Title: PREVALENCE

Prevalence

The United States has conducted perhaps more studies than any other country in the world. These studies have largely been conducted based on surveys. Mainly consumer and victim surverys in an attempt to develop an accurate picture on the prevalence of identity theft inside of its geographical boundaries. The primary source of data is actually not a study but a complaint database which was introduced in 1999 after Congress passed the Identity Theft and Assumption Deterrence Act, which called for the Federal Trade Commission to “establish procedures to

(1) log and acknowledge the receipt of complaints by individuals who certify that they have a reasonable belief that 1 or more of their means of identification (as defined in section 1028 of title 18, United States Code, as amended by this Act) have been assumed, stolen, or otherwise unlawfully acquired in violation of section 1028 of title 18, United States Code, as amended by this Act; 

(2) provide informational materials to individuals described in paragraph (1); and 

(3) refer complaints described in paragraph (1) to appropriate entities, which may include referral to— 

(A) the 3 major national consumer reporting agencies; and 

(B) appropriate law enforcement agencies for potential law enforcement action.”

As a result, the Federal Trade Commission has maintained the Identity Theft Data Clearinghouse for the past decade. As the GAO notes, “[f]or the 23-month period from its establishment in November 1999 through September 2001, the FTC Identity Theft Data Clearinghouse received 94,100 complaints from victims, including complaint data contributed by SSA/OIG.”

In 2005, the database received 255,627 complaints, which was an increase from previous years. A year later, however, a decline occurred and the database received 246,124 complaints which led some to conclude identity theft in general was starting to decrease. The most recents results from 2007 indicate how this decline may have been a coincidence rather than a definite trend. In 2007, 258, 427 complaints about identity theft arrived at the desk of the database. Overall, it would be safe to conclude that identity theft is still rising, but not at a high pace. The interesting aspect of the complaints, however, is how the percentage of identity theft complaints in comparison to other fraud complaints received by the database is continuously decreasing. Other fraud related incidents as a result demonstrate a more disturbing growth. 

In addition to the complaint database which appears to provide only a fraction of the total size of the problem, survey studies are also used as a source of data. The Privacy Rights Clearinghouse has developed an overview of some studies conducted to gain a picture of the prevalence of identity theft in the United States. The results from the Javelin Strategy & Research Survey demonstrates a hopeful decline. The study conducted various times throughout the past decade uses surveys among consumers to investigate the prevalence of the crime in the United States. The number of victims in 2003, the first year the study was conducted, was 10.1 million. Later studies conducted in 2005, 2006 and 2007 began to demonstrate a steady and significant decrease. In the table below, the year and the amount of victims are presented.

Table 6.. Number of victims of identity theft

The survey studies conducted by Javelin Strategy receive a lot of criticism, for various reasons. Chris Jay Hoofnagle, for example, criticizes this source of data because of its heavy if not exclusive reliance on consumers. He states that “we are asking the wrong people about the crime. The surveys seek to obtain information about identity theft from its victims — individuals who have the most limited view of the problem. Victims often do not know how their personal data were stolen or who stole the information.” Hoofnagle therefore proposes a solution to the problems associated with obtaining reliable and insightful data. He suggests financial institutions ought to publicize the prevalence data they maintain on identity theft in order to help create an accurate picture of the size of the identity theft problem. The data provided by financial institutions could subsequently be a significant aid in the determination of the actual size of the problem. However, until, if ever, that happens the available data is the only source of information anyone can use, which is precisely what Hoofnagle did. This does make any definite remarks difficult, if not impossible, partially because the available data or perhaps the interpretations given to the available data by individuals is conflicting.

Hoofnagle himself decided to go beyond previous research to gain insight into the differences between companies and the likelihood of their clients falling victim to identity theft. He notes how there has been no previous research into the relative rate of incidents of identity theft among various financial service providers. Hoofnagle acknowledges that “[t]his is a first attempt—a work in process—to meaningfully compare institutions on their performance in avoiding identity theft.” His preliminary results provide a list of 25 institutions within the financial service provider and the telecommunications sector. The Bank of America tops the list with the highest number of complaints and is followed by two telecommunication carriers, AT&T and Sprint/Nextel. indicates the full results.

Figure 6.. Identity theft complaints per institution (2006)

The GAO also conducted studies to provide a comprehensive overview about the prevalence and cost of identity theft. In 2002, GAO reported on the costs of identity theft within the private sector. The GAO obtained data from MasterCard and Visa. These two associations considered identity theft to be made up of two categories including account take over and fraudulent applications. GAO notes how “the associations’ aggregated identity theft-related losses from domestic (U.S. operations) rose from $79.9 million in 1996 to $114.3 million in 2000, an increase of about 43 percent. The associations’ definitions of identity theft-related fraud are relatively narrow, in the view of law enforcement, which considers identity theft as encompassing virtually all categories of payment card fraud. Under this broader definition, the associations’ total fraud losses from domestic operations rose from about $700 million in 1996 to about $1.0 billion in 2000, an increase of about 45 percent.”

With regard to the previously introduced issue of synthetic identity fraud, relatively little is known. ID Analytics conducted a study in 2005, which provided a rather troublesome result. According to the study, “[s]ynthetic identities are more commonly used to commit identity fraud than true-name identities. Overall, synthetic identity fraud comprises 88.3 percent of all identity fraud events and 73.8 percent of the total dollars lost by U.S. businesses.” The important thing to note, however, is how fabricated identities do partially rely on genuine personal data. As the study by ID Analytics shows, “[f]raudsters using synthetic identities to further their crimes typically employ the systematic manipulation of real Social Security numbers and create multiple variations of similar names across the numerous identities.”

Besides studies on the prevalence of identity theft, certain researchers also try to assess whether demographic characteristics influence potential victimization. In general, identity theft is a crime which can occur to anyone. Regardless of the fact that identity theft is indiscriminate with regard to its victims, certain citizens appear to be more prone to fall victim to the crime. Keith B. Anderson conducted a study to analyze whether certain citizens are indeed more likely to become victims of identity theft. While Anderson initially acknowledges how “[o]ne does not do something to become a victim – it just happens to you.” He also describes how “…a little deeper reflection suggests that this is really not the case. The risks faced by consumers do differ, and these differences may manifest themselves in differences across groups with different demographic characteristics.” Important to note, however, is how all consumers need to take the necessary precautionary measures in an attempt to prevent identity theft, but that some may indeed be more likely to fall victim, even if they take measures to protect themselves. Anderson concludes in his study how, “[t]he likelihood that a person will be a victim of identity theft does appear to be related to demographics.” He identifies the following relevant demographic characteristics in particular: level of income, education, gender, age and household composition. According to Anderson, “[c]onsumers with higher levels of income are more likely to be victims of ID theft…Similarly, those with more education may be somewhat more likely to be victims.” Anderson’s results furthermore indicate how the elderly run a lower risk to become victims of identity theft, but that households with only one adult are more likely to be victimized. Just as women appear to be more likely to fall victim to the crime than men. As Anderson rightfully notes in the end, however, “Socio-Demographic Characteristics do matter. However, no one is immune from the risk of ID theft.”