Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 IDENTITY THEFT Marcia L. DePaula, Esquire. 2 3 IDENTITY THEFT A fraud committed or attempted using the identifying information of another person without.

Similar presentations


Presentation on theme: "1 IDENTITY THEFT Marcia L. DePaula, Esquire. 2 3 IDENTITY THEFT A fraud committed or attempted using the identifying information of another person without."— Presentation transcript:

1 1 IDENTITY THEFT Marcia L. DePaula, Esquire

2 2

3 3 IDENTITY THEFT A fraud committed or attempted using the identifying information of another person without authority. 16 C.F.R. § 603.2

4 4 Scope of the Problem Victims 27.3 million ( ) 9.3 million (estimated 2005) Under-reported (2005) 246,570 (filed with FTC) 7,600 (PA)

5 5 Scope of the Problem Total fraud amount $53.2 billion (2003) $54.4 billion (2005) Discovery of theft: 52% by monitoring of accounts 26% alerted by credit card company/bank 8% alerted when turned down for credit

6 6 Demographics Average age of victim – 42 years old Top locations: CA, NY, TX, FL No relationship with suspect – 88% Discovery of ID Theft – 15 months

7 7 TYPES OF FRAUD Credit Card Use Phone or Utility Service Bank Accounts Employment Related Government Documents/ Benefits/ Loans Other

8 8 How Information is Obtained, Part 1  68.2% of stolen information was obtained off-line Stolen mail or wallets Diverted/Forged change of address forms Credit reports Employment records From consumers by thieves posing as legitimate businesses Purchases from questionable sources

9 9 Pretexting

10 10 How Information is Obtained, Part 2  11.6% of personal information was obtained “online” Spyware5.2% Online Transaction2.5% Virus/hacker2.2% Phishing1.7%

11 11 Phishing A fraudulent reproduction of an official or website designed to fool recipients into divulging personal financial data such as bank account numbers. Pending H.B of 2005 – Criminal offense for a person or entity to misrepresent itself as a legitimate business in or on the Internet in an attempt to solicit private financial or personal information from consumers. 6/28/06

12 12

13 13

14 14 Skimming Theft of credit or debit card numbers or access numbers through use of a data storage device.

15 15 Breaches 2/15/2005ChoicePoint (Alpharetta, GA) 145,000 Bogus accounts established by ID thieves 2/25/2005 Bank of America (Charlotte, NC) 1,200,000 Lost backup tape 3/10/2005 LexisNexis, (Dayton, OH) 32,000 Passwords compromised 6/6/2005 CardSystems Hacking 40,000,000 5/2006Dept. of Veterans Affairs 26,500,000 Data stolen from employee’s home

16 16 How Information is Used: Open new credit card account Establish phone or utility service Open bank account Loans

17 17 How Victims Learn of Identity Theft: Denial of credit Contact by credit provider Contact by collection agency Contact by police Arrest by police

18 18 Legal Authority Identity Theft & Assumption Deterrence Act of 1998, 18 U.S.C.A. §1028 Pennsylvania Identity Theft 18 Pa. C.S.A. §4120 (criminal) 42 Pa. C.S.A. §8315 (civil) Possesses or uses identifying information of another person without the consent of that other person to further any unlawful purpose.

19 19 CRIMINAL- 18 Pa. C.S.A. §4120 Possesses or uses, through any means, identifying information of another person without the consent of that other person to further any unlawful purpose. Separate Offenses – each time person possesses or uses identifying information, but can aggregate to determine the grade of the offense. Use of police report as prima facie evidence that ID information was used without person’s consent.

20 20 Criminal Grading  First Offense Misdemeanor 1st degree if less than $2, Felony Third Degree, if more than $2,  Third or Subsequent Offense Felony of 2nd degree, regardless of value  Part of a Criminal Conspiracy Regardless of amount—F2  Enhancement for victim over 60 years or care-dependent

21 21 CIVIL- 42 Pa. C.S.A. §8315 Based on “ID Theft” as defined in criminal statute Actual damages or $500, whichever is greater Reasonable attorneys fees Loss of money, reputation or property Any additional relief the court deems necessary

22 22 Breach of Personal Identification Notification Act 73 P.S. §2301 et seq. Any entity that maintains, stores or manages computerized data that included personal information shall provide notice of the breach of security to residents of the Commonwealth. Effective June 20, 2006 Covers “unencrypted and unredacted personal information” Notice “without unreasonable delay” to consumers Enforcement by the Office of the Attorney General under the Unfair Trade Practices and Consumer Protection Law

23 23 Notice to Consumers 1. Written notice 2. Telephonic notice Substitute notice: If cost of notice would exceed $100,000; or Affected class is over 175,000; or Entity does not have sufficient contact info

24 24 SOCIAL SECURITY NUMBERS Senate Bill 601 (Adopted 6/29/2006 ; Effective 180 days) No person, entity, state agency or political subdivision will do any of the following: Publicly post or display any person’s social security number Print an individual’s social security number on any card required for the person to access products or services provided by the entity Require an individual to transmit his social security number via the internet unless encrypted or the connection is secure Require an individual to use his social security number to access an internet website unless a password or other authentication device is also required Print an individual’s social security number on any materials mailed to the individual, unless required by State or Federal law

25 25 Fair and Accurate Credit Transactions Act (FACTA) 15 U.S.C.A. §1681

26 26 Requires merchants to truncate credit and debit card numbers on receipts for purchases. Requires industry standards governing the “accuracy and integrity” of information furnished to credit reporting agencies. Allows consumers to place fraud alerts on their credit files and block information caused by identity theft or fraud. Entitles consumers to one free credit report annually. Begins September, 2005 for PA residents Website:

27 27 BUSINESSES – 15 U.S.C. §1681g(e)(6) Provide transaction information to victim Within 30 days of written request No charge to consumers Confirm requester is a victim Proof of identity Police report & completed affidavit

28 28 Business may decline to provide information where: No “Good Faith Belief” of Identity Based upon a misrepresentation of fact Internet navigational data or similar info about a person’s visit to a website Prohibited by law

29 29 DEBT COLLECTORS & CREDITORS – 15 U.S.C. §1681t(b)(5)(F) Prohibited from selling or transferring “ID Theft debt” Notify creditor and victim of a fraudulent debt or debt incurred as a result of ID Theft

30 30 FACTA DISPOSAL RULE -16 C.F.R. §682.1 ET SEQ. Any person who maintains or otherwise possesses consumer information for a business purpose must properly dispose of such information by taking reasonable measures to protect against unauthorized access to or use of the information in connection with its disposal. Effective date – June 1, 2005

31 31 FACTA DISPOSAL RULE -16 C.F.R. §682.1 ET SEQ. “Person” Any person over which the FTC has jurisdiction, that for a business purpose, maintains or possesses consumer information Lenders, consumer reporting agencies, record management, landlords, utility companies

32 32 FACTA DISPOSAL RULE -16 C.F.R. §682.1 ET SEQ. “Consumer Information” Any record about an individual, whether in paper, electronic, or other form, that is a consumer report or derived from a consumer report or a compilation of such records Social Security Number, Driver’s License, Telephone Number

33 33 FACTA DISPOSAL RULE -16 C.F.R. §682.1 ET SEQ. “Disposal” Discarding or abandonment of consumer information Sale, donation, or transfer of any medium including computer equipment, upon which consumer information is stored

34 34 FACTA DISPOSAL RULE -16 C.F.R. §682.1 ET SEQ. “Reasonable Measures” Information cannot be read or reconstructed after disposal Shredding, burning, and pulverizing of documents Destruction or erasure of electronic media

35 35 TIPS FOR ORGANIZING YOUR CASE Follow up in writing with all contacts you made. Keep copies of all correspondence/forms. Write down the name, date and substance of any conversations. Keep originals of supporting documentation. Set up a filing system. Keep old files, even if you believe your case is resolved.

36 36 Resolving Credit Card Disputes Provide documentation to creditor (police report + ID Theft affidavit) Insist on a letter from the creditor (closing the disputed account + discharging fraudulent debts) Dispute in writing unauthorized charges on credit card within 60 days

37 37 EQUIFAX – EXPERIAN – TRANS UNION – Close accounts 4. Call the FTC’s ID Theft Clearinghouse Remedial Actions by Victims 1. File Police Report 2. Contact fraud departments of credit bureaus

38 38 Protecting yourself Never provide personal or financial information to those you don’t know, especially unsolicited telephone or Internet requests. Check your monthly bills and statements for questionable charges. Don’t have your bank pin number written down on something you carry in your wallet, purse or briefcase OPT-OUT ( ) To opt-out of pre- approved credit offers

39 39 Key Contacts Bureau of Consumer Protection: Social Security Administration: Federal Trade Commission: ID THEFT


Download ppt "1 IDENTITY THEFT Marcia L. DePaula, Esquire. 2 3 IDENTITY THEFT A fraud committed or attempted using the identifying information of another person without."

Similar presentations


Ads by Google