Identity theft

About: Identity theft is a research topic. Over the lifetime, 2284 publications have been published within this topic receiving 31700 citations.

Data Breaches and the Dilemmas in Notifying Customers

Abstract: While the discussion about a federal law on data breach notification is ongoing and a rash of large, costly data breaches has galvanized public interest in the issue, this paper investigates on the phenomenon of data breach notification letters. In case of any data breach a company faces a number of dilemmas on how to inform the customers. The choices that a company makes on the missive content result decisive in having a prompt customers’ reaction against identity theft and eventually in shaping the relations between customers and the organization itself. Starting from the various regulations in place in US, the analysis has been performed focusing on the content of over 210 letters sent in US in the first semester of 2014. In particular letters are classified based on elements that can be isolated and analysed, e.g. the level of transparency used in communicating the event causing the breach or the time span between data breach identification and its notification to customers. In the end we labeled the data breach notifications according to the message customers might perceive when reading them. As a result six message types have been identified. This investigation contributes to the ongoing debate on the federal law on data breach notifications, highlighting limitations and effects of the already implemented State laws.

Social Media Identity Deception Detection: A Survey

Abstract: Social media have been growing rapidly and become essential elements of many people’s lives. Meanwhile, social media have also come to be a popular source for identity deception. Many social media identity deception cases have arisen over the past few years. Recent studies have been conducted to prevent and detect identity deception. This survey analyzes various identity deception attacks, which can be categorized into fake profile, identity theft, and identity cloning. This survey provides a detailed review of social media identity deception detection techniques. It also identifies primary research challenges and issues in the existing detection techniques. This article is expected to benefit both researchers and social media providers.

Identity Theft Statutes: Which Will Protect Americans the Most?

Abstract: INTRODUCTION Imagine opening up your mail and finding a credit card statement demanding the payment of thousands of dollars for items you never bought. Or, imagine getting pulled over on a neighborhood street for traveling a couple of miles over the speed limit only to end up getting arrested, strip searched, and taken to jail due to an outstanding arrest warrant for drugs and gun charges that someone else committed in your name. Unfortunately, for too many Americans, these nightmarish scenarios have become a reality. As the crime of identity theft has swept the nation, thousands of victims have been left with damaged credit, a criminal record, and emotional distress. (1) With the advent of the Internet, personal information travels across the globe at lightning speed. (2) Identity thieves use personal information--such as names, social security numbers, and birth dates--to commit frauds or crimes in someone else's name. As a result, state and federal governments have passed laws in an attempt to punish the perpetrators and to deter others from committing these crimes in the future. Each law is different, and each law takes a different approach to combat the problem. This Comment compares and contrasts four different identity theft statutes, and ultimately proposes an alternative statute that combines the strengths of the existing statutes. This proposed alternative statute includes additional provisions which provide more effective solutions to the identity theft problem in America. I. ARIZONA'S IDENTITY THEFT STATUTE The earliest identity theft statute adopted was in 1996 by the State of Arizona. (3) This statute made it unlawful for a person to "knowingly take[] or use[] any personal identifying information of another person, without the consent of that other person." (4) To violate the statute, the identity thief must have "the intent to obtain or use the other person's identity for any unlawful purpose or to cause loss to a person." (5) Finally, the statute states that a victim is the person "whose personal identifying information is taken or used without consent, whether or not the victim actually suffers any economic loss as a result of the offense." (6) In codifying the identity theft statute, the Arizona Legislature sought to warn criminals of the serious nature of this offense by labeling it a Class 4 felony. (7) This classification translates into a sentence of between one-and-one-half and three years in prison for first time offenders (8) and between three and twelve years for repeat offenders. (9) The statute's simple language and relatively short provisions address most acts that could be considered identity theft crimes. First, the term "personal identifying information" (10) is extremely broad and, although never interpreted by the courts of Arizona, could be used to include most government issued items. Second, the statute criminalizes any attempt to obtain a person's personal identifying information, whether or not the victim actually suffers economic loss. (11) This provision serves a two-fold purpose: it broadens the class of people susceptible to prosecution, and serves as a deterrent to those considering committing the crime of identity theft. Finally, it is important to note that the statute specifically limits the class of victims of identity theft to persons whose personal identifying information was taken or used. (12) The Arizona statute does not include banks or businesses that suffer financial loss as a result of the fraudulent transaction. (13) This limitation is both a strength and a weakness. By limiting the victims of identity theft to individuals, the provision creates a private cause of action only for individuals whose personal identifying information was stolen. The status of identity theft victim, as defined by the statute, may give a person more credibility with credit-reporting agencies when attempting to clear their credit. …

Systems Plan for Combating Identity Theft - A Theoretical Framework

Abstract: The incidences of identity theft have increased substantially in the Internet age. Increasing news reports of bank/credit cards theft, assumed identity for economical and criminal activities has created a growing concern for individuals, businesses, and governments. As a result, it's become an important and urgent task for organizations to find managerial and technical solutions to combat identity fraud and theft. Solutions to identity theft problem must deal with multiple parties and coordinated efforts must be made among concerned parties. This paper is to provide a comprehensive view of identity theft issue from system planner's perspective. The roles of identity owner, issuer, checker, and protector, are examined to provide a starting point for organizational and information systems design.

Online Self-disclosure: From Users’ Regrets to Instructional Awareness

Abstract: Unlike the offline world, the online world is devoid of well-evolved norms of interaction which guide socialization and self-disclosure. Therefore, it is difficult for members of online communities like Social Network Sites (SNSs) to control the scope of their actions and predict others’ reactions to them. Consequently users might not always anticipate the consequences of their online activities and often engage in actions they later regret. Regrettable and negative self-disclosure experiences can be considered as rich sources of privacy heuristics and a valuable input for the development of privacy awareness mechanisms. In this work, we introduce a Privacy Heuristics Derivation Method (PHeDer) to encode regrettable self-disclosure experiences into privacy best practices. Since information about the impact and the frequency of unwanted incidents (such as job loss, identity theft or bad image) can be used to raise users’ awareness, this method (and its conceptual model) puts special focus on the risks of online self-disclosure. At the end of this work, we provide assessment on how the outcome of the method can be used in the context of an adaptive awareness system for generating tailored feedback and support.