Identity theft: laws, crimes, and victims.

A student of mine learned recently that somebody had rented an apartment in his name in a city a few hundred miles away. Another student shared a story about his credit cards being used to view pornographic materials on the Internet. These stories are certainly not unique. In the media, countless

reports of stolen identities and credit cards abound, creating an increased threat to individuals' peace of mind and financial standing. In one case, an Arlington, VA, woman found that within a month, four retail credit cards were opened in her name with more than $12,000 charged in that short time period (Breitkopf 2003). Interestingly, it wasn't until 1998 when the Identity Theft and Assumption Deterrence Act was passed that identity theft was officially established as an actual offense (www.usjdoj .gov 2004). Consequently, the Arlington, VA, woman actually saw her perpetrators tried and convicted (Breitkopf 2003).

On December 4, 2003, President Bush signed the Fair and Accurate Credit Transaction Act of 2003 (FACTA) into law (www.whitehouse.gov 2003); the law was developed to protect consumers in a wide range of financial transactions. Although part of the law relates to increased access to credit for all consumers, much of it is developed to prevent and combat identity theft. For example, merchants are now required to omit all but the last five digits of a credit card number on customer receipts. Additionally, the act creates a national system of fraud detection and alerts that makes it easier for victims to report incidents of identity theft and protect their credit standings. When an individual becomes a victim, he must make only one phone call to secure his credit standing and generate a nationwide fraud alert (www.whitehouse.gov 2003). This is a significant improvement over past situations, which often resulted in frustration over lack of support for identity theft victims. (For a sample of personal experiences related to identity theft, see the Privacy Rights Clearinghouse, http://www.privacy rights.org/case/victim.htm.)

The act is one that is clearly needed. According to the FTC (2003), over 9.9 million people were victims of identity theft during the 12 months prior to the report, and the loss to consumers has been estimated at $5 billion. Moreover, it is believed that, on average, an individual spends 30 hours trying to resolve the consequences associated with the theft. The Arlington, VA, woman spent more than 150 hours clearing her name (Breitkopf 2003).

Clearly, the incidence of identity theft is growing and the consequences can be severe. Based on these concerns, The Journal of Consumer Affairs circulated a call for papers for a refereed research colloquium on identity theft; results from this call are presented in this issue. The four resulting papers provide insight and direction into a variety of important issues related to identity theft. Linnhoff and Langenderfer offer an analysis of the Fair and Accurate Credit Transaction Act of 2003 and provide a discussion of other pending bills and proposals related to identity theft; they conclude with a call for additional legislation. Milne, Rohm, and Bahl examine online consumer behaviors and activities associated with increasing or reducing the risk of identity theft online. Sovern looks toward loss allocation rules as a potential means of stopping identity theft and argues that utilization of loss allocation rules has the potential to reduce the incidence of identity theft, where the same people would absorb the costs of identity theft as well as the costs and benefits of preventing it. Building on the importance of the organization in identity theft, Lacey and Cuganesan discuss the role that organizations play in identity theft response.

Together, these articles offer insight into improving systems to better protect the consumer from being a victim as well as helping the consumer in the aftermath. Yet this colloquium is merely the beginning. As noted by Milne, Rohm, and Bahl, increased advances in technology have generated increased opportunities for identity theft. Specifically, they identify several concerns related to online identity theft, including increased risk of online customer databases and enhanced use of wireless applications.

One relatively new type of online identity theft is referred to as "phishing." Phishing occurs when fraudulent e-mails are sent to online users by impersonating Internet service providers (ISPs), merchants, and banks, in an attempt to steal financial information (Hansell 2004). These e-mails appear to be from the ISP or merchant and include alarming messages that request personal information to "update or service an account." The unsuspecting victim, believing the e-mail originated from the company, dutifully provides the requested information. Originally believed to be associated with teenagers, phishing has been elevated to the level of criminal enterprise (Hansell 2004).

Interestingly, recent viewpoints suggest that increased use of online banking and bill paying can actually decrease the occurrence of identity theft by taking personal information outside the mailbox and eliminating a paper trail (Chatzky 2003; Community Banker 2003). Additionally, since paper statements come only about once a month whereas online transactions are generally posted fairly quickly, unauthorized online transactions are noticed sooner (Chatzky 2003).

Recent events have demonstrated the value of teamwork in combating identity theft, an important factor noted by Milne, Rohm, and Bahl. For example, in March of 2004, the Federal Trade Commission and the U.S. Department of Justice together shut down a phishing operation, and the Justice Department subsequently obtained a criminal conviction (www.ftc .gov 2004). Clearly, cooperation among government groups, businesses, and consumers can contribute to fighting the problems. But the challenge of maintaining our identities will not go away. As we bond together in an effort to fight this increasing problem, prudent consumers must take preventive measures to ensure that we all preserve our identities. As the Arlington, VA, woman noted, identity theft can affect one's lifestyle and definitely "has an impact on people."

REFERENCES

Breitkopf, David. 2003. Identity Theft Really Affects Your Lifestyle. American Banker, 168 (November 18): 17.

Chatzky, Jean. 2003. Ending the Paper Trail. Money, November. Community Banker. 2003. Online Banking and Bill Payment Can Protect Against Identity Theft. 12 (November): 73.

Federal Trade Commission (FTC). 2003. Identity Theft Survey Report. Prepared by Synovate (Aegis Group plc). http://www.ftc.gov/os/2003/09/synovatereport.pdf.

--. 2004. National and State Trends in Fraud and Identity Theft. http://www.consumer.gov/ sentinel/pubs/Top10Fraud2003.pdf.

Hansell, Saul. 2004. Online Swindlers, Called "Phishers," Lure Unwary. New York Times, March 24. http://www.nytimes.com.

Privacy Rights Clearinghouse. 2004. http://www.privacyrights.org/case/victim/htm.

U.S. Department of Justice. 2004. Identity Theft and Fraud. http://www.usdoj.gov/criminal/fraud/ idtheft.html#What%20Are%20Identity%20Theft%20and%20Identity.

The White House. 2003. http://www.whitehouse.gov.