Report - Guardian

More documents

Recommendations

Info

100 The LSE Identity Project Report: June 2005majority of new accounts opened by identity fraudsters were credit card accounts,followed by loans, telephone services, banking, and internet transactions. 262No government department has argued for identity cards in the US on grounds ofcombating identity theft. 263 In fact, the dominant argument is that a national ID card inthe US would make identity theft more of a problem because of the centralisation ofpersonal information it would entail. 264 This argument was supported by the theft ofpersonal data from three state ID issuing agencies over a two month period. 265 In onecase, the criminals stole blank licenses, along with an equal number of laminated coverswith state seals, a digital license camera, a desktop computer and a license printer. 266In the US, the Social Security Number has become an identity hub and a centralreference point to index and link identity. 267 Obtaining a person’s SSN provides a singleinterface with that person’s dealings with a vast number of private and public bodies.There have been countless cases of identity thefts that were enabled by first obtainingthe SSN. It is arguable that the existence and ease of obtaining the SSN and itsimportance across private and public databases is the reason why the level of identitytheft in the US is extremely high. This situation applies equally in Australia where theintroduction of an extensive Tax File Number has also increased the incidence ofidentity theft beyond the levels experienced in the UK. 268Consumer groups in the US have recently criticised the Senate Banking Committee forfailing to take action to reverse this trend. The Consumers Union argues that identitytheft will continue to rise until the relationship between the SSN and the publication ofpersonal details in the finance sector can be reduced. 269In the United States, Blue Cross and Blue Shield recently decided to discard the use ofSocial Security numbers in order to reduce identity theft. Between April 1 and the endof the year, all of the insurance company's members will be given new ID numbers andnew ID cards containing those numbers. 270As a result, Identity Cards with a new global unique identifier are not considered areasonable solution to the challenges faced in the US. Rather, the measures that arepromoted to combat identity theft include promoting the reporting of the crime toauthorities (which only 25% of victims do), and notifying credit bureaus (only 37%have). The FTC also recommends credit fraud-alerts to notify individuals when262 FTC report, page 34.263 E.g. the FTC document on ‘Remedying the Effects of Identity Theft’ recommends many measures but noneinclude more identity document. Available at http://www.ftc.gov/bcp/conline/pubs/credit/idtsummary.pdf264 American Civil Liberties Union, ‘Real ID’ Tacked Onto Military Funding Measure, Bill Would Enact BroadChanges Without Congressional Review, May 4, 2005. The ACLU states that an ID system is ‘a system ripe foridentity theft.’265 ‘National ID Battle Continues’, Kim Zetter, Wired News, May 12, 2005.266 ‘Authorities warn of consequences of DMV break-in’, Omar Sofradzija, Las Vegas Review-Journal, March 9,2005.267 ‘Proposed California Bill Bans Distribution of Social Security Numbers’, Information Week, December 6, 2004,http://informationweek.com/story/showArticle.jhtml?articleID=54800697.268 Speech by Karen Curtis, Federal Privacy Commissioner, to the 2nd International Policing Conference, Adelaide,3rd November, 2004 http://www.privacy.gov.au/news/speeches/sp5_04p.html.269 Consumers Union statement, September 23, 2003,http://www.consumersunion.org/pub/core_financial_services/000407.html.270 ‘Blue Cross to drop Social Security numbers from ID cards’, The Business Journal, March 8, 2005.
The LSE Identity Project Report: June 2005 101suspicious activity takes place in their name. The FTC also calls for improvedmechanisms to deal with investigations, which is the leading complaint from victims,and for better data management practices, reducing the amount of personal informationavailable to others. The FTC found that victims preferred stronger authenticationmeasures for credit cards, as well as more thorough identification measures foremployees during credit transactions. 271A recent project at Johns Hopkins University illustrated the ease of identity theft in theUS. Post-graduates involved in the study were encouraged to use legal, public sourcesof information, in order to try to steal identities for less than $50. The project concludedthat this could trivially be achieved, and that there was a need for better regulation ofthe use of personal information. 272In the US data-mining institutions are not tightly regulated. In the period of February toMay of 2005 there have been over twenty cases of security breaches at largeorganisations in the US, resulting in the theft or loss of over 5.5 million records. 273 Thecases vary in form and motive:- employees selling information, e.g. Bank of America employees were caughtafter selling 676,000 customer records 274 ;- malicious hacking of databases, e.g. LexisNexis found that 310,000 files mayhave been accessed 275 ;- theft of computers, e.g. the University of California-Berkeley discovered thetheft of a university laptop computer containing 98,000 applicant records 276 ;- loss, e.g. Bank of America lost backup tapes containing the personal informationof 1.2 million federal employees. 277One of the most recent breaches of security involved the loss of 3.9 million records byCitiFinancial, the consumer finance subsidiary of Citigroup. 278 There are continued callsfor further regulations in the US on the use of personal information by governmentagencies and companies in order to rectify this situation.ID Theft in the UKInformation collection and processing is regulated in the United Kingdom under theData Protection Act 1998. This law does not limit the amount of personal informationthat is collected, so long as the amount is proportionate to the purpose. As in the US,there are numerous credit reporting agencies (e.g. Equifax and Experian), the publicregisters (e.g. the electoral roll), and various data mining companies (e.g. Reed ElsevierGroup plc).271 FTC report, page 63.272 ‘Personal data for the taking’, Tom Zeller Jr., The New York Times, May 18, 2005.273 ‘A Chronology of Data Breaches Reported Since the ChoicePoint Incident’, Privacy Rights Clearing House, May4, 2005.274 ‘Bank security break may be the biggest yet’, CNN Money, May 23, 2005.275 ‘Searches conducted in hacking probe’, CNN, May 19, 2005.276 ‘Thief steals UC-Berkeley laptop’, CNN, March 29, 2005.277 ‘Bank Loses Tapes of Records of 1.2 Million With Visa Cards’, Saul Hansell, The New York Times, February 26,2005.278 ‘Personal Data for 3.9 million Lost in Transit’, Tom Zeller Jr., The New York Times, June 7, 2005.
Page 1:
The Identity Projectan assessment o
Page 5 and 6:
The LSE Identity Project Report: Ju
Page 7:
Page 11 and 12:
Page 13 and 14:
Page 15:
Page 19:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33:
Page 36 and 37:
22 The LSE Identity Project Report:
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 46 and 47:
Page 48 and 49:
Page 50 and 51:
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65: 50 The LSE Identity Project Report:
Page 116 and 117: 102 The LSE Identity Project Report
Page 127 and 128: The LSE Identity Project Report: Ju
Page 157: The LSE Identity Project Report: Ju
Page 164 and 165:
150 The LSE Identity Project Report
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 183 and 184:
Page 185 and 186:
Page 187 and 188:
Page 189 and 190:
Page 191 and 192:
Page 193 and 194:
Page 195 and 196:
Page 197 and 198:
Page 199:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
Page 212 and 213:
Page 215 and 216:
Page 217 and 218:
Page 219 and 220:
Page 221 and 222:
Page 223 and 224:
Page 225 and 226:
Page 227 and 228:
Page 229 and 230:
Page 231 and 232:
Page 233 and 234:
Page 235 and 236:
Page 237 and 238:
Page 239 and 240:
Page 241 and 242:
Page 243 and 244:
Page 245 and 246:
Page 247 and 248:
Page 249 and 250:
Page 251 and 252:
Page 253 and 254:
Page 255 and 256:
Page 257 and 258:
Page 259:
Page 262 and 263:
Page 264 and 265:
Page 266 and 267:
Page 268 and 269:
Page 270 and 271:
Page 272 and 273:
Page 274 and 275:
Page 276 and 277:
Page 278 and 279:
Page 280 and 281:
Page 282 and 283:
Page 284 and 285:
Page 286 and 287:
Page 288 and 289:
Page 290 and 291:
Page 292 and 293:
Page 294 and 295:
Page 296 and 297:
Page 299 and 300:
Page 301 and 302:
Page 303 and 304:
Page 305 and 306:
Page 307 and 308:
Page 309 and 310:
Page 311 and 312:
Page 313 and 314:
Page 315 and 316:
Page 317:
show all

Report - Guardian

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?