Identity Theft--Why Preventative Steps Will Never Be Enough
Identity theft struck more than 27.3 million Americans between April 1998 and April 2003, reports Timothy L. O'Brien, with more than a third being victimized in the last year alone. In that one-year period, businesses and banks lost $48 billion while individuals had to personally pay $5 billion in order to straighten out their financial identities. In many cases, the thieves and their victims never met face to face. In today's virtual world, a criminal can devastate a person from next door or across an ocean without ever knowing, or caring, who the victim is; all that matters are the numbers in a person's credit report. Strangely, what matters to a thief is the same thing that matters to a lender or a merchant.
Numbers have come to represent people. Where once someone's good name was determined by manners, morality, and kindness, today a person's worth is decided by numbers and formulas that combine to create something called a FICO score--yet another number. Based on this number, a figure generated by an emotionless computer, a person is judged credit worthy or not. Manners and morality, since they cannot be quantified, do not enter into the equation. FICO scores and credit reports tempt us to think about our relationship with money purely in numbers. Even our relationships with other human beings are being tainted this way. Lenders do not see people; they see FICO scores. Our identities, too, are being boiled down to facts on a computer print out, a concise summary of where we live, how much we earn, and what financial assets we hold, all that matters about a person (at least in the eyes of others) presented like statistics on the back of a baseball card--sans the stick of gum. According to the online version of Merriam-Webster, the term identity refers to the "distinguishing character or personality of an individual." It seems strange that a word defined by character and personality should have anything to do with finances. Money is associated with the impersonal, as evinced by terms like "cold hard cash." Money is a medium created to make simple the trading of goods and services, nothing more. The fact that we attach such great significance to it and that we increasingly attach little significance to the term identity is at the root of identity theft, an exponentially increasing problem raging rampantly through our new century. O'Brien's research shows that your identity is worth about $10 on the Internet. That is the going rate among identity thieves. The fact that our personal information has a price tag is appalling, but one would think it would at least warrant more than ten measly dollars. It is this transformation of people--of identities--into numbers, distancing by their very nature, that makes this crime so popular. The dehumanizing of the "other side" is a time-honored, if despicable, tradition throughout human history, but it has always been undertaken as a means of grabbing power and solidifying one group against another. Now we are doing it to ourselves. We have collectively chosen to allow a set of numbers to represent us, trivializing what it means to be a human being, and we wonder why identity theft is on the rise despite our precautions and our efforts to fight it. Experts cite the ease of the crime as a reason for its popularity, but we must also examine the fuzzy morality that surrounds concepts like financial identities (for example, is it wrong for a parent to open a credit card in a child's name?). Also, our increasingly impersonal, highly technical world further alienates us from each other, creating distance, not only from friends and relatives, but from predators and prey. Surely, a crime that does not necessitate looking a victim in the eyes is easier to commit. Identity theft is on the rise, not only because it is relatively easy to perpetrate, but because we have turned people into numbers. It is easy to strike against a number. We have dehumanized ourselves, and we have created a society that places too much emphasis on money. Now we are suffering the consequences. For these reasons, despite all our precautions, we will find identity theft impossible to squelch unless we change the way we interact with each other and with our money.
What is identity theft?
Some might argue that identity theft can indeed be prevented without altering our basic philosophy toward humanity and finances. In order to debate this, we must first establish a sound understanding of the crime. Before 1998, identity theft did not even have a name. Marla Royne Stafford reports that it was not until that year, when the Identity Theft and Assumption Deterrence Act was passed, that the Department of Justice officially made it an offense. According to O'Brien, "identity theft involves the most intimate, the most stealthy and perhaps the most intrusive of frauds--the wholesale listing of someone's financial persona to secure bank loans, credit cards and mortgages in that person's name." The "financial persona" the thief steals is the private information of an individual including, but not limited to, Social Security number, name, address, and telephone number. In some cases, a discarded piece of mail is all that is needed for a thief to secure loans and credit cards in a person's name. The ultimate goal is always to acquire easy money. This crime is exacted not only against individuals but against businesses as well. Businesses, entities that establish credit in their own right, are frequently targeted. Whether corporation or individual, it can take months for victims to repair the damage done to their financial reputations, and they may continue to feel the effects years after. Ultimately, most victims are not responsible for paying the majority of the charges incurred against them (though they can spend more than a hundred hours trying to erase the marks left on their credit history). Thieves may attempt to use this to justify their actions, convincing themselves that big business or money-hoarding banks are the ones to suffer, thus making it a crime where no one is truly hurt, but this only demonstrates a lack of understanding of global economics and the danger of creating a culturally accepted distaste for big business. We see people as numbers and corporations as the enemy. When this irreverence is built into our society, it cannot be a surprise that identity theft is growing in popularity despite efforts to deter it.
Identity theft is only possible because our financial selves and our personal selves have become so closely intertwined. Amy Diller-Haas says, "The need to protect personal identities has become just as important as protecting and preserving financial assets." Because news about identity theft is always accompanied by reports of illicit loans, dollars lost, credit ruined, and other indicators of financial disaster, one might conclude that our very identities are synonymous with our financial worth. One of the reasons identity theft is such a disheartening crime is because it is such a personal crime, because we have come to view our finances as such an integral part of ourselves.
Just as it is important to understand the nature of identity theft, we need to know the methods thieves employ in order to execute the crime. The United Postal Service web site says thieves can obtain personal information in a number of ways, such as stealing mail, pretending to be a loan officer and ordering a copy of a person's credit report, "shoulder surfing" at the automatic teller machine, or "dumpster diving" in trash bins to find canceled checks or credit applications that have not been destroyed. The advent of the Internet, and online banking and shopping, has brought more methods for illegally collecting personal information.
According to David Myron, the Internet is increasingly "the weapon of choice" for identity thieves. Internet-related identity theft reports increased from 45% in 2002 to 55% just a year later. Hiawatha Bray reports on a virus called Coreflood that allows thieves to collect passwords. The ramifications are obvious since it is increasingly common for us to use our home computers for banking. Coreflood is only one of numerous ever-evolving viruses.
Copious online scams also provide a means for computer-savvy criminals to acquire personal information. "Phishing" is a relatively new Internet acquisition method. Stafford says it occurs "when fraudulent e-mails are sent to online users by impersonating Internet Service Providers (ISPs) , merchants, and banks, in an attempt to steal financial information." These e-mails appear to be from legitimate sources and typically ask the user to input passwords or other personal information, but in truth, they originate with identity thieves hoping to use the data to obtain free money. Related to phishing is "web spoofing." According to Chula G. King, web spoofing is when Internet predators masquerade as actual businesses and steal their online identity. "With web spoofing, a company's web site is reproduced under a similar domain name that is controlled by the identity thieves." Users who believe they are visiting a legitimate institution, such as the web site for their bank, may be tricked into typing in private information.
Once identity thieves acquire a person's identity, they can use it to make money in a number of ways. Some go on shopping sprees. O'Brien mentions a case where criminals bought truckloads of items from a Home Depot and then turned around to fence the merchandise for half the price charged to the victim's credit card. Identity thieves might also change a victim's address and take out a bank loan for tens of thousands of dollars.
According to Terri Cullen, homeowners have even more to worry about. They are being targeted because of their biggest asset. "Homeowners are astonished to find that thieves not only have stolen their personal information, but have used it to open home-equity loans or, in some extreme cases, sold the home without the homeowners knowledge." In such a case, two identity thieves work together. One poses as the home buyer and uses a stolen persona to apply for the mortgage, and the other pretends to be the seller. Once the house is sold, they split the profits and disappear, hundreds of thousands of dollars richer. Cullen says home-related crimes like these are possible because a great deal of the home loan application and home selling process is done via telephone or computer these days. People are not required to show a piece of identification when applying for a mortgage. In the case of home-equity loans, some lenders do not even require home appraisals when the amount of the loan is less than 1% of the home's value.
Identity theft is the fastest growing crime out there. According to Ton Slewe, identity fraud occurs at least eight times as often as documented cases of fraud. Identity theft ignores borders, laws, and morality. O'Brien says its popularity can be traced to a few key factors such as, "the growth of the Internet and digital finance, decades of expanding consumer credit worldwide, the hodgepodge nature of local and federal law enforcement, and the changing but often still inadequate regulations governing the credit industry." O'Brien and others choose to ignore, or at least fail to address, the physical and emotional importance our capitalist society places on money and how it effects the popularity of this and other crimes involving money. Also, there is little mention of the way we have trivialized people by turning them into numbers that at best allow strangers to make instant judgment calls about us without ever meeting us and that at worst allow others to steal our time and destroy our financial well-being.
Prevention: What the Experts Recommend
Most sources offering advice on identity theft give variations of the same suggestions. Shred all documents, credit applications, and financial statements with personal information on them. Each year, order and review copies of your credit reports from the three credit reporting agencies. Do not give out personal information such as bank numbers, passwords, and Social Security numbers over the phone or the Internet unless you initiated contact. Do not keep your Social Security card in your wallet. Use a safe, even at home, to lock up checkbooks, passwords, and financial paperwork. Do not give friends or relatives, no matter how trusted, personal identification numbers for your ATM cards. Although these caveats make sense and seem practical enough to follow, they themselves are not enough.
Unfortunately, the accountability for identity theft does not start and end with us.
Even if people are scrupulous about shredding documents, hiding passwords, and regularly scouring credit reports, what about the other institutions that hold their personal information? Ron Lepofsky reminds us that "most corporations house personal information of their employees (such as security passwords, home addresses, credit card details and personal bank account numbers for payroll deposits) on their computer databases." Though there are laws that dictate safe handling of this information, there is a certain amount of trust involved that may not necessarily be warranted. Businesses, after all, are notorious for having their own profit margins in mind and taking shortcuts whenever they can get away with it. Lepofsky also says, "most people are shocked by how easily personal information can be coaxed from unsuspecting employees, covertly photographed or simply found in a dumpster." Slewe urges corporations to improve their identity checks, "especially if applications for services like credit cards or loans are handled." He warns us that increasingly sophisticated computer viruses will require "drastic preventative measures." Are we up to the task? And even if we are, is it enough? We can only hope future laws--and their enforcement--will hold businesses, including our own employers, accountable for our personal information in such a way that they have as much at stake as we do in protecting our identities.
Even in an ideal scenario, one in which we take all the suggested precautions and the businesses that hold our personal information likewise take all the suggested precautions, it can only reduce the risk, not eliminate it.
The Problem: Why Preventative Steps Will Never Be Enough
Preventative steps are ultimately not enough. There will always be insiders who can access the information. O'Brien reports, "The hardest thing to battle is the insider because no matter what you do to try and prevent it, a corrupt insider will derail that." The United States Postal Service says it is not uncommon for would-be identity thieves to intentionally apply to jobs that involve working closely with financial information, thereby granting them access to everything they need to perpetrate their crimes. Also, bribery from the outside is not uncommon. Identity thieves may find an insider who can provide them with the personal information they need. Using inside relationships is not limited to business applications. Liz Pulliam Weston tells us that in some identity theft cases, the perpetrator is a friend or relative. "They know your patterns, they have access to your financial information, and they know those unique identifiers like your mother's maiden name." There are even cases of parents stealing the identities of their children, Weston says. They use their children's Social Security numbers to open new credit cards and apply for loans, later refusing to admit they did anything wrong. It does not help that it is becoming easier and easier for the average person to attempt identity theft. Just as documentaries on counterfeiting have taught people how to print fairly convincing currency, numerous web pages exist detailing exactly how to create a new identity. According to the United States Postal Service, all it takes is a home computer, a scanner, and a color printer to create false IDs.
Aside from insiders and a growing number of adventurous amateurs, we must fight a lack of education amongst the populace. Since identity theft is so closely tied with technology, much of its success revolves around the average person's inability, or disinclination, to keep up with the times. Even today, there are numerous home computers without virus protection. Many users simply do not understand how to implement the technology. Many of us do not even understand our own finances. According to Stafford, President Bush signed the Fair and Accurate Credit Transaction Act on December 4th, 2003 to help protect consumers in their financial transactions. One way is by making it easier to access credit reports, allowing people one free report from each of the three main credit bureaus each year, but many folks do not even know how to acquire a credit report much less that they are entitled to them. As we depend more and more on technology, for many of us, what we know about how to protect ourselves in the world is diminishing rather than growing. Despite that, we flock to the Internet and other new technologies without considering how much we stand to lose for venturing into these new venues, uneducated and unprepared. Slewe writes, "in the current digital age, except for few retail transactions where paper money or coins are used, money and money flows are represented by information about financial assets owned, owed, or transferred to another party." As our finances become increasingly virtual, they become increasingly alien to us. How can we expect would-be thieves to respect our financial identities when we barely understand them ourselves? Slewe goes on to say that, while once we could safeguard money by tucking it into guarded safes or armored cars, that is no longer the case. Information, also changing into a virtual medium, can no longer be protected by guns or locks either. Despite our efforts, the average person may not have the technical know-how to outwit identity thieves who use the Internet, and other technologies, in new and ever-changing ways to scam us out of our money. Even today, it is a struggle. We can download virus protection software, but tactics like phishing and web spoofing operate outside the realm of viruses. Myron suggests online shopping, an appealing convenience that grows in popularity every year, will only cause matters to grow worse as more consumers venture out onto the Internet with credit cards in hand.
Conclusion
Though experts offer a great deal of common sense advice on how we can make ourselves less likely targets for identity theft, there is no way to safeguard ourselves completely. Increased and continuing education, for adults as well as children, would certainly help, but ultimately we must do more than attempt to fight technology with technology. Identity theft will not go away until we address the real problem: the lack of respect for businesses and individuals (in part due to the dehumanizing of people into numbers) emphasized by a society that puts too much importance on wealth and material things, to the extent where crime seems like the only viable choice for some. How fortunate for them that it has become so easy.
Works Cited
Bray, Hiawatha. "Who's at Fault in an Online
Stickup?" Boston Globe Online Edition. 14 Feb. 2005.
Cullen, Terri. "Identity Thieves Target Growing Home
Equity." The Wall Street Journal Online. 13 Feb. 2005.
Diller-Haas, Amy. "Identity Theft: It Can Happen to You." The CPA Journal. 74 (2004): 42-45.
Identity Theft: Stealing Your Name and Your
Money. 13 Feb. 2005. United States Postal Service.
King, Chula G. "Online Identity Theft and Business." The CPA Journal. 74 (2004): 50-53.
Lepofsky, Ron. "Preventing Identity Theft." Risk Management. 51 (2004): 34-39.
Milne, George R. "How Well Do Consumers Protect Themselves from Identity Theft?" The Journal of Consumer Affairs 37 (2003): 388-396.
Myron, David. "Stolen Names, Big Numbers." American Demographics. 26 (2004): 36-39.
Merriam-Webster Online. 2005. Merriam-Webster. 4 Mar. 2005.
O'Brien, Timothy L. "Identity Theft is Epidemic. Can It Be
Stopped?" The New York Times Online Edition. 24 Oct. 2004.
Simon, Leslie David. Netpolicy.Com: Public Agenda for a Digital World. Washington, D.C. : Woodrow Wilson Center Press, 2000.
Slew, Ton, and Mark Hoogenboom. "Who Will Rob You on the Digital Highway?" Communications of the ACM. 47 (2004): 56-60.
Stafford, Marla Royne. "Identity Theft: Laws, Crimes, and Victims." The Journal of Consumer Affairs. 38 (2004): 201-204.
Weston, Liz Pulliam. "8 Signs You May Know an Identity
Thief." MSN Money. 13 Feb. 2005
L. Buroker (This is an undergraduate paper written for a class in popular and consumer culture at the University of Washington).