This Chapter presents the findings for the fourth research question posed for this study:
who are the victims of identity theft, and how have they exposed themselves to identity theft in
their activities, and what has been the impact of identity theft on their lives? The findings
identify a number of activities and attitudes in identity theft victims that may contribute to the
growth of this kind of crime. The findings, insofar as they developed data on routine activities
by victims, also weigh in on the applicability of routine activities theory as a framework for
police investigation and law enforcement prevention and as an adequate response to identity theft
and fraud.
(i) Current state of Awareness
The Identity Theft and Assumption Deterrence Act of 1998 mandated the FTC to create
The Identity Theft Data Clearinghouse. In November, 1999, the Clearinghouse was officially
created to receive and collect data on consumer’s (victims) complaints. Newman and McNally
(2005, p. iv) (quoted in Pascoe et al. 2006), stated that “While there are some differences in the
amount of identity theft by states, regions and to some extent age, the data shows that, depending
on the type of identity that is being perpetrated, all persons, regardless of social or economic
background, may become victims of identity theft”. FTC (2011) figures indicated that an
estimated 8.6 million households with persons over the age of 12 had encountered some form of
identity theft by year 2010. These figures compared to 6.4 million victimised households in
2005, which was an increase of 2.2 million victims for the five year period. The increase in
134
accounts, namely utility and banking accounts. Thus, the misuse of credit card accounts
increased from 3.6 million in 2005 to 5.5 million in 2010. Approximately 35% of victimised
households experienced the fraudulent use of other business accounts, which remained
unchanged from year 2005 through 2010. Households headed by non-Hispanic Whites, Asians
and Hispanics reported an increase in identity theft from 2005 to 2010. Households headed by
non-Hispanic Blacks, African Americans, Native Americans and persons of two or more races
did not experience a change in identity theft. A financial loss of approximately $13.3 billion was
experienced by U.S. households. Additional financial losses were the result of thieves misusing
personal information to create new accounts. Each household suffered an average loss of
$13,200. Additionally, the misuse of active credit cards was responsible for an approximate 30%
financial loss with a combined loss of 54% victimisation.
(ii) Measurement of Identity Theft
Hayward (2004) in her overview of identity theft concluded that there are no
comprehensive statistics on the prevalence of identity theft. It was therefore a difficult task to
support interviews with data that were completed with law enforcement officials from such
agencies such as, the Department of Justice, the US Attorney’s Office, the Postal Inspection
Service and the FTC. From those interviews it was apparent that there is no single database in
the United States that shows a true picture of all identity theft fraudsters or victims. This is likely
because some victims choose not to report the crime in the first instance, and others may not be
aware they are even victimized until months after their identity is stolen. Some victims also do
not report the crime because they feel that nothing can be done because of the passage of time.
A canvass amongst several officials assigned to the above agencies revealed that it is
135
because federal law enforcement agencies do not have information systems that facilitate specific
tracking of identity theft cases or complaints. Identity theft is almost always a component of
white-collar or financial crimes such as bank fraud, credit card fraud or the use of counterfeit
financial instruments. The Consumer Sentinel Network (CSN) collects complaints filed with the
Better Business Bureau, the Internet Crime Complaint Centre, the National Fraud Information
Centre, The U.S. Postal Service and others (CSN, 2010:2).
In response to the lack of organized statistical data on identity theft, an original study was
conducted by this researcher who analysed 30 identity theft cases in order to distinguish the
actual means and locations of occurrence of identity theft crimes. The information is reflected in
the below listed (place of compromise) chart. After examining 30 identity theft cases, results
shows credit card fraud as the most common form of compromise and military the least. Upon
further examination of the cases, it was realised that a table was appropriate. Table 3, as shown
below, shows places of compromise range from military (7%), followed by family and
restaurants (10%), mail (13%) internet (17%), unknown (20%) and credit card (23%).
Table 3
136
Note: Seven categories in the above table (table 3) were examined for places/source of compromised. Military showed the least form of compromise while credit card was the highest (noted in appendix 1.).
(b) Consumer Reporting Agency Data
The collected statistical data information in the first instance is as reliable as the
individuals reporting it. The data is based on voluntary reports by individuals who purport to be
victims. Reports are received by civilian agencies, as well as, law enforcement and are presumed
to be reliable. On the other hand, victims are not mandated to report these crimes. After the
reporting entities send the information to the repository such as the FTC, the data is collected and
used for statistical reasons. The FTC is recognised as a reliable repository agency as their web
site is more readily accessible than other comparative sites.
(i) Official Data
When the Federal Trade Commission (FTC) began compiling identity theft complaints in
137
beginning of 2002, the average was 3000 calls per week. By 2009, there were several conflicting
numbers for the amount of calls received by the FTC and other clearing houses. However, the
FTC’s main focus is on consumer awareness and not fraud detection. The Consumer Sentinel
Network (CSN) Data Book contains over 6.1 million complaints dating from calendar year 2006
through calendar year 2010. The CSN received over 1.3 million complaints during calendar year
2010: 54% were fraud complaints; 19% identity theft complaints; and 27% were other types of
complaints. Identity theft was the number one complaint category in the CSN for calendar year
2010 with 19% of the overall complaints, followed by Debt Collection (11%); Internet Services
(5%); Prizes, Sweepstakes and Lotteries (5%); Shop-at-Home and Catalogue Sales (4%);
Impostor Scams (4%); Internet Auction (4%); Foreign Money Offers and Counterfeit Check
Scams (3%); Telephone and Mobile Services (3%); and Credit Cards (2%). The complete
ranking of all thirty complaint categories is listed in the CSN report. Government
documents/benefits fraud (19%) was the most common form of reported identity theft, followed
by credit card fraud (15%), phone or utilities fraud (14%), and employment fraud (11%). Other
significant categories of identity theft reported by victims were bank fraud (10%) and loan fraud
(4%). Government documents/benefits fraud increased 4 percentage points since calendar year
2008; identity theft-related credit card fraud, on the other hand, declined 5 percentage points
since calendar year 2008. However, between January 2000 and 2009, identity theft was the top
complaint category and credit card fraud was the most common form of reported identity theft
(FTC 2009, 2010).
A Javelin Strategy, Fraud and Survey Report (2010) showed 11.1 million adults in the
U.S. were victims of identity theft in 2009, compared with 9.9 million victims in calendar year
138
although a significant, serious problem appears to be levelling out as indicated by the.
Additionally, studies show that identity theft is done by exploitation of existing accounts. The
FTC’s, Consumer Sentinel report (2012) shows that for calendar year 2011, consumers filed
more than 1.8 million consumer complaints which included over 279,000 for identity theft.
These figures are left to interpretation because there is no single repository for consumer identity
theft complaints.
The following two main sources corroborate these trends:
(ii) Official Reports
In 2004, the Financial Crimes Enforcement Network (FinCEN) began to focus their
attention on identity theft in the securities and futures industries. This change occurred as a
result of Suspicious Activity Reports (SAR) that was examined by the Securities and Futures
Industries. At that time, the State and local governments had not begun to act on SAR’s and was
unaware of the new patterns and trends used by identity thieves to access and abuse trust
accounts, as well as, investment and retirement accounts. At the time, it appeared that FinCEN
was the pioneer in identifying the various methods used by the identity thieves to defraud
securities firms and individual account holders.
As stated, FinCEN pioneered a reported system which spurred the inception of the SAR
review. Table 4 (which is cited below as Graph #1) is a review of US Department of Treasury,
FinCEN, Identity theft patterns and typologies Based on Suspicious Activity Reports, filed by the
Securities Futures Industries from calendar year 2005 through 2010. For the purpose of this
139
compared with actual statistics which were compiled by personnel in the New York County
District Attorney’s Office for calendar year 2009 and 2010 and will be further illustrated in table
5. This researcher is presenting these figures to show the steady increase in the intensity of
identity theft. This illustrates the need for the various law enforcement agencies in the US, on
the federal, state and local level to share their resources to eventually curb and reduce the trend
in identity theft. The comparative chart will also reflect the number of cases generated by
analysts in the District Attorney’s office for investigative purposes. The graph in table
(5)further illustrates that offenders utilize a network to accomplish their task. Identity theft is not
only a lone wolf operation. It takes a planned coordinated effort which will be discussed further
in this research.
140
Source: Financial Crimes Enforcement Network Identity Theft Trends, Patterns, and
Typologies Based on Suspicious Activity Reports Filed by the Securities and Futures
Industries January 1, 2005 – December 31, 2010, p.1.
*Note: Table 4 (graph 1, for the purpose of proper citation only) shows the general number of SAR filings for calendar year 2009 (18,382), a when compared to 2010 (18,758). Table 4 also shows the number of SAR identity theft filings for calendar year 2009 (2,097) and 1,952 for 2010.
141
*Note: Table 5 shows the number of SAR reports analysed by personnel in the Manhattan DA’s Office for calendar year 2009 (7,240) in comparison to calendar year 2010 (17,458). Table 5 also shows the number of identity theft cases for calendar year 2009 (453)
compared to calendar year 2010 (718). The number of suspects generated from cases in calendar year 2009 and 2010 were 2,017 and 5,384.
142
The chart below Table 6 (figure 1) shows an increase in identity theft victimisation from
2005 through 2010. Existing credit cards was recognised as the cause for an increase in the
misuse of existing credit card accounts. The data shows the percentage in households that
experienced the misuse of an existing credit card account increased by about 50%, from 2.5% to
3.8%. The percentage of households that experienced the misuse of personal information to open
a new account or for another fraudulent purpose declined by about 30%, from 0.9% in 2005 to
0.6% in 2010.
Table 6
Note: There are no available annual estimates for year 2008 because only six months of data was collected.
Source: U.S. Department of Justice Programs Bureau of Justice Statistics Crime Data Brief November 2011 “Identity Theft Reported by Households, 2005-2010” By Lynn Langton, BJS Statistician. http://bjs.ojp.usdoj.gov/content/pub/pdf/itrh0510.pdf - 2011- November.
143
Several of the findings of general research about identity theft apply to the situation of its
victims, including the fact that identity thieves remain a moving target, difficult to identify
(Wagner, 2009), more and more crime occurs on the Internet, in the form of phishing and
malware, offenders view identity theft as a victimless crime (Copes & Vieraitis, 2007), and an
increasing number of offenders are using stolen credit cards to obtain all manner of additional
personal data with which they then take out new loans, incur debts, open other accounts and
commit other crimes. General research as to the mechanisms used by offenders to commit
identity theft indicates that credit card theft, debit card theft, bank account emptying and use of
personal information to obtain loans remain the most common offenses (Bronk, 2008). The
research also indicates that while offline theft remains more common, Internet –based identity
theft is growing in prevalence (Berg, 2006). All of these findings are reflected in victim
responses.
In terms of direct research into victim experience of identity theft, the research at present
indicates that 61% of victims still fail to notify the police of a theft (Wagner, 2009), younger
credit card holders are the most common victims (Fell, 2006), and most victims do not discover
the theft until sometime after the stolen data has begun to be used to exploit their bank accounts,
credit card accounts, and other property. As part of this research, victims were asked how
quickly they became aware of the theft, what was the total dollar amount, how much time it took
to clear up the problem, if theft resulted in any other negative outcomes and if they were forced
to close an account, all to establish a level of awareness of these issues. Finally, victims also
have views about how law enforcement responded to their reporting of identity theft. At present,
if current law was effective, it would follow that victims would be most likely to hear about an
144
hired to monitor their bank account by the bank (Bose & Leung, 2009), or by a notification from
a company against whom a debt was incurred based on breach notification laws (Burdon, 2011).
In addition, one of the hypotheses of this study is that current police response to identity is
hamstrung and ineffective due to jurisdictional and other issues, and that, as a result, routine
activities theory is required to give structure to police response, to improve its response (Tillyer
& Kennedy, 2008). Though it is likely that most victims will be in the dark as to who or how
their data was stolen, it is much more likely that they will have come in contact with police
officers as a result of the theft, possibly in inopportune ways, based on the extent to which the
misuse of the stolen data put their name on some list that required police response. In the
research, routine activities theory argued that for a crime to be committed, a motivated offender,
a suitable victim and absence of guardianship must all come together in one place, to create an
opportunity for commission of the crime (Mench & Wilkie, 2011). If police operated according
to best practice in utilizing routine activities theory as a framework to focus their response to
identity theft efforts would be made to reduce offender motivation, make the victims less suitable
(by educating them not to engage in data-insecure behavior) and by providing more guardianship,
in many different ways. The research has found that educating consumers could reduce
Internet-based fraud.
(c) Data on Individual Cases
Twenty-five victims were interviewed based on the research questions and follow-up
questions. A few victims are named anonymously; other victim identities were only numbered,
and remain so in these short synopses of their commentaries.
145
One afternoon in March 2005, I received a call from Michael. At the time, Michael was a
police officer, who was assigned to the Manhattan South Grand Larceny Task force. Michael
responded to the Saks Fifth Avenue Store uptown in Manhattan because security was “holding
one” (police jargon for a person under arrest) for suspicion of identity theft. Michael asked if he
and his partner could come up to the Squad room at the District Attorney’s Office and process the
“collar” (arrest) because they preferred to complete the arrest processing, which included an
attempt at debriefing the prisoner, speaking to the prosecutor and lodging the prisoner in the
Central Booking complex at the Manhattan District Attorney’s Office. Permission was granted
and about an hour later, the two officers arrived with the prisoner to complete the arrest
processing.
The prisoner was a female and for safety reasons she needed to undergo a search for
contraband and weapons; I was instructed to conduct the search in private. Towards the end of
the search I discovered a secret pocket sewn on the inside of her jacket. The prisoner’s jacket
was removed to allow for a more invasive search. The secret pocket held thirteen credit cards.
There were six American Express credit cards, five Master Card credit cards and two Visa credit
cards. All of the cards bore the identical first and last name. Michael asked for help with
processing the “collar” because his partner was meeting with the lead prosecutor on this
investigation. I told Michael that I would give him a hand with whatever he needed. My
Sergeant also gave me permission to help the two officers move the arrest processing along.
After the defendant was read her rights, she agreed to provide Michael with a written statement.
While the statement was being written, Michael asked that I call Linda, the victim, and interview
her on the telephone because he needed a statement in order to move the arrest processing along
146
While dialling the victim’s telephone number, I realised that the 305 area code was
assigned to the State of Florida. Michael informed me that the defendant and others had been at
Saks Fifth Ave, shopping with multiple credit cards. At approximately 6:00 pm., I rang the
telephone number. A young girl answered the phone and yelled, “Mommy!” A woman quickly
picked up the phone and answered, “Hello.” I introduced myself as Detective Newton, from the
Manhattan DA’s Squad. I informed the victim of the possible theft or compromised credit cards
that were issued in her name. I further explained that someone was caught using the stolen cards
at a retail store in New York City and that person was currently being held in police custody.
“My credit file was compromised about a year ago. My life had been pure hell. The debt
collectors kept calling my house all hours of the day and even up until about 9 pm. at night. I
spent time and money calling the credit card companies, but everything that I said fell on deaf
ears because no one believed what I was saying to them was in fact true and that I am a victim of
ID fraud. One day I received a call from someone at a savings and loan company asking for a
deposit for my account that carried an overdraft. Fraudulent checks were presented against a