Upload
anna-fagan
View
219
Download
4
Tags:
Embed Size (px)
Citation preview
Cyber Identity Theft:A Conceptual Model and Implications For Public
Policy
Angeline G. Close, UGA/NGCSU
George M. Zinkhan, UGA
R. Zachary Finney, NGCSU
A 1957 Sylvester & Tweety Cartoon
Image source: davemackey.com
Identity Theft
• Most common classification of consumer complaints to FTC (42%)
• Victimization costs beyond $
• Growing problem attributed to the emergence of the e-marketplace
• Top online fraud (FBI 2003)
• Re-appraisals of research & public policy are needed
Cyber Stalkers Laughing Behind the Screen…For Now
Image Source: greenberg-art.com
Objectives
1) Introduce 3 classification schemes, which synthesize conceptualizations of ID theft and the Internet: a) methods, b) time-frame, c) victims’ behavioral responses
2) Recognize key issues & regulations related to public policy and consumer welfare
Cyber ID Theft Defined
• Online or electronic acquisition of personal information with the purpose of utilizing such information for deceitful activity either on the Internet or offline
• Using electronic (i.e., web-based) means to carry out any form of identity theft
Cyber Identity Theft: An E-Merging Public Policy Issue
Process
Schemes Time-Frame
Victim Response
Cyber ID Theft Process
Table 1 Methods of Cyber- ID Theft
Cyber- Identity
Theft
Figure 2 (lower)ID TheftRecurs
Figure 2(Upper)ID Theft
Does NotRecur
Table 2VictimReacts
Table 3Public PolicyIssues
Cyber ID Theft Schemes: Broad Scope
Method Example Hacking Wiring another’s
funds Employee Theft
Pilfering office files
Dictionary Programs
Checking all words, A to Z
Spyware Weather-bug; Gator Skimming Credit cards Tapping Restaurant computers Pre-approved
Mailed credit card offers
Mass Rebellion
peer-to-peer sites (e.g., Kazaa.com, Napster.com)
Cyber ID Theft Schemes: Narrow Scope
Careless-ness Saved Passwords, logoff may not go through
Disposal Abuse
Leaving personal information behind on old computer
Autofill Abuse
Type in a few letters until cleared
Phishing “Deltaa.com” Phony ATM Pre-text Bank; Credit card company
Cyber ID Theft Schemes: Narrow Scope
Posing
Bank rep.; computer exams
Pranking e-dating
Fraudulent Job posting
“Manager Wanted”
Shoulder Surfing
Passwords; account numbers
Intercepting
IMs; e-mail
Cyber ID Theft Time Frame
Identity-Theft Time Frames
One - time
Multi - time
Recurring
One-time Prank E-mail
Unauthorized use of another’s e-mail Consistent use of SSN to obtain new, fraudulent document(s)
Consistent use of Photo to impersonate
Using stolen credit card #, until reported
One-time use of stolen photo (e.g., for e-dating)
Cyber- ID TheftVictim Response
Behavioral Responses to Identity Theft
Victim’s behavior may change (via): Online Example Offline Example
Lessened (correct) disclosure of personal information
e-mail addresses Home or work addresses
Change in selection/use of exchange partners
e-tailers Retailers
Change in frequency/ extent of transactions
e-commerce; e-dating Shopping; credit card use
Change in general shopping and purchasing behavior
Security checks Requesting to check identification for credit card purchases
An Atypical Response
Image Source: glasbergen.com
A More Extreme Response:Serious Password Strategy
Image Source: glasbergen.com
Public Policy & Consumer Welfare
I. Dissemination of cyber identity theft methods
II. Employee access to data and associated potential for misuse
III. Credit-reporting bureaus
IV. The inherent difficulty associated with proving you did not commit acts
Public Policy & Consumer Welfare
V. Regulation of data exchanges
VI. Uses of marketing databases
VII. Use of data by financial institutions
VIII. Liability issues
IX. Assisting cyber identity theft victims
Public Policy & Consumer Welfare
X. Expanding public education/ awareness
XI. Educating the populace so that overall crime rates decline
XII. Effective criminal enforcement
XIII. Risk analysis & risk assessment
XIV. What are the specific costs for consumers?
Public Policy & Consumer Welfare
XV. What are the costs for business (at the firm level and the industry level)? What are the threats to our economic system?
XVI. What are the best ways to promote safety tips and improved technologies?
XVII. What are the best media for implementing education or remedial programs?
XVIII. What are the best ways to “reform” identify thieves?
Regulation
• The Identity Theft and Assumption Deterrence Act (governmental):
1) allows victims of identity theft to recover financial damages
2) imposes criminal penalties of <15 years imprisonment & fines of < $250,000
3) directs the FTC to enforce the act
Regulation
• The Coalition on Online Identity Theft (corporate-based):
1) expands public education campaigns, promoting technology and tips for preventing and dealing with online theft
2) documents and shares non-personal information about emerging online fraudulent activity to prevent future scams
3) works with the government to ensure effective enforcement of criminal penalties against cyber thieves
Information Paradox
Image Source: glasbergen.com
Cyber ID Theft and the Market
• A threat to economic systems, e-commerce- demanding scholarly, practitioner and regulatory attention/ action
• Citibank’s ID Theft Page
• TV Campaign
Reclaim Cyberspace
• A broader change in human identity
• Another paradox of technology
• Researchers have an important role to play in suppressing cyber-identity theft in the future.
• Reclaiming cyberspace as a means of enhancing and enriching (our own) human experiences