Identity Theft Protection

Vertical Available, Demo Only

Identity Theft Protection

Identity theft is the deliberate use of someone else’s identity, usually as a method to gain a financial advantage or obtain credit and other benefits in the other person’s name,^[1][2] and perhaps to the other person’s disadvantage or loss. The person whose identity has been assumed may suffer adverse consequences if they are held responsible for the perpetrator’s actions. Identity theft occurs when someone uses another’s personally identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes.

The term identity theft was coined in 1964.^[3]

“Determining the link between data breaches and identity theft is challenging, primarily because identity theft victims often do not know how their personal information was obtained,” and identity theft is not always detectable by the individual victims, according to a report done for the FTC.^[4] Identity fraud is often but not necessarily the consequence of identity theft. Someone can steal or misappropriate personal information without then committing identity theft using the information about every person, such as when a major data breach occurs. A US Government Accountability Office study determined that “most breaches have not resulted in detected incidents of identity theft”.^[5]The report also warned that “the full extent is unknown”. A later unpublished study by Carnegie Mellon University noted that “Most often, the causes of identity theft is not known,” but reported that someone else concluded that “the probability of becoming a victim to identity theft as a result of a data breach is … around only 2%”.^[6] More recently, an association of consumer data companies noted that one of the largest data breaches ever, accounting for over four million records, resulted in only about 1,800 instances of identity theft, according to the company whose systems were breached.^[7]

An October 2010 article entitled “Cyber Crime Made Easy” explained the level to which hackers are using malicious software. As one security specialist named Gunter Ollmann said, “Interested in credit card theft? There’s an app for that.” This statement summed up the ease with which these hackers are accessing all kinds of information online. The new program for infecting users’ computers is called Zeus; and the program is so hacker friendly that even an inexperienced hacker can operate it. Although the hacking program is easy to use, that fact does not diminish the devastating effects that Zeus (or other software like Zeus) can do to a computer and the user. For example, the article stated that programs like Zeus can steal credit card information, important documents, and even documents necessary for homeland security. If the hacker were to gain this information, it would mean identity theft or even a possible terrorist attack.^[8]

Individual identity protection

The acquisition of personal identifiers is made possible through serious breaches of privacy. For consumers, this is usually a result of them naively providing their personal information or login credentials to the identity thieves as a result of being duped but identity-related documents such as credit cards, bank statements, utility bills, checkbooks etc. may also be physically stolen from vehicles, homes, offices, and not the least letter boxes, or directly from victims by pickpockets and bag snatchers. Guardianship of personal identifiers by consumers is the most common intervention strategy recommended by the US Federal Trade Commission, Canadian Phone Busters and most sites that address identity theft. Such organizations offer recommendations on how individuals can prevent their information falling into the wrong hands.

Identity theft can be partially mitigated by not identifying oneself unnecessarily (a form of information security control known as risk avoidance). This implies that organizations, IT systems and procedures should not demand excessive amounts of personal information or credentials for identification and authentication. Requiring, storing and processing personal identifiers (such as Social Security number, national identification number, driver’s license number, credit card number, etc.) increases the risks of identity theft unless this valuable personal information is adequately secured at all times. Committing personal identifiers to memory is a sound practice that can reduce the risks of a would-be identity thief from obtaining these records. To help in remembering numbers such as social security numbers and credit card numbers, it is helpful to consider using mnemonic techniques or memory aids such as the mnemonic Major System.

Identity thieves sometimes impersonate dead people, using personal information obtained from death notices, gravestones and other sources to exploit delays between the death and the closure of the person’s accounts, the inattentiveness of grieving families and weaknesses in the processes for credit-checking. Such crimes may continue for some time until the deceased’s families or the authorities notice and react to anomalies.^[20]

In recent years, commercial identity theft protection/insurance services have become available in many countries. These services purport to help protect the individual from identity theft or help detect that identity theft has occurred in exchange for a monthly or annual membership fee or premium.^[21] The services typically work either by setting fraud alerts on the individual’s credit files with the three major credit bureaus or by setting up credit report monitoring with the credit bureaux. While identity theft protection/insurance services have been heavily marketed, their value has been called into question.^[22]

Identity protection by organizations

In their May 1998 testimony before the United States Senate, the Federal Trade Commission (FTC) discussed the sale of Social Security numbers and other personal identifiers by credit-raters and data miners. The FTC agreed to the industry’s self-regulating principles restricting access to information on credit reports.^[23] According to the industry, the restrictions vary according to the category of customer. Credit reporting agencies gather and disclose personal and credit information to a wide business client base.

Poor stewardship of personal data by organizations, resulting in unauthorized access to sensitive data, can expose individuals to the risk of identity theft. The Privacy Rights Clearinghouse has documented over 900 individual data breaches by US companies and government agencies since January 2005, which together have involved over 200 million total records containing sensitive personal information, many containing social security numbers.^[24] Poor corporate diligence standards which can result in data breaches include:

• failure to shred confidential information before throwing it into dumpsters
• failure to ensure adequate network security
• credit card numbers stolen by call center agents and people with access to call recordings
• the theft of laptop computers or portable media being carried off-site containing vast amounts of personal information. The use of strong encryption on these devices can reduce the chance of data being misused should a criminal obtain them.
• the brokerage of personal information to other businesses without ensuring that the purchaser maintains adequate security controls
• Failure of governments, when registering sole proprietorships, partnerships, and corporations, to determine if the officers listed in the Articles of Incorporation are who they say they are. This potentially allows criminals access to personal information through credit rating and data mining services.

The failure of corporate or government organizations to protect consumer privacy, client confidentiality and political privacy has been criticized for facilitating the acquisition of personal identifiers by criminals.^[25]

Using various types of biometric information, such as fingerprints, for identification and authentication has been cited as a way to thwart identity thieves, however there are technological limitations and privacy concerns associated with these methods as well.

Oroville

Oroville is the county seat of Butte County, California, United States. The population was 15,506 at the 2010 census, up from 13,004 in the 2000 census. Oroville is considered the gateway to Lake Oroville and Feather River recreational areas. The city of Oroville has recently annexed two locations in South Oroville, areas A and B, which have a combined population of 2,725 people. The U.S. Census Bureau estimated the population of the city to be 17,996 as of January 1, 2016, up 1,908 people or 11.9 percent since 2010. The Berry Creek Rancheria of Maidu Indians of California is headquartered here.

Oroville is located off of State Route 70, and is in close proximity to State Route 99, which connects Butte County with Interstate 5. Chico, California is located about 25 minutes north of the city, and Sacramento lies about an hour south.

Oroville is situated at the base of the foothills on the banks of the Feather River where it flows out of the Sierra Nevada onto the flat floor of the Sacramento Valley. It was established as the head of navigation on the Feather River to supply gold miners during the California Gold Rush.

The town was originally called “Ophir City”, but the name was changed to Oroville when the first post office opened in 1854 (“oro” is “gold” in Spanish).^[6] The City Of Oroville was incorporated on January 3, 1906.

Gold was found at Bidwell Bar, one of the first gold mining sites in California, bringing thousands of prospectors to the Oroville area seeking riches. Now inundated by the waters of enormous Lake Oroville, which was filled in 1968, Bidwell Bar is memorialized by the Bidwell Bar Bridge, an original remnant from the area and the first suspension bridge in California (California Historical Landmark #314). In the early 20th century the Western Pacific Railroad completed construction of the all-weather Feather River Canyon route through the Sierra Nevadas giving it the nickname of “The Feather River Route”. Oroville would serve as an important stop for the famous California Zephyr during its 20-year run. In 1983, this became a part of the Union Pacific Railroad as their Feather River Canyon Subdivision. A major highway, State Route 70, roughly parallels the railroad line winding through the canyon.