The most common notion of an identity thief is a computer hacker sitting alone in the dark, trading credit card numbers in secret chat rooms.
While there's plenty of evidence to back that up, a new study shows that both the perpetrators and victims of identity theft are more diverse than typically believed.
The Center for Identity Management and Information Protection (CIMIP), a think tank established at Utica College in New York, released its report studying trends in identity theft this week.
The CIMIP report focused on actual cases of identity theft, rather than victim reports, using data provided by the U.S. Secret Service. Among the findings:
• 42.5 percent of the offenders were between 25 and 34 years of age at the time that the case was opened, the largest percentage of offenders studied.
• 53.8 percent of the offenders were black, and 38.3 percent were white. One-third of the offenders were female, and of that percentage, two-thirds were black.
• 71 percent of the offenders had no arrest history, and the primary goal of the thieves was for simple personal gain, such as using credit, cash, or applying for auto loans.
• In 50 percent of the 274 cases studied, a business was the primary target. Businesses most likely to be hit with identity theft-related crimes were in the retail industry, such as hotels, restaurants, and gas stations. Private corporations represented 20 percent of the targets.
• 37.1 percent of the victims in the surveyed cases were financial industry organizations, such as banks, credit unions, and credit card companies. Individuals accounted for 34.3 percent of the victims.
• 59 percent of the victims were strangers--people the offenders did not know.
"Some of this does challenge conventional wisdom," CIMIP's executive Gary Gordon told MSNBC's Bob Sullivan. "Other studies report you (often) know who the person is that committed the crime. This study didn't find that."
Shifting the blame
Many studies tracing the origins and patterns of identity theft and related fraud have painted different pictures of who is likely to be affected, which in turn colors the debate about what should be done to prevent the crimes.
"Societal perceptions about identity crimes are based on a combination of notorious case incidents, broadcast vignettes depicting the unfortunate experiences of the victims, media announcements cautioning against behavior that may precipitate victimization, and, quite often, word-of-mouth," the report authors wrote.
A frequently-cited 2006 study by the Javelin Research & Strategy firm found that incidents of identity theft were on the decline, and that the most prevalent forms of identity theft occurred offline, such as stealing checkbooks or "dumpster diving" for personal documents. Perpetrators were likely to be a friend or family member to the victim, the study authors claimed.
The Federal Trade Commission (FTC) disputed Javelin's findings, pointing to its own statistic of 250,000 identity theft complaints brought to the agency in 2006--36 percent of all total complaints.
Battles over the root causes and preferred victims of identity theft and fraud deliberately influence legislation and responses to the problem. The financial industry and elements of the federal government favor a more hands-off approach, such as the identity theft plan proposed by former Attorney General Alberto Gonzales and FTC chairman Deborah Platt Majoras.
The plan would recommend passing federal identity theft laws that preempt stronger state-level laws, and enabling companies that have suffered data breaches to conduct their own internal investigations rather than automatically notifying affected customers. Studies that claim identity theft is not decisively caused by strangers who have access to personal data would bolster support for the hands-off measures.
Consumer advocates, state legislators, and some members of Congress are pushing for stronger legislation that expands the definitions of identity theft and offers harsher penalties for perpetrators. Senators Patrick Leahy (D-VT) and Arlen Specter (R-PA) recently introduced a new identity theft prevention bill that made the usage of spyware or keylogger programs a felony, expanded losses of identity theft under $5000 to be classified as misdemeanors, and codified the right of identity theft victims to seek restitution for financial losses.
The study, which is available as a free PDF download, was funded by a grant from the Justice Department's Bureau of Justice Assistance as well as corporate support from Lexis-Nexis, IBM, and Trans Union.
