We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byAlexia Mildred Powers
Modified about 1 year ago
eighteenseventyonelimited1© Ltd Identity theft BCS North London Branch Stefan Fafinski and Emily Finch 28 November 2006
eighteenseventyonelimited2© Ltd Agenda What is identity theft? –What is identity? Strategies of adaptation and diversification –The role of organised crime –Sources of information –A very personal harm The transformative nature of new technology The legal response Conclusions
eighteenseventyonelimited3© Ltd What is identity theft?
eighteenseventyonelimited4© Ltd What is identity? Personal identity Social identity Legal identity
eighteenseventyonelimited5© Ltd Personal identity –Internalised view –‘I am …’ –‘What most of us think of when we think of the deepest and most ensuring features of our unique selves that constitute who we believe ourselves to be’ (Williams, 2001)
eighteenseventyonelimited6© Ltd Social identity –Externalised view –‘How do you see me?’ –Multiple social identities –A necessary convenience to facilitate social interaction (Jung, 1988)
eighteenseventyonelimited7© Ltd Legal identity –Accumulation of social facts –Established at birth and expands throughout life –Details can be added but not removed –About identifiability rather than identity ‘Who is this person?’ ‘Is this the same person?’
eighteenseventyonelimited8© Ltd Classifications of identity PersonalBorn the illegitimate son of a Polish immigrant and a one-legged telephonist… SocialLawyer Reading FC bigot Donkey sanctuary chairman LegalNI number: ZR C NHS number: Driving licence: FAFIN etc.
eighteenseventyonelimited9© Ltd Chronology of legal identity Birth certificate: name, place, date, parents Health records Education NI; Employment Financial records Marriage Credit history Mortgage Children Criminal record Professional qualifications Death
eighteenseventyonelimited10© Ltd What is identity theft? Not a legal term –Identity theft will only be criminal if the fraudster’s conduct falls within the boundaries of the criminal law Liability depends what is done in the new identity –Around 150 common law and statutory deception offences Socially – synonymous with financial fraud Initial acquisition of identity Unlawful act using that identity How should it be conceptualised? –Appropriation of another’s identity (living or dead) irrespective of purpose or motivation
eighteenseventyonelimited11© Ltd What does it mean for identity to be stolen? Media construction of identity theft creates a misapprehension that it is a two-stage process: –Assumption of identity of another –Commission of a substantive offence using that identity, generally financial fraud Identity theft has come to be synonymous with credit card fraud
eighteenseventyonelimited12© Ltd Strategies of adaptation and diversification
eighteenseventyonelimited13© Ltd Fraudsters’ responses to change With the advent of new developments to prevent fraud, fraudsters desist, adapt or diversify: –Cheques –Cheque guarantee cards –Credit cards –Switch and electronic transactions –Chip and PIN
eighteenseventyonelimited14© Ltd Fraudsters’ response to Chip and PIN Desist –None of the fraudsters interviewed in the 2-year study planned to stop Adapt –Stolen cards abroad –Distance transactions –Buy cards only with PIN numbers Diversify –Steal identity and obtain fresh cards
eighteenseventyonelimited15© Ltd An incomplete picture of the problem Other criminal purposes –Harassment –Bullying –Sham marriages –Driving offences Non-criminal purposes –Multiple relationships –Acceptable use of alternate identity
eighteenseventyonelimited16© Ltd A ‘spare’ identity for motoring purposes 1,400 fraudulent driving licence applications detected by the DVLA (2001) Over 3,000 driving tests stopped due to doubts over driver’s identity (2001) Somali bus driver took 200 bogus driving tests (Daily Mail, 26 th September 2006)
eighteenseventyonelimited17© Ltd Psychological suicide 210,000 adults go missing in UK every year, many never return 2 men vanish every day Fake suicide provides opportunity for fresh start
eighteenseventyonelimited18© Ltd Cleaning a deviant identity Invisible man fakes death in Paddington rail crash (The Times, 6 th February 2000)
eighteenseventyonelimited19© Ltd Creating a more favourable persona The Earl of Buckingham –Impostor took name of deceased child ‘Christopher Edward Buckingham’ –Adopted title last used in 1689 –Imprisoned under assumed name as impossible to establish ‘real’ identity
eighteenseventyonelimited20© Ltd Creating a more favourable persona ‘Sir Alan Mcilwraite KBE DSO MC’ modified own identity Added progressively more honour and outlandish detail Fabricated substantiating evidence Worked in a Dell call centre
eighteenseventyonelimited21© Ltd The role of organised crime Four distinct ‘organised’ typologies –Highly-organised, structured and hierarchical systems –Semi-structured networks of fraudsters operating co-operatively –Small organisations with a simple power delineation –Small self-contained operations that typically involve between one and four individuals Plus –Freelance experts Including ‘identity brokers’
eighteenseventyonelimited22© Ltd Sources of information ‘Obvious’ sources –Electoral roll, Companies House, Land Registry Online sources –Chat rooms –Professional bodies –Social networking sites –Online auction sites – (impersonating target) Offline sources –Conversation with target –Conversation purporting to be target –Office paperwork and personnel files –Collaboration with holders of information
eighteenseventyonelimited23© Ltd A very personal harm Individual victims –Fear arising from uncertainty as to how victimisation arose; where was the weak link? –Reluctance to use cards for payment or to disclose personal information –Sense of violation and loss of reputation Deceased children or relative –Sullies memory and reopens old wounds –“We don’t know who our daughter would have been but it wouldn’t have been this woman” Seen as far more worrying than financial loss
eighteenseventyonelimited24© Ltd The transformative nature of new technology
eighteenseventyonelimited25© Ltd Transformative nature of technology Transformative nature of new technology –More opportunities for ‘traditional’ crime –New opportunities for ‘traditional’ crime –Opportunities for new crimes ‘True’ cybercrimes Solely the product of the Internet Classification by type (COE Convention on Cybercrime 2001) –Harmful trespass –Acquisition, theft and deception –Obscenity –Violence
eighteenseventyonelimited26© Ltd Cybercrimes transformed Harmful trespass Acquisition, theft and deception ObscenityViolence More opportunities for traditional crime Phreaking Pyramid schemes Trading sexual materials Stalking Harassment Bullying New opportunities for traditional crime Hacking Viruses 419 fraud Identity theft Online sex trade General hate speech Paedophile rings Opportunities for new crimes Spam Denial of service Intellectual property piracy E-auction scams Cybersex Cyberpimps Online grooming Targeted hate speech
eighteenseventyonelimited27© Ltd The legal response
eighteenseventyonelimited28© Ltd What is the law? Legislation with direct impact on cybercrime –Computer Misuse Act 1990 (as amended) –Data Protection Act 1998 –Privacy and Electronic Communications Regulations 2003 –Regulation of Investigatory Powers Act 2000 –Terrorism Act 2000 –Electronic Communications Act 2000 –Anti-terrorism Crime and Security Act 2001
eighteenseventyonelimited29© Ltd Legislation with indirect impact Theft Act 1968, 1978 –Obtaining property by deception (s.15) –Obtaining a money transfer by deception (s.15A) But cannot deceive a machine Davies v. Flackett (1973), DC; Holmes (2004), CA –Blackmail (s.21) –Theft (s.1) But ‘identity’ does not amount to ‘property’ –No such offence as ‘identity theft’ –Currently no such offence as ‘fraud’
eighteenseventyonelimited30© Ltd The recent legal response Identity Cards Act 2006, section 25 –Possession of false identity document with intention to establish, ascertain or verify registrable facts Fraud Act 2006 –Royal Assent 8 November 2006 but relevant provisions not yet in force –Fraud by false representation (section 2) –Fraud by failing to disclose information (section 3) –Fraud by abuse of position (section 4) –Obtaining services dishonestly (section 11) –Possessing (section 6) or making or supplying articles (section 7) for use in frauds Computer Misuse Act 1990 –as amended by Police and Justice Act 2006 – Royal Assent 8 November 2006 –Unauthorised access with intent to facilitate commission of a further offence (section 2) –Unauthorised access with intent to impair operation (new section 3)
eighteenseventyonelimited31© Ltd How effective is the law? The short arm of the law –No proprietary rights in personhood –Transjurisdictional nature of the Internet Concerted international effort against cybercrime and malware not forthcoming –Difficulty in obtaining admissible evidence Forensic computing/Computer forensics has developed outside the main traditions of forensic science Issues of disclosure, testing, repeatability have been neglected – or not applied uniformly –Lack of specialist knowledge Victim, police, judge and jury Inaccessibility of expert evidence –Victims reluctant to come forward Crime goes unreported – ‘dark figure’ of cybercrime
eighteenseventyonelimited32© Ltd How effective is the law? The law is –Slow-moving –Reactive –Fragmented –Uncertain –Underused –Often likely to fail on evidential grounds –Applicable only to England and Wales!
eighteenseventyonelimited33© Ltd Conclusions
eighteenseventyonelimited34© Ltd Conclusions Problem is unquantifiable in absolute terms –All trends suggest that reported instances (and thus financial impact) are growing –More quantitative research is needed Evidence to suggest move to more organised criminal activity –Although much ID theft is still committed by the low-level opportunist Criminals use ‘non obvious’ information to build up identity portfolio Potential financial gain from all facets of one identity can be great Harm is more that just financial – a very personal harm Law is changing, but its effects remain to be seen
eighteenseventyonelimited35© Ltd Identity theft BCS North London Branch Stefan Fafinski and Emily Finch 28 November 2006
Nov. 2009Copyrighted Work--A. MAMBI,TCRA 1 Public Policy Meeting, Legal Issues on Cyber Security in Africa Dakar, Senegal November 2009 Presenter.
Information Systems Using Information (Higher and Intermediate 2)
Electronic Crime & Abuse Presented by Kingsley Ogbonna Ye Tian Mofolake Akinwonmi.
ITU- BDT Arab Regional Workshop on Legal Aspects of Child Online Protection Algiers (Algeria), June 2012 Criminal Law – Concepts and Best Practices.
Lifelong Learning Service Monday 30 th or Tuesday 31 st March :30pm Safe use of the Internet.
Legal Framework Chapter 5. Learning outcomes Explain difference between patent and copyright Computer Miss use Act List 8 principles of Data protection.
Company LOGO Data Protection Fundamentals Sensitisation MQA By : Mrs. Pravina DODAH Mr. Hemrajsingh BHUGOWON Date : 09 Nov 2012.
Practice Ethical and Legal Use of Technology Copyright © Cannady ACOS. All rights reserved.
1 Information Systems Using Information (Higher).
Parenting the Online Child. Your Child Is on the Internet The Internet is a wonderful research tool. Reliance on the Internet in schools has grown rapidly.
Funded by: Accredit UK Conference, 24 th June 2008 The Heritage Motor Centre.
1 GROUP WORK 2: Deciding What to Share Groups: by the number on your badge Sharing Scenario cards: Health/Social Care agency to another Relatives, friends,
Information Technology Act An overview Date: 27 th November 2008 Venue: National Institute of Financial Management Faridabad Sector-48, Pali Road.
Underwriting Coverage & Analysis Session Presented by: Peter J. Elliott, CPCU, President & CEO Telcom Insurance Group Owned by Those we Serve
Child Sexual Exploitation Presentation by Sue Sainsbury Barnardo’s Children’s Service Manager.
Cyber Liability: Data, Privacy and the Perils of Social Networking.
Information Technology Engineering 124 Spring 2005.
PLANNING THE AUDIT Individual audits must be properly planned to ensure: Appropriate and sufficient evidence is obtained to support the auditors opinion;
Preventing Its More Than Just Your Wallet…. Identity Theft One New Identity Theft Victim Every 3 Seconds in 2012 (Javelin Strategy & Researchs 2012 Identity.
Personal Privacy Identity protection in this wired world.
Identity Theft Helen Lord Experian Content Background about Experian Background about Experian What is Identity theft? What is Identity theft? Is there.
Data Protection Update 15 May 2014 Mairead O’Reilly Joanna Stokes.
Equality and Diversity for Students Catrin Morgan, Equality & Diversity Manager Equality Unit Governance and Compliance Division
1 DWP: Our Reform Story For more information contact: Follow us: twitter.com/dwppressoffice facebook.com/DWP linkedin.com/company/dwp.
Feb 5, 2011 My name is Kaye Beach. I am a member of the Board of Directors of the Constitutional Alliance and have been working with Mark Lerner for the.
Identity Theft and You Identity Theft and You Updated May of 2007.
HLTEN 509- APPLY LEGAL AND ETHICAL PARAMETERS TO NURSING PRACTICE.
Community Empower Preparedness and Interaction Training.
1 IAPP Privacy Certification Workplace Privacy Certified Information Privacy Professional (CIPP) James Koenig Practice Co-leader, Privacy Strategy and.
© 2016 SlidePlayer.com Inc. All rights reserved.