetary loss such as character identity theft. Under this definition a criminal could successfully steal and use hundreds of peoples information without fear of prosecution. It was these types of legal issues that seem to have been addressed when the State of Illinois wrote their statute that governs this criminal offense. The issue of jurisdiction is always a tricky one involving crimes of this nature. When you have a crime that is so easily carried out from a remote location or may involve using someones information hundreds of miles from their home it can easily be a case of hot potato, each agency passing the victim to the other because there is no one clear cut location that the crime occurred. Is it where the information was stolen from or where it was used? In the Illinois statute for identity theft section 16G-30 clearly illustrates that a person that reasonably believes that their information was stolen may initiate a report where they live. It further allows the agency that initiates this report to follow through with an investigation, regardless of where the offender may have used the information (Illinois General Assembly). While there is a little bit of leeway for an agency to pass the buck to the other by having language that states that the agency that initiates the report may refer it to the agency where the offender used the information, making it an option opens the door for an investigation to occur where the victim lives, thus lessening the burden on him or her. This arose when

11

a victim would discover that their information had been used in eight places in three counties. Under the old statute they would have to go around to each department filing a separate report making such reporting sometimes a bigger burden that it may have seemed worth it. Another thing that was aimed at combating identity theft over the last few years was the aggressive involvement of the Attorney General Lisa Madigan, in having her office act as a sort of centralized clearinghouse for identity theft. Her agency was the first in the nation to set up a hotline for identity theft. This would allow victims to provide information and police agencies a way to coordinate their efforts and learn of cases involving the same offenders or look for common threads between victims. Her office has also worked to make penalties harsher for identity thieves while also providing vital education to the public regarding identity theft and what they can do to protect themselves (Illinois Launches First, 2006). Another legal element of the Illinois statute is how it defines identity theft. While it obviously highlights and makes it an element of the offense the use of anothers information to obtain credit or money or to carry out a theft it also makes it a felony simply to use someone elses personal information without legal authority (Illinois General Assembly). This would close a loophole for the criminal that uses someones social security number for employment purposes. They have obviously used someone elses social security number without authority thus they have committed identity theft. The same would be true for the person that provides anothers information when arrested or stopped by the police. They have not obtained any money or goods with this information but they have used the information of another without lawful authority. While unfortunately not all incidents are charged as they should be according to the letter of the law by the prosecuting

12

attorneys the available laws are there to arrest and charge the criminals carrying out these crimes as well hopefully acting as a deterrent to at least some others that would consider committing this crime. As can be seen from this paper identity theft is a complex and multi faceted crime that is taking place around the world as we speak. It is so widespread that the Illinois Attorney Generals Office estimated that in 2005 11,000 residents were victims of identity theft (Illinois Launches First, 2006). That works out to roughly two hundred victims a week every week just in Illinois and that is just an estimate. The increased sophistication of the offenders and the means of carrying out their scams make all of us targets. As was seen in an FBI study it is a crime that we are more likely to be victims of the more prosperous we are, quite a reverse from many crimes. It is a crime that is difficult to prosecute and sometimes difficult for the victim to even know that they have been a victim of. While this may seem bleak hopefully through the use of aggressive policies and statutes as well as the cooperation and coordination of law enforcement, citizens, businesses and government it is a crime that can be suppressed and made less profitable and more difficult to carry out.

13

Works Cited Anderson, Max. (2006). The Ugly History of Identity Theft. Retrieved March 30, 2009, from http://www.identitytheftfixes.com/the_ugly_history_of_identity_theft.html. Anonymous. (2008). Identity Theft. FBI Law Enforcement Bulletin, 77 (12), 11. Anonymous. (2003). ID Theft May Cost Banks $8B Annually. Organized Crime Digest, 24 (23), 7. Anonymous. (2006). Illinois Launches First ID Theft Hotline. Crime Control Digest, 40 (5), 5. Federal Trade Commission. (2007). 2006 Identity Theft Survey Report. McLean, VA: Synovate. Guyer, Hale. Introduction to Computer Fraud. North East Multi- Regional Training. September 2008. Identity Theft. (n.d.) Merriam-Webster Online. Retrieved April 2, 2009 from http://www.merriam-webster.com/. Illinois General Assembly. (2006). Criminal Statutes Ch. 720 Act 5 Article 16G Identity Theft. Retrieved April 2, 2009 from http://www.ilga.gov/legislation/ilcs.

14

Kinsey, Nicole. (2006). Five Types of Identity Theft. Ezine @rticles. Retrieved April 6, 2009, of-Identity-Theft&id=171016 Leyden, John. (2007). US ID Theft Losses Decline. The Register. Retrieved April 9, 2009, from http://www.theregister.co.uk/2007/02/05/us_id_fraud_survey/ Piazza, Peter. (2005). Rising Trend of Fraud, ID Theft. Security Management, 49 (3), 41. from http://ezinearticles.com/?Five-Types-