Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- D5.1: A survey on legislation on ID theft in the EU and….
- D5.2: ID Fraud Workshop.
- D5.2b: ID-related Crime: Towards a Common Ground for Interdisciplinary Research.
- D5.2c: Identity related crime in the world of films.
- D5.3: A Multidisciplinary Article on Identity-related Crime.
- D5.4: Anonymity in electronic government: a case-study analysis of governments? identity knowledge.
- D6.1: Forensic Implications of Identity Management Systems.
- D6.5/D6.6: Second thematic Workshop forensic implications.
- D6.7b: Workshop on Forensic Profiling.
- D6.7c: Forensic Profiling.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
A categorisation of rearrangement of identity linkage
There are lawful and unlawful reasons to use a false identity. Publishing under a pseudonym, for instance, is a widely accepted practice; impersonating your neighbour to empty her bank account without her consent is not. In this section, we propose a categorisation that covers both intentional and unintentional, and lawful as well as unlawful types of (mis)using identity. This deepens the understanding of identity-related crime and shows that there are grey areas between criminal and non-criminal activities.
Most definitions and descriptions of identity ‘theft’ and identity fraud (see below) have one thing in common. Within a specific communicational context, the link between at least one physical person and (a) the name or identifier used and/or (b) the social system and the role taken therein is established in a wrong way. The authentication or authorisation step is passed successfully, but the physical person and the identifier or role in the social system do not match. Authentication in these cases leads to false positives, resulting in a rearrangement of identity linkage.
An inverse scenario is also possible, namely of false negatives, creating a different kind of rearrangement of identity linkage. This is when someone has the right identity but fails to be identified, thus preventing the authentication or authorisation step to be passed and preventing the link between person and identifier to be made. This may be done by the identity bearer herself, for instance, when an employee circumvents an identification or authorisation system to enter a building by hopping in behind a colleague while the door is still open. It can also be done by third parties, for example, when someone stealthily applies an RFID blocker to prevent an employee from entering the building with her RFID card. A third commonly observed reason is technical failure, e.g., in the context of biometric systems, leading among other things to False Rejection Rates (FRR). This type can be called identification obstruction: intentionally or accidentally blocking the link between person and identifier. It is a subcategory of identity deletion, which means deleting the identity of a natural person, through tampering with the identifier of a person or with the linkage between identifier and person. Identification obstruction is usually temporary, but identity deletion can also be more enduring. For instance, instead of an RFID blocker, an attacker can also prevent an employee from entering the building by deleting her record from the database with entry authorisations. We will refer to the on-going deletion by destroying the identifier as identity erasure. Identity erasure as such is usually permanent, but the deleted identifier can be re-installed (like the broken link between identifier and person in identification obstruction can be mended). This constitutes another type of rearrangement of identity linkage, namely identity restoration. In the case of the employee, this occurs when a system administrator reinserts the employee’s name in the database.
We can understand rearrangement of identity linkage independently from any kind of criminal intent. Taking a closer look, one easily discovers that in many cases, rearrangement of identity linkage in fact happens unintentionally or accidentally. An example is confusing in a telephone conversation a daughter with her mother due to the similarity of their voices. This is yet another type to be distinguished: identity collision (for further examples and sub-types of identity collision, see Leenes 2006, pp. 51-52). Identity collision is usually discovered by one participant of the communication and resolved. In cases where the collision is not discovered, and stems from a deliberate attempt to confuse the communication partner, identity collision may shift into another category of rearrangement of identity linkage, namely identity change. Identity change is the type most closely related to the notions of identity fraud and identity ‘theft’, where a false identifier is linked to a person intentionally.
Altogether, we can thus distinguish four types of rearrangement of identity linkage.
Identity collision: a wrong link is accidentally made between an identifier and a person.
Identity change: a wrong link is intentionally made between an identifier and a person (the identifier may be an identifier to an existing person or a newly created one.)
Identity deletion: an identifier linked to a specific physical person is, intentionally or accidentally, deleted by herself or someone else (identifier erasure), or the link between person and identifier fails to be made, through an intentional or accidental act (identification obstruction).
Identity restoration: an identifier previously linked to a specific person and later deleted is, usually intentionally, restored by herself or someone else, or the linkability between an identifier and a person is re-established.
The following figure summarises the main types of rearrangement of identity linkage, which we will refine in more detail in the next section.
Figure : Types of rearrangement of identity linkage
Taking a closer look at identity change, we can distinguish four subcategories, depending on the behaviour of the actor – the non-original identity bearer – and, if present, of the original identity bearer.
Identity takeover or identity usurpation: the actor takes over an already existing identity of another person (i.e., the original identity bearer) without this person’s consent. In most cases, this identity has already been used in established social structures, so that the step of authentication is passed already or can be passed easily because of known authentication information.
Identity delegation or identity licensing: the actor uses an already existing identity of another person with that person’s consent; this is similar to identity takeover, but differs in the element of consent.
Identity exchange: two or more people, with mutual consent, use each other’s identity; this often happens in already established 1:n relationships, for instance, where two bearers of the same role, e.g., customers, actively exchange identities, such as loyalty cards, in communications with the other communication partner, such as the supermarket.
Identity creation: the actor creates an identity that is, at least to her knowledge, not linked to a physical person. Thus, the actor has to go through authentication and authorisation procedures by herself. If the created identity accidentally links to an existing person, we have a case of identity collision; in such a case, from the perspective of an independent observer, identity creation may be indistinguishable from identity takeover.
Various motives may lie behind these activities. The actions in all these subcategories of identity change can be perfectly lawful. For example, identity takeover can take place in a hidden-camera program, performed by actors assuming the role of an official or a famous person, or in a parody. Lawful identity delegation occurs when employees authorise colleagues to answer their mail when on holiday, or when a wife lends her bank card to her husband. In most cases of lawful identity delegation, the consent is limited to a certain period and bound to a specific purpose. Lawful identity exchange occurs when Netizens use the CookieCooker (http://www.cookiecooker.de), a cookie-managing program that distributes cookies related to a website randomly between different CookieCooker users with the target to obscure personalised profiles. Finally, identity creation is common in for example multiplayer role games and chatboxes, where ‘virtual identities’ and pseudonyms abound. However, the actions in these subcategories can also be unlawful, which is the topic of the next section.
6 / 12 |