Eclectic Rant:Preventing Identity Theft

By Ralph E. Stone
Wednesday January 19, 2011 - 09:26:00 AM

Identity theft is a serious crime. It occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes. Identity theft can cost you time and money. It can destroy your credit rating and ruin your good name. By taking a few cautionary steps, you can deter, detect, and defend against identity theft. 

"But he that filches from me my good name/Robs me of that which not enriches him/And makes me poor indeed." –Shakespeare , Othello, act iii. Sc. 3. 

According to the Bureau of Justice Statistics, in 2008, an estimated 11.7 million persons, representing 5 percent of all persons age 16 or older in the United States, experienced at least one type of identity theft in a 2-year period; the total financial cost of identity theft was nearly $17.3 billion.  

Identity theft is one of the fastest growing crimes in America. Victims come from all walks of life – from everyday people to celebrities like Oprah Winfrey, Michael Jordan, Tiger Woods, Robert De Niro, Ted Turner, and Warren Buffet. 

As technology increases so will the number of victims of identity theft. The places where our information is stored, and the ways that identity thieves can get at that information, continue to multiply. Easy availability of confidential financial information, coupled with sloppy credit-granting practices by creditors and credit bureaus, makes it easy for identity thieves to open accounts in our name. 

What protections do Americans have? In the fall of 1998, Congress passed the Identity Theft and Assumption Deterrence Act, 18 U.S.C. § 1028. This legislation created a new offense of identity theft, which prohibits knowingly transferring]or using, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of Federal law, or that constitutes a felony under any applicable State or local law. 

In California, it is a felony to use the personal identifying information of another person without the authorization of that person for any unlawful purpose including to obtain credit, goods, services, or medical information.  

California also requires businesses and government agencies to notify consumers if hackers gain entry to computers that contain unencrypted personal information, such as credit card numbers, pass codes needed for use of personal accounts, Social Security numbers or driver’s license numbers. Under California law, notices must be given immediately following discovery of the privacy breach unless a law enforcement agency determines the notice would impede a criminal investigation. Any customer injured by a violation of the law may file civil suit to recover damages. [Penal Code §530.5 to 530.8] 

To investigate and prosecute identity theft, California operates five regional Hi-Tech Crimes Task Forces. The Attorney General also administers the statewide Identity Theft Registry to assist identity theft victims who are wrongfully identified as criminals. Through the California ID theft data base, law enforcement and anyone else designated by the victim can have quick official confirmation that the criminal history does not belong to the person. 

The Data Accountability and Trust Act 2009 (DATA) (H.R. 2221) is pending in Congress. In its current form, DATA requires businesses to notify customers and the Federal Trade Commission (FTC) if sensitive information has been exposed to a security breach. 

A security freeze is a way to give consumers real control over access to their credit reports. A freeze prevents access to one’s credit report to new creditors. This closes the loophole that identity thieves have exploited, since most businesses will not issue new credit or loans to people without first reviewing their credit reports. California enacted the first freeze law in 2001, and 24 states have followed with their own laws. 

Ultimately, the best protection against identity theft is a careful, alert consumer. Consumers should be extremely careful to whom they provide confidential information, including Social Security numbers, credit and debit card numbers, and bank account numbers. Thieves are constantly “phishing” for confidential information. Phishing is the attempt to obtain sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an e-mail purporting to be from popular social web sites, auction sites, online payment processors, or information technology (IT) administrators. 

Consumers should carefully check their monthly credit and debit card and bank statements and immediately dispute unauthorized charges. Credit card holders have the protection of the Fair Credit Billing Act ,which is enforced by the FTC 

It is also advisable to check your credit reports and dispute any credit report errors, pursuant to the Fair Credit Reporting Act, which is also enforced by the FTC. Consumers are entitled to a free copy of their credit reports annually from each of the three credit reporting agencies — TransUnion, Experian, and Equifax. 

Consumers should also be careful how they throw away paperwork containing confidential information. It is a good idea to shred such documents. 

Finally, if you are a victim of identity theft, I suggest that you follow the California Attorney General’s “Tips for Victims.” 


Ralph E. Stone is a retired Federal Trade Commission attorney.