Identity Crime: The Need for an Appropriate Government Strategy

1. Introduction This paper investigates essential components for a robust strategy to combat identity crime in cyberspace for governments. The term 'cyberspace' was coined by William Gibson in his 1984 novel "Neuromancer". Our scope defines cyberspace as the Internet; an online or digital world including more recent inter-connective innovations like mobile devices such as phones and personal digital assistants. Cyberspace is a channel enabler and facilitator of identity crime. It is liked by perpetrators due to the anonymity of the transaction process. The scope of ID fraud is not just limited to cyberspace; it includes offline creation of identities. Identity crime is a serious problem in the world today costing individuals, organisations and governments millions of dollars in losses, and expenditure on prevention, control, detection, and prosecution. Set out below is a summary of a number of studies that have attempted to determine identity crime costs (amounts in billions in stated currency). * United States of America (US): "According to the Federal Trade Commission, identity theft cost American consumers US$5 billion and businesses US$48 billion last year, in 2005" (llett 2006) versus surveyed losses in the United States of America of US$56.6 billion in 2005 and falling to US$51 billion in 2006" and "$45 billion in 2007" measured by Javelin Strategy & Research (2006, 4; 2007, 5; 2008, 2); * United Kingdom (UK): "The reported annual cost of identity fraud has reached -1.72 billion" up from [pounds sterling]1.3 billion in 2004 (UK Home Office 2006); * Canada: "Annual cost was Canadian $2.5 billion to Canadian consumers and businesses, and the total annual cost to the Canadian economy was estimated at Canadian $5 billion" (Brown and Kourakos 2003); * Australia: The cost of identity fraud in Australia was estimated to be "Australian $1.1 billion a year with an estimation error of Australian $130 million in 2001-2002" (Cuganesan and Lacey 2003); and the * Global cost of identity crime in all its forms: "US$221 billion by the end of 2003 (Aberdeen Advisory Group, May 2003) and estimate as high as US$2 trillion by December 2005?" (The Fraud Advisory Panel 2003). With organisations being targeted by identity fraud perpetrators and incurring huge losses we also argue for implementation of an identity crime enterprise model. 'Identity' has three main attributes--biometric (physiological and behavioural characteristics), attributed, and biographical. In transacting with other entities in cyberspace we often use personal identifying information, such as, passwords, key tokens or personal identification numbers (PINs). Personal identifying information (PII) permits the authenticity or identifiability of an individual being verified. Verification is based on a prior exchange of details (identity) and questions plus their answers (unique to the individual) between parties. Identity attributes and personal identifying information within the scope of this paper are both critical information (documentation or data) enablers and facilitators of identity crimes. Identity crime, "refers to offences in which a perpetrator uses a false identity in order to facilitate the commission of a crime" (Australasian Centre for Policing Research 2006). Identity fraud, "refers to the gaining of money, goods, services or other benefits through the use of a false identity" (Australasian Centre for Policing Research 2006). Identity fraud events are preceded by identity theft and identity deception acts, where another's 'identity' is used and the perpetrator seeks anonymity to commit a crime. Identity theft is generally defined "as the misappropriation of the identity (such as the name, date of birth, current address or previous addresses) of another person, without their knowledge or consent. These identity attributes (proof of identity) are then used to obtain goods and services in that person's name" (Credit Industry Fraud Avoidance System (CIFAS) 2007). …