Some people eat, sleep and chew gum, I do genealogy and write...

Wednesday, February 20, 2013

Genealogy and Identity Theft

Genealogy will always be involved in the issue of identity theft as long as banks and other institutions stupidly keep using family relationship information for their security questions. Since I have multiple family trees online, how naive is it to use my mother's maiden name as a security question? Most of the other security type questions used by financial institutions and others, involve the same sort of simple to find types of information, such as the first school you attended. But there is still a real issue for individuals as to whether or not the so-called Identity Theft is something that needs to be feared to the point where some people refuse to download software or buy items online?

It has been some considerable time since I last wrote about this issue, but it keeps coming up again and again every time I teach a class about blogging, or using Google, or sharing family trees online or any other related subject. News stories with devastating examples of "Identity Theft" make people, especially older people less experienced with computers, paranoid that someone is going to steal their bank account if they sign up for email.

The first rule to observe in any kind of threat news is to see who is saying that there is a problem. It is interesting that nearly all of the online information about the so-called "Identity Theft" comes from companies who are trying to sell some sort of security program. You get the same type of scare tactics from home security systems, insurance salesmen, and many other sales types. So is there a real identity theft problem?

The main challenge of coming to grips with the world of identity theft is that there is no clear definition of exactly what they are all talking about. From all the news stories and even genealogy blogger posts, you would think that everyone knew exactly what they were talking about. But if you go to the U.S. government statistics, you will soon find that the definition used in government reporting includes, at
least, three broad areas. Here is the definition from the Bureau of Justice Statistics:
For the National Crime Victimization Survey (NCVS), the definition of identity theft includes three general types of incidents:
  • unauthorized use or attempted use of existing credit cards
  • unauthorized use or attempted use of other existing accounts, such as checking accounts
  • misuse of personal information to obtain new accounts or loans, or to commit other crimes.
Reports examining identity theft victimization at the person level uses data from an identity theft supplment to the NCVS. The supplement collects data from all NCVS respondent age 16 or older about experiences with identity theft. Reports examining identity theft victimization at the household level, use data from the core NCVS, in which the head of the household reports on the experiences with identity theft of all household members age 12 or older.
The last definition concerning the misuse of personal information is the one most worrisome to individuals, especially older individuals. But any statistics showing millions of victims a year quoted by security companies, conveniently or intentionally omits any distinction. Notice that the definition of identity theft includes "attempted use of existing credit cards." This means any time anyone tries to use a credit card improperly, this is reported as identity theft. Including this type of vague activity as the basis for reporting criminal activity renders the whole category of identity theft entirely meaningless.

Next, if you go to the Bureau of Justice Statistics website, you will immediately see that the incidence of identity theft is based entirely on the National Crime Victimization Survey. In other words, the numbers are not based on criminal arrests or convictions but on asking people if they think they have been victimized. If you dig deep enough, you will find that losing your credit card makes you a victim of identity theft.

By the way, people don't want to listen to me tell them these facts. When I try to explain why there is an overblown fear of identity theft, I have no audience.

Here is a summary of the statistics from the Bureau of Justice Statistics:
Presents data on the nature of and trends in identity theft victimization among U.S. households from the National Crime Victimization Survey (NCVS). The NCVS defines identity theft as the misuse or attempted misuse of an existing credit card or another existing account or the misuse of personal information to open a new account or for other fraudulent purposes. Findings are based on experiences of all household members age 12 or older as reported by the head of household. The data brief examines changes in the percentage of households experiencing identity theft from 2005 to 2010. It describes differences in the types of identity theft experienced by households in 2010 compared to 2005, as well as changes in the demographic characteristics of victimized households. The brief also presents estimates on the monetary losses attributed to household victims of identity theft. 
  • In 2010, 7.0% of households in the United States, or about 8.6 million households, had at least one member age 12 or older who experienced one or more types of identity theft victimization.
  • Among households in which at least one member experienced one or more types of identity theft, 64.1% experienced the misuse or attempted misuse of an existing credit card account in 2010.
  • From 2005 to 2010, the percentage of all households with one or more type of identity theft that suffered no direct financial loss increased from 18.5% to 23.7%.
Look at these numbers carefully. Obviously, the Bureau of Justice does not distinguish between the misuse or the attempted misuse of a credit card. Also, note that this does not distinguish attempted use by family members. So, if your child tries to use your credit card, you are the victim of identity theft. Not if they succeed in using your credit card, but only if they try to use it.

Notice there is no mention of online or computers anywhere in this report. Also note that a percentage of the entire population of the United States for a whole year is always a large number. Note also that financial loss is falling not rising. Have you ever seen a news report stating that losses from identity theft are falling dramatically? Neither have I.

Now, don't misunderstand me. People should be worried about their credit cards. But when was the last time you went to a restaurant and gave your credit card to a server for payment. What did he or she do with the card? Do you know? If you want to get paranoid about identity theft, you need to be aware of where and when it is happening. It is not type of crime the news stories and those selling products would like you to believe.

OK so prove me wrong. Let's look at the United State Attorneys' Annual Statistical Report for 2010. Guess what, identity theft is not identified as a separate category. So where do you go to find out how many identity theft crimes were committed in the U.S? It turns out to be a slippery and difficult question to answer. I turn to the U.S. Census Bureau and their 2012 Statistical Abstract. The latest statistics are from 2009, almost four years ago. Guess what? Identity theft is not listed as a category in the general statistics. But there is a separate report for "Fraud and Identity Theft -- Consumer Complaints by State."

Look at this report. It is not based on criminal prosecutions, but on unverified reports from consumers. The latest year reported in 2010. The total number of identity theft reports in the U.S. for 2010 was 250,854 or 81.2 per 100,000 population. This compares to a violent crime rate of 429.4 per 100,000 population. Motor vehicle theft is at 258.8 per 100,000 of the population.

Why then is identity theft such a hugely touted concern in the U.S? That is a really good question. But look again at the definition of identity theft being used by the U.S. Government before you cite any statistics.

No comments:

Post a Comment