It is *not* identity theft, dammit
The crime we call “Identity Theft” consists of someone using nefarious means to gather enough personal information about a target individual to fradulently represent themselves as that target with a goal of establishing and/or using credit in the target’s name.
End result: some innocent gets a huge bill, a credit hit that takes a long time to resolve, and all the stress that goes with those things. Yep, it sucks.
But calling it identity theft is just plain foolish: it’s fraud. Yes, criminals are using fraud as a means to commit theft — they are stealing funds from creditors by pretending to be someone they aren’t. That part is, in fact, “theft by fraud“.
The term identity theft, though, implies that the victim’s identity is stolen; that’s insane, since the definition of steal includes depriving someone of property. If I’m a victim of this type of fraud, my identity may have been compromised, but it hasn’t been stolen — I am still the person I was before the crime, and I can still prove it.
Some may see this rant as pedantry, but it’s more than that. When people think of this crime in terms of theft, they security measures they choose are focused around the same ideas as preventing theft of property. In other words, people are content to carry insurance. That insurance usually isn’t called such, but people choose institutions that say “hey, if you’re a victim of identity-based credit fraud, you have zero liability” — that’s insurance, in my book.
If, however, people realized that this was credit fraud, they’d intuitively understand that the measures have to be different. It isn’t enough to insure people, we have to strengthen the authentication methods to prevent this. No, that doesn’t mean draconian National ID cards and the like: it means knowing basically public information (like SSN, Mother’s maiden name, etc.) shouldn’t be enough to open credit accounts. It also means that institutions who don’t properly confirm identities should have greater liability than just the funds they lose, or it isn’t worth it for them to spend the cash on training, people, and tech to solve the problem.
View blog reactions