Time to criminalise ID theft?

At present, some 500,000 driving licenses are lost or stolen every year, creating a tidal wave of authentic documentation which can be used to support ID theft. These false identities in turn feed an ecosystem of criminal activity: drugs, prostitution, guns, people trafficking, as well as more mainsteam fraud and racketeering. A key, but less publicised goal of the the government's ID card agenda is to cut off this criminal activity at source. At present the government employs around 5000 staff in benefit fraud prevention within the DWP alone. However, in other countries questions have been raised, as to how effective ID cards can be without a legal regime to encourage prevention and prosecution. Without it, as at present, much ID theft goes unreported, or misreported. IT analyst Gartner's (guess)timate is that fewer than 1 in 700 Identity thieves are ever arrested; let alone prosecuted. What's the incentive? In response to this threat, in July 2004, George W. Bush signed into law the Identity Theft Penalty Enhancement Act, which adds two years to prison sentences for criminals convicted of using stolen credit card numbers and other personal data to commit crimes (five years for those who exploit identity theft in the commission of "terrorist offenses"). There is a clear need to create a range in incentives and penalties which would encourage government and commerce alike to address the issue more aggressively. This law adds real muscle to efforts to deter identity theft. The act: Assesses specific new penalties against identity theft used in the commission of crimes. Should encourage law enforcement officials to prosecute identity thieves. Should increase criminals' chances of getting caught. Should provide a reputational incentive to commercial operators to play a more active role in ID thef prevention. Gartner makes several recommendations: Financial service providers and other businesses that extend credit (such as wireless service providers and retailers) should: Check for identity theft fraud before issuing loans or other credit. Invest in solutions to prevent identity theft fraud across varying accounts, such as checking, credit, consumer loans and auto financing. Work with law enforcement by providing authorities with as near real-time fraud data as possible, which can arm police with information to prevent these crimes. It remains to be seen how far and how fast these lessons are taken on board in the UK, but the scale of the threat and the need for a pervasive, society-wide response should not be ignored.


Forrester highlights 'easy' authentication

Strong Authentication Made Simple Identity theft is the fastest-growing type of crime in the US. Consumer concern is significantly influencing behavior, causing consumers to curb online purchasing and use of online banking services. Entrust IdentityGuard is a promising approach to strong authentication of online consumers for financial firms, ISPs, and major retailers. Its high security, low cost, ease of use, and flexibility make it well-suited to the challenges of strong customer authentication. While many existing solutions will remain in place, Forrester believes that IdentityGuard will exert a profound impact on the consumer authentication market


Security booms on back of ID theft concerns

In a relatively lacklustre IT market, security remains the perverse highlight, strengthened by increasing levels of organised crime. The latest evidence comes from Datamonitor, which predicts a rise in security spending from $17bn today, to $32bn in 2007.


Corporate Identity theft

The problem of identity theft is becoming pervasive and affects not just consumers, but corporates too. A literally stunning example was perpetrated this week, when a hoaxer was interviewed on BBC television and radio, purporting to be from Dow Chemical, and reportedly accepting liability for Bhopal. The BBC's much vaunted principle of seeking corroboration for stories, clearly was not operating here, and they later apologised for being duped. Dow's official statement about the ID theft appears here. But is then parodied very convincingly at the activist site DowEthics, here, operating is at the bleeding edge of corporate satire: It reads: Dow "Help" Announcement Is Elaborate Hoax On December 3, 2004, a fake Dow spokesperson announced on BBC World Television fake plans to take full responsibility for the very real Bhopal tragedy of December 3, 1984. (1) Dow Chemical emphatically denies this announcement. Although seemingly humanistic in nature, the fake plans were invented by irresponsible hucksters with no regard for the truth. As Dow has repeatedly noted, Dow cannot and will not take responsibility for the accident. ("What we cannot and will not do... is accept responsibility for the Bhopal accident." - CEO Michael Parker, 2002.) The Dow position has not changed, despite public pressure. Dow also notes the great injustice that these pranksters have caused by giving Bhopalis false hope for a better future assisted by Dow. The survivors of Bhopal have already suffered 20 years of false hope, neglect, and abdication of responsibility by all parties. Is that not enough? To be perfectly clear: The Union Carbide Corporation (UCC) will NOT be liquidated. (The fake "Dow plan" called for the dissolution and sale of Dow's fully owned subsidiary, estimated at US$12 billion, to fund compensation and remediation in Bhopal.) Dow will NOT commit ANY funds to compensate and treat 120,000 Bhopal residents who require lifelong care. The Bhopal victims have ALREADY been compensated; many received about US$500 several years ago, which in India can cover a full year of medical care. (2) Dow will NOT remediate (clean up) the Bhopal plant site. We do understand that UCC abandoned thousands of tons of toxic chemicals on the site, and that these still contaminate the groundwater which area residents drink. Dow estimates that the Indian government's recent proposal to commission a study to consider the possibility of proper remediation at some point in the future is fully sufficient. Dow does NOT urge the US to extradite former Union Carbide CEO Warren Anderson to India, where he has been wanted for 20 years on multiple homicide charges. (3) Dow will NOT release proprietary information on the leaked gases, nor the results of studies commissioned by UCC and never released. Dow will NOT fund research on the safety of Dow endocrine disruptors (ECDs) considered to have long-term negative effects. Dow DOES agree that "One can't assign a dollar value to doing what's morally right," as hoaxter Finisterra said. That is why Dow acknowledged and resolved many of Union Carbide's liabilities in the US immediately after acquiring the company in 2001. (4) Most importantly of all: Dow shareholders will see NO losses, because Dow's policy towards Bhopal HAS NOT CHANGED. Much as we at Dow may care, as human beings, about the victims of the Bhopal catastrophe, we must reiterate that Dow's sole and unique responsibility is to its shareholders, and Dow CANNOT do anything that goes against its bottom line unless forced to by law. For more information please contact Marina Ashanin, Corporate Media Relations, +41-1-728-2347, or write to us. Please also see these news articles. NOTES TO EDITORS: (1) On December 3, 1984, Union Carbide - now part of Dow - accidentally killed thousands of residents of Bhopal, India, when its pesticide plant leaked a vast cloud of lethal gas over the city. Since that date, at least 12,000 more people have died from complications, and 120,000 remain chronically ill. The Dow Chemical Corporation hereby expresses its condolences to the victims. (2) Union Carbide was originally forced to pay US$470 million in compensation to survivors, which amounts to about US$500 per victim. (Note: Dow hereby wishes to retract the 2002 statement of Dow PR Head Kathy Hunt as to US$500 being "plenty good for an Indian." The poor phrasing of this statement has often come back to haunt us.) (3) Arrested in India following the accident, Andersen posted US$2000 bail and successfully escaped India. (4) Dow settled Union Carbide's asbestos liabilities in the US, and paid US$10 million to one family poisoned by a Dow pesticide. This is a mark of Dow's corporate responsibility. The spoils of identity thegy are not always put to the sordid use of defrauding customers. Sometimes they can be much more damaging, digging deep into the brand equity so carefully established. Dow's shareprice may not immediately fall, but damage has been done. Damage, not just to Dow, but to the CSR movement as a whole.


What's Coming Next in Tech

Came across a great site for tech geeks... Among various fun articles, Alice & Bill review the potential for automated crime-solving and here they review the possibility of 'printing' human skin.