This is one of our longer pages, please read and understand this information - we cannot stress enough how important this is for your continued safety.

Identity theft is a fast growing global problem, the following will help you understand the terms and methods. My advice to avoid ID theft includes the following -

• Destroy any and all confidential documents no longer required.
• Get a shredder - it will be a worthwhile investment, make sure it meets current standards to ensure document destruction is absolute.
• Never give out details of financial institutions, birth records, passport numbers, national insurance details, home address, salary details or any personal information unless you are absolutely sure the requestor is legitimate.

Identity theft is a catch-all term for crimes involving illegal usage of another individual's identity. The most common form of identity theft is credit card fraud. While the term is relatively new, the practice of stealing money or getting other benefits by pretending to be a different person is thousands of years old.

According to the non-profit Identity Theft Resource Center, identity theft is sub-divided into four categories:

• Financial Identity Theft (using another's identity to obtain goods and services)
• Criminal Identity Theft (posing as another when apprehended for a crime)
• Identity Cloning (using another's information to assume his or her identity in daily life)
• Business/Commercial Identity Theft (using another's business name to obtain credit)

Identity theft may be used to facilitate crimes including illegal immigration, terrorism, and espionage. Identity theft may also be a means of blackmail. There are also cases of identity cloning to attack payment systems, including medical insurance

Financial identity theft

A classic example of credit-dependent financial crime (bank fraud) occurs when a criminal obtains a loan from a financial institution by impersonating someone else. The criminal pretends to be the victim by presenting an accurate name, address, birth date, or other information that the lender requires as a means of establishing identity. Even if this information is checked against the data at a national credit-rating service, the lender will encounter no concerns, as all of the victim's information matches the records. The lender has no easy way to discover that the person is pretending to be the victim, especially if an original, government-issued id can't be verified (as is the case in online, mail, telephone, and fax-based transactions). This kind of crime is considered non-self-revealing, although authorities may be able to track down the criminal if the funds for the loan were mailed to them. The criminal keeps the money from the loan, the financial institution is never repaid, and the victim is wrongly blamed for defaulting on a loan he never authorized.

Other forms of examples of bank fraud associated with identity theft include "account takeovers," passing bad cheques, and "busting out" a checking or credit account with bad cheque, counterfeit money order, or empty ATM envelope deposits.

Identity cloning and concealment

In this situation, a criminal acquires personal identifiers, and then impersonates someone for concealment from authorities. This may be done by a person who wants to avoid arrest for crimes, by a person who is working illegally in a foreign country, or by a person who is hiding from creditors or other individuals.

Unlike credit-dependent financial crimes, these crimes can be non self-revealing, continuing for an indeterminate amount of time without being detected.

When a criminal identifies himself to police as another individual it is sometimes referred to as "Criminal Identity Theft." In some cases the criminal will obtain a state issued ID using stolen documents or personal information belonging to another person, or they might simply use a fake ID. When the criminal is arrested for a crime, they present the ID to authorities, who place charges under the identity theft victim's name and release the criminal. When the criminal fails to appear for his court hearing, a warrant would be issued under the assumed name. The victim might learn of the incident if the state suspends their own drivers license, or through a background check performed for employment or other purposes, or in rare cases could be arrested when stopped for a minor traffic violation. It can be difficult for a criminal identity theft victim to clear their record. The steps required to clear the victim's incorrect criminal record depend on what jurisdiction the crime occurred in and whether the true identity of the criminal can be determined.

The victim might need to locate the original arresting officers, or be fingerprinted to prove their own identity, and may need to go to a court hearing to be cleared of the charges. Obtaining an expungement of court records may also be required. Authorities might permanently maintain the victim's name as an alias for the criminal's true identity in their criminal records databases. One problem that victims of criminal identity theft may encounter is that various agencies might still have the incorrect criminal records in their databases even after court and police records are corrected. Thus it is possible that a future background check will return the incorrect criminal records.

Techniques for obtaining personal information

In most cases, a criminal needs to obtain personal information or documents about an individual in order to impersonate them. They may do this by:

• Stealing mail or rummaging through rubbish (dumpster diving)
• Retrieving information from redundant equipment which has been disposed of carelessly, e.g. at public dump sites, given away without proper sanitizing etc.
• Stealing payment or identification cards, either by pickpocketing or surreptitiously by skimming through a compromised card reader
• Remotely reading information from an RFID chip on a smartcard, RFID-enabled credit card, or passport
• Eavesdropping on public transactions to obtain personal data (shoulder surfing)
• Stealing personal information in computer databases (Trojan horses, hacking)
• Advertising bogus job offers (either full-time or work from home based) to which the victims will reply with their full name, address, curriculum vitae, telephone numbers, and banking details
• Infiltraion of organizations that store large amounts of personal information
• Impersonating a trusted organization in an electronic communication (phishing)
• Obtaining castings of fingers for falsifying fingerprint identification.
• Browsing social network (MySpace, Facebook, Bebo etc) sites, online for personal details that have been posted by users
• Simply researching about the victim in government registers, at the Internet, Google, and so on.

Individual identity protection

The acquisition of personal identifiers is made possible through serious breaches of privacy. For consumers, this is usually due to personal naiveté about who they provide their information to. In some cases the criminal obtains documents or personal identifiers through physical theft(e.g. vehicle break-ins and home invasions). Guardianship of personal identifiers by consumers is the most common intervention strategy recommended by the Federal Trade Commission, Canadian Phone Busters and most sites that address identity theft. Personal guardianship issues include recommendations on what consumers may do to prevent their information getting into the wrong hands.

The strongest protection against identity theft is not to identify at all - thereby ensuring that information cannot be reused to impersonate an individual elsewhere. As such, identify theft is often a question of too little privacy or too much identification.

Many activities and organizations in a modern society require people to provide personal identifiers (Social Security number, drivers license number, credit card number, etc), and in some cases the knowledge of personal identifiers is treated as proof of identity. This is sometimes done as a convenience or to enable transactions by telephone or the internet, however it can also make it more difficult for individuals to protect themselves from identity theft.

Biometric identifiers are sometimes used as a method of identification. However, because of inherent issues (e.g. cannot be kept a secret or changed) - biometrics can create a threat of identity theft. This threat can be reduced by only using revokable or cancelable biometrics, storing them in a tamper-resistant device, never sharing them, and cryptographically combining them with a secret, revokable key.

Legal Response - United Kingdom

In the United Kingdom personal data is protected by the Data Protection Act. The Act covers all personal data which an organization may hold, including names, birthday and anniversary dates, addresses, telephone numbers, etc.

Under English law (which extends to Wales but not necessarily to Northern Ireland or Scotland), the deception offences under the Theft Act 1968 increasingly contend with identity theft situations. In R v Seward (2005) EWCA Crim 1941[6] the defendant was acting as the "front man" in the use of stolen credit cards and other documents to obtain goods. He obtained goods to the value of £10,000 for others who are unlikely ever to be identified. The Court of Appeal considered sentencing policy for deception offenses involving "identity theft" and concluded that a prison sentence was required. Henriques J. said at para 14:"Identity fraud is a particularly pernicious and prevalent form of dishonesty calling for, in our judgment, deterrent sentences."

Increasingly, organizations, including Government bodies will be forced to take steps to better protect their users' data