Con-Vergence
Virginia
lawmakers propose a variety of responses to the
growing crime of identity theft, but controls on
public records threaten public access.
So-called
"con men" and "con women" long
have used false identities, something-for-nothing
scams and get-rich-quick schemes to bilk others
out of money, property or worse. Now the cons,
like the new technologies they employ, are
converging.
In
theory, all those passwords, mother's maiden names
and activate-your-new-credit-card-from-your-home-
phone
instructions are supposed to provide greater
security for data and privacy for individuals.
These "shared secrets" -- information
available to the parties in a transaction but not
to the general public -- remain the best way to
verify identity.
Unfortunately,
it is easier than ever for crooks to steal this
personal-identity information. And, because so
many billing transactions are automated these
days, confidence schemes go faster and get further
before alarm bells go off.
Therein
lies a central dilemma of the information age.
Even as Virginians leap ahead with new e-commerce
and e-government activities to lower costs,
improve service and fix accountability, they step
into a growing and destructive world where
misrepresentation, fraud and deceit converge into
identity theft. The tradeoffs between government
and business efficiency on the one hard and
individual privacy on the other are difficult to
make.
In
January, the Federal Trade Commission (FTC)
announced that identity fraud topped consumer
fraud filings in 2002, well ahead of traditional
complaints about magazines, buyers clubs,
work-at-home schemes or prize awards. Identity
fraud, which became a federal crime only in 1998,
topped the fraud charts only four years later --
and now serves as Exhibit No. 1 of the downside of
open access to information. The trend also
explains why lawmakers in Richmond
are increasing the attention
they give information
management and security.
For
the record, FTC statistics put Virginia 16th
among states with about 48 identity theft victims
per 100,000 people last year. That would be 3,395
cases in 2002. The top ten identity-fraud
jurisdictions turn out to be the District
of Columbia
(123 victims per 100,000),
California,
Arizona,
Nevada,
Texas,
Florida,
New
York,
Washington,
Maryland
(66 victims per 100,000) and
Oregon.
North
Carolina
is 21st, West
Virginia
47th. Interestingly, West
Virginia
also is far down the list in implementing basic
Freedom of Information Act initiatives.
The
numbers may not in and of themselves suggest a
crime wave of epidemic proportions, but every
identity theft victim finds herself or himself in
a full-blown nightmare. Years of voiding credit
cards and debt piled up in their name and
restoring a positive credit record lie ahead.
Identity
fraud is a criminal offense in Virginia
and the Commonwealth opened a Computer Crime Unit
within the Office of the Attorney General as early
as 1999. While Attorney General Jerry W. Kilgore
has that unit prosecuting cases wherever possible,
he also suggests that an ounce of prevention may
be worth a pound of cure.
A
new booklet available from Attorney General's
office, "How to Avoid Identify Theft, A Guide
for Victims," recommends removing your name
from marketing lists, minimizing personal
information on checks and understanding the law.
For example, "Virginia law generally
prohibits merchants from requiring customers who
pay for goods and services by check to produce a
credit card for recordation of the number on the
check." Since mid-2002 Virginia
law requires a driver's license number to be
different than a
licensee's Social Security Number. The booklet's
greatest value is a list of contact points for
reporting identify theft and correcting the
record.
But
there is a lot more to prevention than being
careful. Social Security Numbers, it turns out,
are the most frequently used record-keeping
numbers in the United
States.
This not the outcome the Social Security
Administration expected when it instructed card
recipients: "For Social Security and Tax
Purposes – Not for Identification."
The
FTC suggests the top cause of the approximately
162,000 instances of identity theft reported in
2002 involved stealing records from employers or
other businesses; about 90 percent of
business-record thefts involve payroll or
employment records that provide convenient
packages of names, addresses, Social Security
Numbers and other data. Security of these records
in businesses large and small needs to become a
higher priority for owners and executives.
The
Virginia General Assembly has been paying closer
attention to how the Commonwealth itself uses
Social Security numbers, most recently by
conducting a study of court records practices.
Routine filings with clerks of court, such as
deeds of trust, other land records, court case
materials and divorce records always have been
open to physical inspection in courthouses. But
questions about identity theft are growing as
records with Social Security, credit card and bank
account numbers -- even actual signatures --
became accessible online.
The
so-called HJR 89 Joint Subcommittee study, chaired
by Del. Jeannemarie Devolites, R-Vienna, needed
more time than the five meetings that were
possible to hold in 2002. The issues are tricky.
Virginia's Freedom of Information Act guarantees
access to most public computer databases, and
court clerks aren't at liberty to alter public
documents. Some legislators want to re-authorize
the joint subcommittee for two more years to
tackle tough questions, such as how access can be
squared with increased electronic filing
requirements, in a systematic, comprehensive way.
Delegates
and senators, meanwhile, haven't waited for the
study to be completed to suggest action now. Among
the two dozen bills introduced in the General
Assembly in 2003 are proposals to suspend
initiatives to put records online and to give
clerks the power to redact Social Security numbers
and other information from online versions of
documents. Another approach would require
subscriptions to certain courthouse databases so,
at a minimum, the identity of the inquirer can be
established. Other proposals would increase
requirements for filing information
electronically.
Court
clerks from Wise
County
to Fairfax
County
to
Norfolk
bent on modernizing operations are upset at the
prospect and cost of having to maintain two sets
of records, one more private than the other. Most
importantly, information and legal experts agree
that any reversal of the online records trend will
set back the Freedom
of Information Act gains in
Virginia that help keep arbitrary, discriminatory
or unaccountable decision-making in check. That's
why Devolites argued deftly, if not successfully,
on the floor of the House last week not to
introduce piecemeal restrictions until a
comprehensive solution could be devised.
But
joint subcommittee vice-chair Sen. William Mims,
R-Loudoun, mindful of the increase in identity
fraud, also is guiding a comprehensive
strengthening of identify theft law through the
General Assembly. The Mims proposal not only would
toughen criminal penalties, it would provide
identity theft victims with an easier way to set
their legal and financial records straight.
The
Commonwealth needs to strike a policy balance
between the often-conflicting goals of protecting
identities and open access to government
information. Posting of court documents so they
can be accessed online should continue. Ensuring
that public business is conducted and can be
reviewed in public remains a fundamental tenet of
democratic government.
--
February 3, 2003
|