Crime Prevention Studies, Volume 23
Edited by Megan M. McNally and Graeme R. Newman
This chapter explores opportunities for the commission and prevention of identity theft, with a particular focus on the role of technology in both. Identity information is a hot product in contemporary societies, and there are many opportunities to obtain it and misuse it. There are potentially just as many opportunities to prevent either of these activities, however. The allure of this offense is therefore examined through the CRAVED and SCAREM models, and initial consideration is given to the reduction of criminal opportunities for identity theft through the techniques of situational crime prevention. While preventive efforts ultimately need to be tailored for different types of opportunities, the current discussion outlines what this will entail.
This chapter explores the conceptual and procedural complexities surrounding the issue of identity theft. The discussion begins by outlining a universal script for the commission and consequences of this offense. This script consists of three main scenes: the acquisition of personal information (Time 1), the misuse of personal information (Time 2), and the outcomes of victimization (Time 3). The meaning and mechanics of identity theft are then deconstructed through an analogy to the story of Goldilocks and the Three Bears, which is also useful for illustrating the multiple and repeated dimensions of identity theft victimization. Finally, the contours of identity theft are mapped onto this universal script, with a particular focus on highlighting the range of opportunities available for research and prevention. Considering the current shortage of detailed data regarding identity theft, this exercise can be useful for structuring extant information and fine tuning data-collection instruments. Further development of this identity theft script will additionally help to accomplish the goals of situational crime prevention.
This exploratory study examines patterns of identity theft offending and its impact on individual victims. Data were obtained from two victim surveys (N=378) conducted by the Identity Theft Resource Center in 2003 and 2004. Descriptive findings focus on: the location of victims and offending activities, offender characteristics, the duration and impact of victimization, child identity theft, and identity theft as a form of domestic abuse. Over all, the findings present a more detailed picture of this offense than is possible through general population surveys. Victims of identity theft suffer considerable fiscal, emotional and physical harms. This new type of victimization also differs from many traditional forms of common and white-collar crime. In order to be effective, situational crime prevention techniques will need to cover a much broader terrain than is usually required. While the current findings are an important first step towards this goal, the patterns observed here must be subjected to more in-depth analysis using more comprehensive data.
Despite the rapid rise in the occurrence of identity theft and the incredible costs to victims, little is known about the lifestyles and decision-making strategies of those who engage in this illegal enterprise. The purpose of this study is to examine identity theft from the offenders’ perspectives. Drawing on semi-structured interviews with 59 offenders convicted of identity theft and incarcerated in federal prisons, this study describes how they account for their motivations, the risks they associate with the crime, the strategies they employ to locate sensitive information and convert it into cash, and the skills they have developed to be successful. Over all, the findings suggest that several well-known situational crime prevention techniques may be effective at reducing identity theft through increasing efforts, increasing risks, and removing excuses.
This chapter presents a history of the UK’s efforts to combat check and payment card fraud. Some consideration is also given fraud prevention in the international context. Since the 1980s, the focus of preventive efforts has shifted from lost and stolen plastic cards to card-not-present transactions. This shift largely reflects industry controls, which have reduced conventional opportunities for plastic card crime. The discussion traces the history of control efforts and their relationship to fraud rates, as well as the evolution of “card fraud” to “identity fraud.” Over all, the UK’s experience provides one example of how opportunities for fraud can be reduced, though each country has a different alignment of commercial interests that affect the economic and logistical difficulties of change.
This chapter provides a framework for assessing the competing factors that need to be addressed when determining how to minimize risks associated with crimes involving the misuse of documents and other evidence used to establish identity. Three approaches are possible: the traditional approach, which relies on the production of documents of varying degrees of security; using biometric technologies such as fingerprinting or facial scanning; and using identity cards such as those that make use of computer chips secured with a Personal Identification Number. Ten groups of factors are identified against which each system can be assessed, and a framework for quantitative analysis is provided. Selecting an appropriate and effective system, or combination of systems, requires the evaluation of a considerable and ever-increasing body of technical evidence relating to the performance of systems, in addition to an examination of a range of social, legal, and practical considerations to do with privacy, data security, user acceptance, and cost. Compelling evidence of performance should not, however, overwhelm these non-technological considerations. It is concluded that the adoption of any given solution must be driven by an objective assessment of evidence relating to all of these factors – not solely those governing technical performance measures.
Identity theft is one of the fastest growing high-tech crimes in the United States, due in part to the easy availability of personal information. Although this information can be obtained both physically and through the use of computers or the Internet, information technology (IT) strategies could also make it harder to do. This paper applies eight selected techniques of situational crime prevention to show how IT can be used in identity theft prevention. Computer security methods harden potential targets and extend guardianship. Physical and digital controls decrease offenders’ access to facilities. Validation of personal identity can deflect offenders. Firewalls will conceal computing targets. Information markets can be disrupted. Login banners act as a means to post instructions to offenders and warn them of penalties for unauthorized access. Finally, employee training can alert consciousness about victimization. Although situational crime prevention is generally carried out at the organizational level, IT-based approaches can also be applied to an individual level of protection. However, a concluding argument is made that, given the ubiquitous nature of personal information, even IT protection may not matter in the end.
When addressing computer crime, there is a body of knowledge called Information Systems (IS) security, which aligns itself closely with the goals of Situational Crime Prevention (SCP). IS security practitioners are responsible for defending organisations against a wide range of threats, from hackers to viruses. However, within the organisational context, practitioners must also consider the very real problems posed by employee computer crime. Although a number of IS security researchers have focussed their attention on addressing the “insider” threat, there is currently a lack of insight into the offender/context relationship during the process of committing crimes. Yet, despite the notable similarities, IS security researchers have rarely drawn on criminology – let alone (SCP) – for inspiration or enlightenment. This chapter, therefore, examines how SCP can improve understanding about the offender/context relationship and enhance IS security practices.