Google Answers Logo
View Question
 
Q: Identity Theft: Why don't the current tools solve it? ( Missy-ga, if possible) ( Answered 5 out of 5 stars,   2 Comments )
Question  
Subject: Identity Theft: Why don't the current tools solve it? ( Missy-ga, if possible)
Category: Miscellaneous
Asked by: bryan_norton-ga
List Price: $120.00
Posted: 08 Aug 2003 12:55 PDT
Expires: 07 Sep 2003 12:55 PDT
Question ID: 241534
- I've read that full-blown identity theft is a huge problem. I know
that there are several tools that lenders use to authenticate the
loanders, i.e., verify that John Miller is indeed John Miller. These
tools include: all three credit bureaus' verification tools (as
opposed to credit rating tools). These basically ask the consumer
questions and compare the answers against the data they have on file.
But the fact is that there is still tremendous ID theft. 
My questions:
1. Why is there so much ID theft despite these tools? Where is the
flaw?
2. How much money do the banks and lenders lose a year on ID theft?
3. What data do credit bureaus collect, how updated is it?
4. What other entities like credit bureaus collect this kind of data?
5. What is the nature of most ID theft(is it family and friend theft,
or hackers etc)?
6. Does the Patriot act or any other act limit the type of data that
bureaus can collect?
I want to emphasize: the focus of my question is the
authentication/verification of the person as opposed to the credit
standing.

Thank you in advance!

Request for Question Clarification by missy-ga on 08 Aug 2003 13:00 PDT
Hi Bryan!

Holy cow, what an interesting search this is going to be!  And thank
you so much for requesting me, it's quite flattering.

This is a pretty complex query, so please don't be surprised if it
takes a long time to complete.  I did want to let you know that I am
working on it, however, so you know that I'm not ignoring you.

--Missy
Answer  
Subject: Re: Identity Theft: Why don't the current tools solve it? ( Missy-ga, if possibl
Answered By: missy-ga on 09 Aug 2003 11:56 PDT
Rated:5 out of 5 stars
 
Hello Bryan!

What a remarkably interesting and informative search this was!

You’re correct that identity theft has become quite a problem in the
US.  In fact, it’s the fastest growing crime in America, to which
nearly 200,000 American citizens fall victim each year.  According to
the Federal Trade Commission, fully 43 percent of complaints to that
agency are about identity theft.  “Huge” is probably a vast
understatement, when one considers how fast this crime is growing –
the numbers are expected to only increase.  According to the Aberdeen
Group, this increase is projected to continue at a rate of 300% per
year!

To start, it’s probably a good idea to understand exactly what
identity theft is.  Identity theft is the process of using another
person’s identifying information (Social Security number, address,
phone number, driver’s license number and any other information the
would-be thief is able to gather) in order to fraudulently obtain
credit cards, access bank accounts, apply for loans, apply for a job,
rent an apartment or even file for bankruptcy in the victim’s name.

With enough identifying information, a thief can obtain a fake
driver’s license or state ID card with your name (but with their
picture!), and use it to open dozens of fraudulent accounts virtually
anywhere.  What’s more, the fraudulent activity can continue for years
before being noticed.  Most victims do not become aware that they’ve
been victimized by identity thieves until they apply for a credit card
or loan and are inexplicably turned down.  Often, by the time they
realize what has happened, the thief has already moved on to a new
victim, making it difficult to trace and catch the perpetrators.

When dealing with a complex topic such as this one, I find it easier
to present findings when they are broken down.  Since you’ve asked a
series of questions, you’ve done part of the breaking down for me.  I
shall answer each question individually, and will include source URLs
at the very end of the answer.


1. Why is there so much ID theft despite these tools? Where is the
flaw?
------------------------------------------------------------------------------------------
No tool is foolproof, and while tools such as Equifax’s ID Verify can
be useful, they aren’t quite as secure as one might think:
“Lenders are the most vulnerable to identity theft fraud at new
account opening, where even the most sophisticated forms of
identification (biometrics for example) are of no value.  The best way
for lenders to put a dent in this type of loss is to prevent the
stolen identity from being used in the initial loan application
process.  The problem with this approach is that technology to
authenticate a person’s identity at the point of sale is not mature
and the loss associated with identity theft so random and
unpredictable that financial services institutions (unless they have
been involved in substantial losses of this type) have been unable to
justify the IT expenditures—let alone fund research and development.”

Identity Theft: Lenders Are Victims, Too
http://www.towergroup.com/customer/passthrough.asp?strURLSource=chronology&intSecBitCode=8&strSource=search&strNoteVolume=v34&strNoteNumber=v34_38C&strURLSource=PressRelease

The number one reason there is so much identity theft in spite of
tools used by lenders to verify identity is probably not going to be a
surprise to you.

It’s people. 
 
The fact is, with enough information gathered from public records and
from other people, thieves can easily circumvent such verifications. 
Sometimes, even the consumers themselves are unwittingly complicit!

Those verification tools might be used by bank lenders, but when was
the last time you were asked to verify your identity by a credit card
company in order to obtain an account?  My seven year-old gets
pre-approved credit card offers all the time!  True confession time: 
In college, my cat received a pre-approved credit card offer (we
always put his name on our magazine subscriptions).  We sent it in,
with my income information on it.  “Friedrich J. Schiller-Katze” (my
cat’s full name) got a credit card about 2 weeks later, to our great
startlement.  (We cut it up, sent it back and closed the account.  But
see how easy it was to get it to begin with?)

So.  How do identity thieves get their information and set about
damaging your credit?  You’d be surprised at how easily they manage:

-- stealing records from an employer or bribing an employee with
access.
-- posing as a person in a position of authority to obtain information
from employees with access to personal information
-- “dumpster diving” – the practice of fishing through trash, either
that of businesses or residences, to obtain discarded documents.
-- mail theft, including utility bills, credit card statements,
pre-approved credit card offers, tax forms, and bank statements.  This
is accomplished by either plain vanilla theft (straight from the box)
or by filling out a forwarding order at the post office to have your
mail sent elsewhere for a while.
-- obtaining copies of public records such as deeds, marriage
certificates, liens, bankruptcy records and business licenses or
applications.  This can be done online or through the mail, for
nominal fees.
-- theft of purses or wallets.  Quick, what’s in your wallet?  If your
wallet’s contents resemble this checklist, you’re at risk:

MY WALLET or PALM PILOT HAS BEEN LOST OR STOLEN: What should I do?
http://www.idtheftcenter.org/html/fs104.htm

-- abusing their employer’s access to credit reports (if the thief
works in a financial institution)
-- posing as a landlord, prospective employer or another person who
may legally access credit reports in order to obtain them
-- “pretexting” or “social engineering”, the process by which someone
obtains your sensitive information directly from you simply by
pretending to be someone in a position of authority and asking your
for it.

For a scary example, let’s turn to Paul Mungo and Bryan Clough’s 1992
tome, “Approaching Zero:  The Extraordinary World of Hackers,
Phreakers, Virus Writers, and Keyboard Criminals”.  The prologue deals
with a hacker named “Fry Guy” – he’s fifteen, and he steals credit
card numbers:

“Hi, this is Joe Boyle from CSA…Credit Systems of America,” he had
said, dropping his voice two octaves to sound older – a lot older, he
hoped – than his fifteen years.  He also modulated his natural
midwestern drawl, giving his voice an eastern twang: more big city,
more urgent.

“I need to speak to your credit manager…uh…what’s the name?  Yeah,
Tom.  Can you put me through?

Tom answered.

“Tom, this is Joe Boyle from CSA.  You’ve been having some trouble
with your account?”

Tom hadn’t heard of any trouble.

“No?  That’s really odd…Look, I’ve got this report that says you’ve
been having problems.  Maybe there’s a mistake somewhere down the
line.  Better give me your account number again.”

And Tom did, obligingly reeling off the eight-character code that
allowed his company to access the CSA files and confirm customer
credit references.  As Fry Guy continued his charade, running through
a phony checklist, Tom, ever helpful, also supplied his store’s
confidential CSA password.  Then Fry Guy keyed in the information on
his home computer.  “I don’t know what’s going on,” he finally told
Tom.  “I’ll check around and call you back.”

[…]

Fry Guy had discovered that by sounding authoritative and
demonstrating his knowledge of computer systems, most of the time
people believed he was who he said he was.  And they gave him the
information he asked for, everything from account codes and passwords
to unlisted phone numbers.”

[ Excerpted from “Approaching Zero:  The Extraordinary World of
Hackers, Phreakers, Virus Writers, and Keyboard Criminals”, by Paul
Mungo and Bryan Clough.   1992,  Random House, New York.  pp. ix-x. ]

Did that make the hair on the back of your neck stand up?  It should. 
It happens every day.

Even worse, thousands of consumers are swindled each year by
responding to spam that appears to be a legitimate communication from
a company they do business with.  They hand over sensitive account and
personal contact information, not realizing until later that they’ve
been the victims of identity theft:

“Thousands of consumers apparently received an unauthorized and
deceptive email from Best Buy, entitled “Fraud Alert,” on June 18,
2003. Using concern about a purchase from Best Buy and possible credit
card misuse as bait, the fraudulent email message urged recipients to
go to a special Web site and correct the problem by entering their
Social Security and credit card numbers.”

Fraudulent Email Seeks to Capture Consumer Information
http://www.consumer.gov/idtheft/

“Over the past week, users of eBay's online payments service have been
receiving e-mails masquerading as official PayPal alerts, eBay
spokesman Kevin Pursglove confirmed Friday. The messages ask recipents
to submit bank and credit card details.

Tricks involving bogus e-mail posing as legitimate messages from eBay
and PayPal are nothing new. However, the latest spoof e-mail--which
included a PayPal logo, links to PayPal's site and official-looking
fine-print--appeared particularly convincing, said Brenda Frymire, a
PayPal user in San Ramon, Calif., who received the e-mail Thursday.

The e-mails tell recipients that their PayPal accounts have been
randomly selected for maintenance and placed on "Limited Access"
status. The message, which appears to come from info@paypal.com,
instructs the account holder to enter credit card and bank account
numbers in an online form embedded in the e-mail.”

E-mail scam tries to fool PayPal users
http://news.com.com/2100-1018-991639.html

“Once a con artist has commandeered an account, the process of
defrauding buyers out of potentially tens of thousands of dollars
while evading detection becomes that much easier.

While many of the eBay spoof sites are intended just to take over an
eBay identity, others appear designed to grab the whole identity kit
and caboodle.

One site attempts to glean not only the eBay user's name and password,
but the visitor's complete credit card information, billing address,
phone numbers, bank account routing number, checking account number,
social security number, debit card PIN, mother's maiden name, date of
birth, and driver's license number.”

Identity Thieves Strike eBay – C-Net News
http://news.com.com/2100-1017-966835.html?tag=fd_ots

[ For more examples, including copies of the PayPal and eBay scam
pages, visit:

Learn How to Avoid Scams and Fraud
http://www.fightidentitytheft.com/sucker.html ]

Until consumers wise up and stop giving their private information to
anyone who asks (and start shredding or burning their old financial
documents), it would appear that identity theft will always be a
problem.


2. How much money do the banks and lenders lose a year on ID theft?
---------------------------------------------------------------------------------------
The Federal Trade Commission estimates that US financial institutions
lost more than $343,000,000 to identity theft in 2002.   In 2003, the
Tower Group reported that US lenders lose $1 billion, annually.

Estimates by Boston’s Aberdeen Group indicate that total US losses may
reach as much as $73.8 billion by the end of 2003, and $2 trillion by
the end of 2005.

3. What data do credit bureaus collect, how updated is it? 
-----------------------------------------------------------------------

Contrary to popular belief, credit bureaus do not collect every minute
detail of a person’s life.  The information they are permitted to
collect is carefully regulated, and how and to whom the information is
released is likewise carefully regulated.

America’s three credit reporting agencies (TransUnion, Equifax and
Experian) collect your personally identifying information (name,
address, date of birth, Social Security Number), employment
information (where you work, what your position is, how long you’ve
worked there, what your salary is), banking information (where you
bank, what sort of accounts you have with your bank), information
about any criminal convictions, and information about your credit
accounts.  This information includes the name of your creditor, your
account number with that creditor, the amount of the loan or line of
credit, the balance outstanding on the loan or line of credit, the
minimum monthly payment, and your payment habits (whether you’re on
time, occasionally late, habitually late or delinquent).  The agencies
also keep a record of who has made an inquiry into your credit report.

The following excerpt may be of interest to you:

“Consumer credit reports contain information on financial accounts,
and include credit card balances and mortgage information. Credit
reports are used for evaluating eligibility for credit, insurance,
employment, and tenacy; the ability to pay child support; professional
licensing (for instance, to become an attorney); or for any purpose
that a consumer approves.

A consumer credit report will contain basic identifying information
(name, address, previous address, Social Security Number, marital
status, employment information, number of children) along with:

* Financial information: Estimated income, employment, bank accounts,
value of car and home.
* Public records information: Such as arrests, bankrupticies, and tax
liens.
* Tradelines: Credit accounts and their status. This will also include
the data subject's payment habits on credit accounts.
* Collection Items: Whether the data subject has unpaid or disputed
bills.
* Current Employment and employment history.
* Requests for the credit report: The number of requests for the data
subject's report and the identity of the requestors.
* Narrative information: A statement by the data subject or by the
furnisher regarding disputed items on the credit report.
* Health information.

Certain information about consumers are excluded from the definition
of "credit report." This includes "transaction and experience"
information, that is, records of purchases of goods and services by
the consumer. Additionally, corporations may share credit report
information among affiliates as long as notice and opt-out is provided
to the consumer.

CRAs can also prepare "investigative consumer reports," (ICRs)
dossiers on consumers that include information on character,
reputation, personal characteristics, and mode of living. ICRs are
complied from personal interviews with persons who know the consumer.
Since ICRs include especially sensitive information, the FCRA affords
greater protections for them. For instance, within three days of
requesting an ICR, the requestor must inform the consumer that an ICR
is being compiled. The consumer also can request a statement
explaining the nature and scope of the investigation underlying the
ICR.”

Consumer Credit Reports and Investigative Consumer Reports (ICRs)
http://www.epic.org/privacy/fcra/

It’s important to note that the agencies don’t actively collect the
data themselves.  They serve as passive repositories for the
information that we, the consumer, hand over willingly each and every
time we apply for a loan or credit card.  The financial institutions
with which we do business send our information to the credit reporting
agencies, which then compiles it to create a consumer credit file.

How up to date information collected by consumer credit reporting
agencies is depends largely on the creditors’ reporting habits.  The
credit bureaus make changes each month based on information sent to
them by lenders and creditors.  This monthly updating process does
not, however, ensure that the information in a credit file is the most
current or even accurate.  Credit reporting agencies do not verify the
information they are sent, do not require that creditors send updated
information at regularly specified intervals, and do not attempt to
correct information that may be inaccurate or outdated.

It is up to the individual consumer to ensure that the information on
file is accurate and up to date.  This can be achieved by regularly
ordering one’s credit reports (all three of them, as the agencies
neither share nor cross-verify information) to check them for
accuracy.

Under the Fair Credit Reporting Act, a consumer may dispute incorrect
information and demand its removal from the credit report.  Disputed
items are removed from a consumer credit file while the matter is
being investigated, and may not be considered if a consumer applies
for credit during this time.  The credit reporting agency must attempt
to verify the information with the reporting creditor, and must
complete their investigation within 30 days.  If the information is
verified as correct, it is reinserted into the credit file.  If it is
incorrect or cannot be verified, it must be deleted and the consumer’s
file must be amended.  Additionally, agencies must, at the request of
the consumer, send amended credit reports to any credit grantor who
received the consumer’s report in the past six months.

4. What other entities like credit bureaus collect this kind of data?
--------------------------------------------------------------------------------

Any institution with which you have a financial relationship can
collect this data – it is typically gathered from your consumer credit
report as well as any information you provide on your application
(which is in turn sent to the credit reporting agency).  The Internal
Revenue service likewise collects certain data, such as your
identification, employment and financial data.  This information is
also gathered by other agencies, but they aren’t similar to credit
bureaus.

Other agencies that collect similar data include the US Census Bureau,
which compiles demographic information not linked to specific persons,
State Departments of Motor Vehicles (which collect your name, date of
birth, address, phone number, Social Security number, insurance
information and physical description in addition to issuing your
license and plates), and life and auto insurance companies if you’ve
applied for a policy.  The Social Security Administration links your
name, address, date of birth and employment information to you Social
Security number, for the purposes of administering the Social Security
program.  Although these agencies do not make this information public,
they are still vulnerable to “inside jobs”, as well as hacking
attempts.

If you purchase property, administer an estate, file for a business
license or fictitious name for your business, file for bankruptcy, or
land in court, your personally identifying information associated with
these actions is kept at the County Recorder’s or Clerk of Courts’
office, where the documents may be requested by anyone who wishes to
see them.  Certain information (such as Social Security numbers) is
blacked out, but other identifying information is left intact.

You’d be amazed at what a credit card and a couple hours of quality
time with Lexis-Nexis will get for you, no questions asked.

5. What is the nature of most ID theft(is it family and friend theft,
or hackers etc)?
---------------------------------------------------------------------------------------------------

According to PCWorld News, citing remarks made by the FBI’s Dennis M.
Lormel, most identity theft is committed by “common criminals” –
strangers who employ a variety of methods to obtain information, from
hacking, taking advantage of company mistakes (such as a company
inadvertantly posting personal financial data or credit card numbers
on a website) to dumpster diving to simple social engineering.

USA Today cites a specific kind of  “common criminal” – those who
steal employee records.  In fact, theft of employee records is the
leading contributor to identity theft:

“The top cause of identity fraud is now theft of records from
employers or other businesses that have records on many individuals,
according to a 2002 report by credit information provider TransUnion.
That beats all other sources, including stolen credit cards, mail
theft and stolen purses or wallets.”

Employment records prove ripe source for identity theft
By Stephanie Armour, USA TODAY - 1/23/2003
http://www.usatoday.com/money/workplace/2003-01-23-idtheft-cover_x.htm

If you have a job, you’re at risk.  Ouch.

6. Does the Patriot act or any other act limit the type of data that
bureaus can collect?
--------------------------------------------------------------------------------------------------------

If anything, the PATRIOT Act may very well broaden the scope of
information such agencies are permitted to collect, with the intent
(so it is said) to help prevent identity theft:

“This extreme example of the dangers of identity theft resulted in the
promulgation of Section 326 of the USA Patriot Act, which mandates the
implementation of a Customer Identification Program (CIP) at all
financial institutions. This essentially is a more rigorous form of
Know Your Customer, with much more explicit procedural stipulations.
As a result, many FIs are scrambling to bring their systems into
compliance. The final requirements are expected to be released in late
February or early March. The following provides a broad overview of
the requirements to date.

* Identity validation: Risk-based procedures to verify the identity of
customers (persons seeking to open accounts and any signatories on the
accounts).
* Archival of records: Retain identifying information provided by
customers, the methods and results of measures undertaken to verify
identity, and the resolution of any discrepancies in identifying
information obtained. These records must be archived for five years
after account closure.
* Background verification: Determine whether the customer appears on
any list of known or suspected terrorists or terrorist organizations
provided by any federal government agency.

Compliance with these procedures will be challenging. While procedures
can be implemented that require tellers to scrutinize identification,
the actual practice is hard to enforce. Even the most effective policy
cannot totally mitigate the human element-the tired new accounts clerk
who just wants to go home. The most effective way to implement a
Patriot Act-compliant CIP is through technology that will verify the
consumer's identity, record the verification methods employed, and
archive the records.”

Identity Theft and the USA Patriot Act
by Julie Conroy-McNelley – BankersOnline
http://www.bankersonline.com/vendor_guru/pps/pps_id.html

Experian offers a “Best Practices” white paper describing methods to
collect and verify indentifying information, but to view it you must
proved…you guessed it…personally identifying information – name,
address, e-mail address and phone number.  I’m personally uninterested
in providing this information to Experian for the sake of reading
their white paper, but if you’d like to check out their recommended
procedure, you can give up your personal information here:

"Know your customers" has never mattered more
http://www.experian.com/products/patriot_act_compliance_form2.html?referrer=undefined

The PATRIOT Act also broadens *access* to this information:

“For many years, the FBI has had access to credit reports for
counterintelligence purposes. In order to obtain the report, the FBI
has to certify that the information is necessary for "the conduct of
an authorized investigation to protect against international terrorism
or clandestine intelligence activities." FBI access to the credit
report is secret--the CRA is not allowed is disclose that the
consumers' file was accessed. The Attorney General is required to
report semiannually on the requests made by the FBI for credit reports
to Congress.

The USA PATRIOT Act, passed in the wake of the September 11, 2001
terrorist attacks, broadened law enforcement access to credit reports.
15 U.S.C.  1681v allows any government agency that is authorized to
conduct intelligence or counterintelligence investigations or analysis
of international terrorism to gain access to credit reports. Similar
to the FBI access provision, the agency must certify that the credit
report is necessary for investigation or analysis. The CRA is not
permitted to disclose that the government agency sought the credit
report. But, unlike the FBI provision, requests made under  1681v do
not have to be disclosed to Congress. It is likely that the FBI will
use this new route to obtain credit reports than the former one
because it lacks the reporting requirement.”

Law Enforcement Access to the Credit Report
http://www.epic.org/privacy/fcra/

That said, there are regulations in place to limit the kind of
information that can be collected, how it can be used, and who is
permitted to see it:

The Privacy Act of 1974
http://www.epic.org/privacy/laws/privacy_act.html

The Fair Credit Reporting Act of 1970
http://www.ftc.gov/os/statutes/fcra.htm

(The type of information that can be collected depends on who is
asking for it, and for what purpose, so I’ve only provided the laws
themselves.  Circumstances vary.)

How this information may be used is rather nicely summed up by EPIC, a
privacy rights organization:

“The FCRA limits the use of the credit report to certain purposes.
They are:

* Applications for credit, insurance, and rentals for personal, family
or household purposes.
* Employment, which includes hiring, promotion, reassignment or
retention. A CRA may not release a credit report for employment
decisions without consent.
* Court orders, including grand jury subpoenas.
* "Legitimate" business needs in transactions initiated by the
consumer for personal, family, or household purposes.
* Account review. Periodically, banks and other companies review
credit files to determine whether they wish to retain the individual
as a customer.
* Licensing (professional).
* Child support payment determinations.
* Law enforcement access: Government agencies with authority to
investigate terrorism and counterintelligence have secret access to
credit reports.

Specific prior consent is required before consumer reports with
medical information can be released.”

Permissible Uses of the Credit Report
http://www.epic.org/privacy/fcra/


Sources:

IdentityTheft.org
http://www.identitytheft.org/

Privacy Survival Guide
http://www.privacyrights.org/fs/fs1-surv.htm

How Identity Theft Works
http://www.howstuffworks.com/identity-theft.htm

Understanding ID Theft
http://www.ftc.gov/bcp/idtheft_testing/consumertopics.html

The Identity Theft Evidence Trail
http://www.idtheftcenter.org/html/fs117.htm

Identity Theft Losses Expected to Hit $2 Trillion by 2005
May 22, 2003 By Sharon Gaudin - Datamation - Earthweb
http://itmanagement.earthweb.com/secu/article.php/2211101

Protect yourself from identity theft
By Susan Okula - MSN Money
http://moneycentral.msn.com/articles/banking/credit/1342.asp

Tackling identity theft - CNN - 11/26/02
http://edition.cnn.com/2002/TECH/11/26/hln.wired.id.theft/

Ecommerce News - Identity Theft Picking Up Speed
By Sharon Gaudin - April 7, 2003 
http://ecommerce.internet.com/news/news/article/0,,10375_2176941,00.html

CONSUMER LENDERS WEIGH RISK / RETURN IN BATTLE TO 
STEM IDENTITY THEFT LOSSES
http://www.towergroup.com/public/presscenter/pressreleases/032603.htm

Identity thieves catch the unwary - The Age - December 31 2002
http://www.theage.com.au/text/articles/2002/12/30/1041196594881.htm

C-Net News - Identity theft: Fact and fiction
By Jonathan J. Rusch September 18, 2002
http://news.com.com/2010-1075-958328.html

FDIC Consumer News - Summer 2000: When a Criminal's Cover Is Your
Identity
http://www.fdic.gov/consumers/consumer/news/cnsum00/idthft.html

Credit Reporting Agency
http://www.equifax.com/credit-reporting-agency.htm

Fair Debt Collection
http://www.ftc.gov/bcp/conline/pubs/credit/fdc.htm

Credit Reports: What Information Providers Need to Know
http://www.ftc.gov/bcp/conline/pubs/buspubs/infopro.htm

Common Credit Report Myths
http://www.accu-credit.com/credit_bureaus_federal_trade_commission_rental.html

Federal Consumer Information Center: Consumer Handbook to Credit
Protection Laws -
Credit Histories and Records 
http://www.pueblo.gsa.gov/cic_text/money/protection-laws/histories.htm

Using Consumer Reports: What Landlords Need to Know
http://www.pueblo.gsa.gov/cic_text/smbuss/landlord/landlord.htm

The Fair Credit Reporting Act - Full Text
http://www.ftc.gov/os/statutes/fcra.htm

Consumer Reports: What Insurers Need to Know
http://www.ftc.gov/bcp/conline/pubs/buspubs/insurers.htm

Using Consumer Reports: What Employers Need to Know
http://www.ftc.gov/bcp/conline/pubs/buspubs/credempl.htm

Credit Repair Scams
http://www.attorneygeneral.gov/pei/brochures/bcp/html/creditrepairscams.cfm

HOW THE CREDIT REPORTING SYSTEM "WORKS"
http://www.computerfinance.net/how_system_works.html

Annual Losses To Identity Fraud Top $1 billion
Paul Doocey Apr 16, 2003 - Bank Systems and Technology Online
http://www.banktech.com/story/amLaundering/BNK20030416S0001

ID Theft:  When Bad Things Happen To Your Good Name
http://www.ftc.gov/bcp/conline/pubs/credit/idtheft.htm

Consumer Watch: Don't Let Them Steal Your Good Name
Identity theft is skyrocketing--and it's even being used to fund
terrorism.
Anne Kandra - From the October 2002 issue of PC World magazine
http://www.pcworld.com/howto/article/0,aid,103742,00.asp

Internet contributes to rise of identity theft, FTC says
By Cecily Barnes - Staff Writer, CNET News.com August 30, 2000
http://news.com.com/2100-1023-245173.html?legacy=cnet

Q&A on Identity Theft
http://cgi1.usatoday.com/mchat/20030122004/tscript.htm 

Final Regulations Implementing Customer Identity Verification
Requirements under Section 326 of the USA PATRIOT Act  (US Dept. of
the Treasury)
http://www.experian.com/whitepapers/326factsheet.pdf




I hope you find this answer to your liking.  If you feel I might have
missed something, or if you’d just like a little more information,
please don’t hesitate to ask for clarification.  I’ll be happy to
assist you.

Thank you again for an interesting and engaging project!

--Missy


Search terms: [  "identity theft" why ], [ "identity theft" losses ],
[ "identity theft" "most common" ], [ "credit bureau" collect
information ], [ "PATRIOT Act" prevent identity theft ], [ "PATRIOT
Act" verify identity ], [ "collect personal information" agencies OR
bureaus OR institutions ], [ Privacy Act ], [ FCRA ]

Request for Answer Clarification by bryan_norton-ga on 10 Aug 2003 06:26 PDT
Dear, Dear Missy - Thank you for the rapid and comprehensive response!
With your permission, I'd like to fully read the answer tomorrow
before "closing" it (otherwise I'll spend the whole weekend on this..)
I just wanted to thank you in the meantime. 

Bryan

Clarification of Answer by missy-ga on 10 Aug 2003 07:53 PDT
Take your time, Bryan.  There's quite a lot to meander through!  Just
read with your wallet in the other room.  Some of the source material
made me want to burn my Dayrunner and cell phone - it's scarier than
Stephen King!

--M
bryan_norton-ga rated this answer:5 out of 5 stars and gave an additional tip of: $25.00
Dear Missy, 
Thank you SO much for this great, great answer. btw- It's fun to work
with someone who so enjoys her work.

If I have additional questions in the future, I'd like to access you
again. How can I ensure that you'll receive the question? Should I
just put your name in the title?

Comments  
Subject: Re: Identity Theft: Why don't the current tools solve it? ( Missy-ga, if possible)
From: trueparent-ga on 09 Aug 2003 17:41 PDT
 
Conspiracy theories abound, and I do not want to appear to be in that
mode, but here goes.  The one part of the picture I believe needs to
be intertwined with missy-ga's very substantial and comprehensive
coverage, is that credit card companies have less motivation to stop
any fraud, (including identity theft), than one might think.
The first reason for this, is that they all now require that you agree
to mandatory binding arbitration, for you to hold their card.  That
means that you cannot sue them, even if they have done something
obviously wrong.  "How did that happen?", you ask.  Well, according to
what I have found, the U.S. Congress, in their infinite wisdom,
allowed this only in non-consumer, "business" cases of disputes,
because the "arbitrator" could be a person who understood that
particular business, better than any sitting judge could.
But, just a few years ago, (perhaps in the mid 90s?), a consumer case
involving Terminix, (the pest eradication folks), was SOMEHOW allowed
to go to binding arbitration, rather than through normally required
court action.  From this foot in the door, all credit card consumers
are burdened today, with this preposterous means of denying them the
right to sue the credit card company.  The first effect this seemed to
have, from my perception, is that the credit card companies began
increasing your credit limit(s), like water from a fire hose.  The
second thing that happened, is that you began to see highly deceptive,
intentionally misleading statements by the credit card companies,
something like:
"With our card, you have zero percent liability, for any UNAUTHORIZED
use."
The trick, is that there has to be some PROOF that the use is
UNAUTHORIZED.  That means that you, the card holder, are put in the
position of having to prove a negative, which, of course, you cannot
do.  A worst-case scenario would be that you have a card with a limit
of $5,000, but it is possible for this card to be used for $30,000 or
$100,000, (or what have you), worth of fraudulent use.  You are asked,
"How did they get your account number and expiration date?", and you
say, "I don't know".   Well, if it involves a lesser amount, (say
$100), the credit card company would likely "pass", and take the loss,
lulling you into a false sense of security.
But in any specific case, (such as for $30,000 or $100,000), they
could/would take it to binding arbitration.  And guess what.  The
"arbitrator" is just some God-forsaken lawyer, (or what?), and easy to
manipulate, without any of the legal penalties that would apply to
attempted manipulation of a sitting judge.  To the best I could find
out, (and I believe this info is IMPOSSIBLE to get, for obvious
reasons), 90+% of all cases going to binding arbitration are decided
in favor of the credit card company.  Duh!…  I wish missy-ga could
prove me wrong in this, but I don't think anyone can.
So, you will have to sell your house, to pay this "legal debt", or
better yet, from the viewpoint of the credit card company, owe them
for the rest of your life, and pay LOTS OF INTEREST.  And the best
thing about this, is that it is difficult/impossible for you to "get
the word out" about this legalized financial rape, because you have
been "officially found guilty" in binding arbitration, and who will
believe you?
Another thing I found out the hard way, from personal experience, is
that the credit card company easily ends up becoming a willing
"partner" of the thieves who fraudulently use your card, when you
cannot prove how they got your account number and expiration date. 
The card company simply sits back, and says they will ruin your
"credit report", if you do not pay the bill of the fraudulent use. 
From the credit card company's viewpoint, they have "plausible
deniability", because they do not know if you, (the card holder), are
lying or not.
So, everyone who knows the above facts, who is sane, would have to
burn all their credit cards, right?  Well, as is the human condition
in many instances, we remain fat, dumb, and happy, until catastrophe
happens to us, and it is too late.  I still have credit cards in my
wallet…. But I am doing my best to convince myself to give up the
convenience and power they give me.  One thing is certain.  I will
never, never, never use a credit card on the Internet.  I am clinging
to at least that one claim, that I am sane.
Another fact, concerning the claim that we are all being "set up" by
the powers-that-be, for fraud of all types, is that you cannot opt-out
of electronic transfer of funds, for any checking account or savings
account.  This means that your money is now safer being stuffed into
your mattress, than being put in the bank, unless it is in a CD, (i.e.
Certificate of Deposit), whereby it is a bit more protected against
disappearing.  They will inundate you with claims that "security
measures" make it "impossible" for electronic transfer "tampering" to
take place. Do not believe them.  The whole point, is that this makes
it possible for "insiders" to steal one penny a day, from every
account in existence.  Who can stop it?  Who cares?
Subject: Re: Identity Theft: Why don't the current tools solve it? ( Missy-ga, if possibl
From: missy-ga on 11 Aug 2003 14:07 PDT
 
Thank you, Bryan!  I'm glad you're satisfied with your answer!  Yes, I
do enjoy my work very much - it satisfies my curious streak, and makes
my kids think I know everything.  (That's helpful!)

If you want to specifically request me, just put my name in the
subject line.  If I don't see it right away, someone else will, and
they'll let me know.

Thanks again!

--Missy

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  


Google Home - Answers FAQ - Terms of Service - Privacy Policy