December 13, 2005 |
2005-R-0906 | |
IDENTITY THEFT | ||
| ||
By: Daniel Duffy, Principal Analyst |
You asked for background information on how and where identity theft occurs and if other states have adopted legislation specifically intended to reduce identity theft occurring in retail establishments.
SUMMARY
Identity theft is (1) stealing information that identifies an individual and (2) fraudulently using the information without permission to obtain something of value.
The Federal Trade Commission (FTC) operates the federal clearinghouse for identity theft reports. It received over 245,000 reports of identity theft in 2004. The number of reports has increased each year since it began collecting data. It reports that in 2004 the most common use of stolen identifying information was to commit credit card fraud. The FTC does not report data on the location of identity thefts. In 2004, Connecticut ranked 27th in the number of identity theft victims per capita with 57.1 victims per 100,000 people.
The Better Business Bureau's (BBB) website displays a summary of a survey that shows that most identity theft takes place offline. In other words, it does not take place on the Internet. Further, it reports that the most frequent type of reported theft involved a stolen wallet or checkbook. The survey did not report where the thefts took place.
The National Conference of State Legislatures website shows that 25 states have enacted “anti-skimming” laws. These prohibit using an electronic device to read the information on a payment card's magnetic strip and placing the information on another card.
IDENTITY THEFT
The term “identity theft” generally describes frauds committed by using information that identifies an individual without the individual's permission. Connecticut's criminal statutes define it as intentionally obtaining, or attempting to obtain, another's personal identifying information without permission and using it to obtain money, credit, goods, services, property, or medical information without consent (CGS § 53a-129a).
PREVALENCE OF IDENTITY THEFT
The FTC is the federal government's central repository for identity theft complaints. It (1) collects complaints and provides victim assistance; (2) maintains the Identity Theft Data Clearinghouse, which is a centralized database of victim complaints; and (3) educates consumers, law enforcement agencies, and private industry on identity theft prevention. The FTC reports that it received 246,570 consumer identity theft complaints in calendar year 2004. This is over 30,000 more complaints than received in 2003. The FTC does not report data describing how or where the identity thefts occur.
The FTC reports that the most common use of a victim's stolen information was to commit credit card fraud (28%), followed by telephone or utilities fraud (19%), and bank fraud (18%). Other types of fraud include employment-related fraud (13%) and loan fraud (5%).
In 2004, Connecticut ranked 27th in the number of identity theft victims per capita with 57.1 victims per 100,000 people. Table 1 displays the type of theft reported by Connecticut victims.
Table 1: 2004 Connecticut Identity Theft Victims
Identity Theft Type |
Victims |
Percentage |
Credit Card Fraud |
689 |
34 |
Phone or Utilities Fraud |
418 |
21 |
Bank Fraud |
276 |
14 |
Employment-Related Fraud |
164 |
8 |
Government Documents or Benefit Fraud |
132 |
7 |
Load Fraud |
98 |
5 |
Other |
440 |
22 |
Attempted Identity Theft |
140 |
7 |
BETTER BUSINESS BUREAU STUDY
In January 2005 the Better Business Bureau released a summary of a survey that states that identity theft crimes are more likely to take place somewhere other than on the Internet. The most frequently reported source of information (approximately 30%) used to commit fraud was a lost or stolen wallet or checkbook. Other sources of fraud included: someone known to the victim, corrupt employees, offline transactions, and stolen mail or a fraudulent change of address. Among cases where the perpetrator's identity was known, over half were committed by someone known to the victim. The survey was conducted by Javelin Strategy and Research. According to the BBB website (BBB.org), the research project was supported by CheckFree, Visa, and Wells Fargo & Company. Other than stating that most thefts did not occur on the Internet, the BBB website does not indicate where they occurred.
LEGISLATION INTENDED TO REDUCE IDENTITY THEFT IN RETAIL ESTABLISHMENTS
Some states have adopting “anti-skimming” laws. The following table, appearing in the National Conference of State Legislatures website (NCSL.org), displays the states that have adopted these laws.
Table 2: States with Anti-Skimming Laws and Year Adopted
2001 |
2002 |
2003 |
2004 |
2005 |
Florida |
Arizona |
Iowa |
Delaware |
Arkansas |
|
California |
Nevada |
Kentucky |
Louisiana |
|
Idaho |
New Hampshire |
Michigan |
Maine |
|
Illinois |
Oregon |
West Virginia |
Mississippi |
|
Missouri |
South Dakota |
|
New Jersey |
|
|
Texas |
|
Virginia |
|
|
Utah |
|
Wyoming |
|
|
Washington |
|
|
Maine's law, adopted in 2005, makes it a crime for someone to knowingly and willfully use a scanning device or reencoder to capture encoded information from a magnetic strip on a credit card, debit card, or other payment card and to place the information on another card with the intent to defraud. It defines “reencoder” as an electronic device that places encoded information from the magnetic strip on the back of a payment card onto another card and “scanning device” as a scanner, reader, or any other electronic device that accesses, reads, scans, obtains, or memorizes, or stores, either temporarily or permanently, information encoded on the magnetic strip of a payment card (17-A M.R.S.A. §§ 721 to 723).
DD:ro