TCS Daily

Reality Check on ID Theft

By Sonia Arrison - March 21, 2002 12:00 AM

Identity theft is a serious concern, but despite calls from regulation advocates, new privacy laws are not the answer to this insidious crime. As a new report shows, consumer awareness and better enforcement of existing laws are the ways to solve this problem.

Advocacy groups such as the San Diego-based Privacy Rights Clearinghouse estimate that the number of ID thefts - when someone co-opts another person's identity to commit theft or fraud - is around 750,000 a year. But numbers from a recent General Accounting Office (GAO) report tell a different story.

For example, between November 1999 and September 2001, the Federal Trade Commission's (FTC) Identity Theft Data Clearinghouse only logged a total of 94,100 complaints, a number similar to data from consumer reporting agencies. This means that the chances of being a victim are less than 0.03 percent - about the same as being hit by a vehicle while crossing the street.

Responding to concerns that ID theft is increasing, Congress passed the Identity Theft and Assumption Deterrence Act in 1998. There are also numerous state laws targeting the crime. With all this legislation, it's curious that ID theft appears to be increasing.

Many people blame the Internet, because it makes the collection and transfer of personal information easier. But not only was ID theft happening long before the Internet became popular, it's also easier for thieves to obtain data from the trash bin than by breaking into a business's encrypted online database. This explains why the tips for avoiding ID theft are mostly low-tech and based on common sense.

One of the best defenses against ID theft is a paper shredder. Destroying garbage that has tax information (and therefore your social security number), credit card numbers, and other personal information is a good idea. Also, don't give your credit card, bank account, or social security numbers to anyone without knowing who they are and why they want them.

Another way to prevent crooks from snatching your identity is to install a lockable mailbox - this will prevent thieves from taking your personal documents before you even see them. Many victims of ID theft do not find out until months later that their information has been co-opted.

Since businesses collect information about consumers, some regulation advocates have called for stronger laws governing the collection and use of that data. But that inaccurately assumes that businesses routinely leak information. It also threatens consumer convenience and the free flow of commerce. To meet demand and offer services at the lowest cost, businesses need information about their customers. So what's the answer?

The key to stopping ID theft may be found by looking at the enforcement data in the recent GAO report. For instance, in the years 1999 and 2000, the FBI logged zero convictions for ID theft crimes involving the fraudulent use of credit cards. This is in comparison to 1996, when they managed five convictions, and two in both 1997 and 1998.

The Secret Service, another government agency charged with investigating these crimes, told the GAO that it has "moved away from investigating street crime level offenders" to targeting large-scale operations. And local police departments often encounter jurisdictional problems in chasing ID bandits, which means that even with all the laws against ID theft, few criminals are brought to justice.

As long as thieves can easily get away with ID crimes, they will continue to do so, no matter how many laws are on the books. Fortunately, the FTC has started encouraging law-enforcement over law-creation. But not everyone has seen the light. California Attorney General Bill Lockyer, co-chair of the National Association of Attorneys General Consumer Protection Committee, continues to push for more restrictive and costly privacy laws. That quest comes despite the lack of data showing that the marketing departments of businesses are responsible for ID theft.

Policymakers and advocates need to recognize that cutting off a business's ability to market to their customers is not the way to solve the ID theft issue. A better way to fix the problem is to give police the ability and incentive to enforce existing laws and to educate consumers on how they can better protect themselves. That way, consumers will be safe as they shop both on and offline.

Sonia Arrison is director of the Center for Technology Studies at the California-based Pacific Research Institute. She can be reached at .

TCS Daily Archives