Identity theft has been one of the fastest-growing crimes in the United States in recent years. Approximately every forty-five seconds an American falls victim to identity theft. In fact, the Federal Trade Commission (FTC) estimates that approximately ten million Americans were victims of identity theft in 2002. Reports of this crime were the chief consumer complaint made to the FTC in 2001 and 2002, accounting for forty-two percent of all complaints in 2002, up from twenty-three percent in 2001. The FTC estimates that 27.3 million Americans have been victims of identity theft over the past five years.
The FTC further estimates that fraud-related crimes cost the U.S. economy fifty-three billion dollars annually. Although consumers are not responsible for fraudulent charges related to identity theft, on average, a victim can be forced to incur between $1,000 and $2,000 in direct expenses, and devote approximately 200 hours of time fighting identity theft, over a period of several years. The intangible costs are much higher, including a ruined credit rating, inability to purchase large assets (e.g., home, car, etc.), denied employment, and emotional devastation.
The rampant spread of identity theft, such as that relating to credit application fraud, is primarily due to three reasons: (1) inadequate identification of applicants; (2) the lack of an economic incentive for various organizations to implement identity theft solutions; and (3) the widespread availability and ease of obtaining credit. In this regard, conventional techniques for identifying applicants, including by name, address, Social Security number (SSN), date of birth or the like, are typically inadequate to avoid identity theft because of the overuse and ease with which this information can be obtained. Stealing such personal information has become simple for identity thieves who can obtain personal information via illegal as well as legal means.
For example, identity thieves can obtain personal information by hacking or illegally accessing credit-reporting databases, employers' human resource files, medical records, insurance files or the like. Also, for example, identity thieves can obtain personal information from an applicant's wallet, mail, and/or garbage, or through telemarketing or employment scams. It has been shown that in many instances, a victim's personal information is stolen by a family member, coworker, housekeeper or other person personally known to the victim. In addition, for example, identity thieves can legally obtain personal information obtained for a nominal fee from agencies offering background check services.
Although identity thieves can obtain personal information in any of the aforementioned as well as other manners, one of the fastest-growing means of obtaining personal information is from illegally accessing company databases. In December 2002, for instance, forty thousand credit reports were stolen from Teledata. In January 2003, five hundred thousand medical records were stolen from TriWest Healthcare Alliance. And in March 2003, fifty-five thousand employee and student names and SSNs were stolen from the University of Texas. Such cases are merely representative of the large number of such identity theft instances, which experts expect to dramatically increase in coming years. Regrettably, however, these over half-million people, as well as the others whose personal information is similarly stolen, have no recourse other than to sit back and wait to see if they become victims of identity theft.
In addition to the inadequate identification of applicants, as indicated above, the lack of an economic incentive for various organizations to implement identity theft solutions also typically plays a role in the rampant spread of identity theft. In this regard, organizations such as the major credit bureaus (e.g., Equifax, Experian, TransUnion, etc.) derive revenue from selling information regarding consumers. As such, these organizations are typically reluctant to implement any measure that restricts such sales, even to make identity theft more difficult. Currently, then, the best means to combat identity theft as it relates to the credit bureaus includes subscribing to a credit-monitoring service that requires an individual to repeatedly purchase the consumer's credit report from one or more of the credit bureaus.
Further, from an economic standpoint, although the cost of identity theft to the U.S. economy and individual consumers far exceeds the cost of implementing identity theft solutions, the cost of implementing identity theft solutions for many organizations such as credit bureaus and credit issuers typically exceeds their cost of identity theft. In this regard, it should be noted that the cost of preventing identity theft can exceed the cost of losses due to fraud since conventional techniques for reducing identity theft can have a negative impact on the overall market of credit issuers. Conventional techniques enable issuers to screen out a number of the fraudulent applications, but to eliminate fraudulent applications, a significant number of otherwise proper applications, and thus good customers, are also typically screened out. Thus, when credit issuers act in their best economic interest, it is better to issue credit to all applicants and write off fraudulent applications as a cost of business.