Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- D5.1: A survey on legislation on ID theft in the EU and….
- D5.2: ID Fraud Workshop.
- D5.2b: ID-related Crime: Towards a Common Ground for Interdisciplinary Research.
- D5.2c: Identity related crime in the world of films.
- D5.3: A Multidisciplinary Article on Identity-related Crime.
- D5.4: Anonymity in electronic government: a case-study analysis of governments? identity knowledge.
- D6.1: Forensic Implications of Identity Management Systems.
- D6.5/D6.6: Second thematic Workshop forensic implications.
- D6.7b: Workshop on Forensic Profiling.
- D6.7c: Forensic Profiling.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D5.2b: ID-related Crime: Towards a Common Ground for Interdisciplinary Research
Towards talking about the same thing
Terminology
In this document, many terms have been used to describe a single or, more likely, multiple phenomenon: ID theft, ID fraud, ID crimes, ID-related crime, ID mix-up, ID change. The scheme of Figure 4 in Chapter four gives a first indication of how all these terms might relate. We (editors) think such a scheme could be extended and filled in further, in order to clarify the various forms of ID ‘something’ that we are talking about. For example, we could extend Chapter four’s figure 4 as follows:
Figure . Sample taxonomy
The upper layers indicate types of ID-related activities, both lawful and unlawful. The lower, italicised, blocks indicate the subset of unlawful ID-related activities, which we might group together under the term ID-related crime. Although there is not yet a consensus of which term we should use, it seems that a common interest can be found in researching the various acts in the italicised blocks (even if some researchers focus only on a subset of these), and the term most often used for this is ‘ID-related crime’. Further research and discussion is needed, however, in order to create a taxonomy and related terminology that can be used as the basis for interdisciplinary research.
Conceptual framework
Related to the terminology issue is the conceptual framework. Most of the research in this document focuses on ID fraud, notably ID misappropriation (‘ID theft’) or unlawful ID creation. This activity can be studied – as indeed it should presumably be combated – from a combination of legal, social-economic, and technical perspectives. The chapters as well as the discussion of the May 2005 workshop indicate, however, that there is no consensus yet on just which activities fall within the term of ID fraud or exactly which activities are found relevant to be studied. In fact, several structures of ID fraud have been suggested in the literature and at the workshop:
4 steps (Mitchison et al.; TILT) | 2 steps (ICPP) | 4 steps (Karlstad) | 2 steps (VIP) | common ground |
assuming an ID | profiling | 1. creating an ID | ||
ID fraud |
criminal act | malicious intent | 2. unlawfully using an ID |
Table . Decomposing ID-related crime.
As can be seen from this table, there is agreement on the two major steps: 1) creating an ID, and 2) using this ID. Both steps can be subdivided in various ways, however, depending on the point of view. From a legal perspective, for example, one could distinguish in the ‘use’ stage the preparation of abuse (such as possession with the intent to use a false ID) or an attempted crime from the actual abuse or completed crime. From an economic perspective, this also makes a large difference, since the first does not result in actual damage, whereas the second (usually) does. From a technical perspective, however, the distinction need not be relevant: once the false biometric passport has been created, it is technically immaterial whether it is used or not.
Another issue for further research is therefore to develop a shared conceptual framework consisting of the various steps that need to be distinguished in ID-related crime from the various disciplinary perspectives.
Definitions
From the preliminary discussion of definitions in Chapter 2, a working definition was extracted:
ID fraud is when someone with malicious intent consciously creates the semblance of an identity that does not belong to him, using the identity of someone else or of a non-existing person.
(We leave aside here the need for a more general definition, since ID fraud is only a subset of ID-related crime, as we discussed above. Definitions are needed of both ‘ID-related crime’ and ‘ID fraud’. Here, we focus on the latter, since this subset is at the core of most of the discussions in this document.)
Even if this definition of ID fraud appears better than several other ones, various elements of this definition are contentious, as emerges from the chapters in this document and from the discussion at the workshop. To mention a few:
intent: in terms of damage, unintentional ID fraud can be as devastating as international ID fraud, and from a legal perspective, unintentional – but grossly negligent – acts are also sometimes criminalized; should malicious intent be part of the definition?
consent: one can distinguish situations where the ID of someone else is appropriated without knowledge and consent of the person from situations where there is consent. However, the former does not necessarily constitute fraud (although it usually will), e.g., when a girl uses her mother’s bank card to buy candy; and consent does not always mean that no crime is taking place, e.g., when two brothers exchange clothes in prison so that the convict leaves the prison while his innocent brother remains in the cell. Moreover, from a legal perspective, the presence or absence of explicit or implicit consent may be relevant when discussing civil liability. Should consent somehow be part of the definition?
use: the definition given only comprises acts where the false ID is actually used; as noted above, ID fraud comprises also the preparatory step of creating an ID, and so, this should probably somehow be included in the definition; from a legal perspective, it should be discussed whether only the unlawful use of an ID should be criminalized, or also the preparatory step(s);
harm: the definition does not mention actual harm, but of course it makes a difference whether or not ID fraud results in actual damage – material and/or immaterial; related to the previous bullet: should the mere risk of damage be criminalized or otherwise countered, or should we focus only on harmful acts as such?
To show where such elements lead, one can adapt the working definition in various ways; to name two, rather extreme, examples:
ID fraud is when someone creates the semblance of an identity that does not belong to him (of someone else or of a non-existing person) with the intent that it be used for a legally relevant act. [broad version]
ID fraud is when someone with malicious intent creates the semblance of an identity that does not belong to him (of someone else or of a non-existing person) and causes damage by using this identity for an unlawful purpose. [narrow version]
When discussing the precise formulation of a definition, it should also be questioned whether a single definition ought to be developed, or whether different definitions should be drafted for use in different contexts. A legal definition need not necessarily be the same as a technical definition (and it would presumably be hard to have lawyers and technicians agree on a single definition).
In short, working definitions of ‘ID-related crime’ and ‘ID fraud’, and perhaps of other terms, should be developed that can be used in interdisciplinary discussions – not necessarily single definitions, but at least definitions that cover the various elements that are relevant to the context in which they will be used, and that are understood – if not necessarily agreed upon – by people from different fields and disciplines.
Denis Royer | 40 / 44 |