Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity Theft Philippa Lawson Canadian Internet Policy and Public Interest Clinic University of Ottawa www.cippic.ca.

Published byAmbrose Powers Modified over 8 years ago

Similar presentations

Presentation on theme: "Identity Theft Philippa Lawson Canadian Internet Policy and Public Interest Clinic University of Ottawa www.cippic.ca."— Presentation transcript:

1 Identity Theft Philippa Lawson Canadian Internet Policy and Public Interest Clinic University of Ottawa www.cippic.ca

2 Definitions (Archer/Sproule) Identity theft: The unauthorized collection, possession, transfer, replication or other manipulation of another person’s personal information for the purpose of committing fraud or other crimes that involve the use of a false identity. Identity fraud: the gaining of money, goods, services, other benefits, or the avoidance of obligations, through the use of a false identity.

3 Archer/Sproule Conceptual Model

4 Most Useful Info Account numbers/details –Bank, credit card, mortgage, phone, etc. Passwords, PINs ID documents/numbers –SIN, health, drivers licence, passport, birth cert. –employee, student, member Credit reports Home address Date of birth Employment details Biometric information

5 Techniques of ID Theft taking/stealing from individuals: –finders keepers: trash, used computer equip, lost wallet –theft of wallet, chequebook, credit card, mail –pretexting by phone or in person –scams: employment, surveys, contests…. –phishing, vishing, pharming –skimming - via ATMs, hidden machines –wireless eavesdropping –malware: keystroke loggers, etc.

6 Techniques of ID Theft taking from public sources: –personal websites, social networking sites –online resumes –employer/association websites –online public records –post-disaster missing person sites –obituaries

7 Techniques of ID Theft taking/stealing from organizations: –dumpster diving –used computer equipment –corrupt employees –pretexting (duped employees) purchase/subscribe (e.g., credit reports) –hacking; taking advantage of security holes

8 Intermediate Stages ID data trafficking –buy and sell personal information ID document “breeding” –create counterfeit documents –apply for new documents, ID numbers (forgery) Submit change of address to post office –divert victim’s mail

9

10 Purpose: ID Fraud use credit card, phone credit withdraw from bank account open new accounts (bank, utility, phone…) obtain loans mortgage/sell property (mortgage/title fraud) steal cars; order goods online using drop-site get insurance or government benefits get employment/hide criminal record create cover for other criminals/terrorists

11 What to do? 1.Prevention -Data Protection/Security -Deterrence 2.Early detection -Mitigation -Prosecution 3.Victim Assistance

12 Individuals should…. keep ID/account info secure shred records not post detailed personal information online not respond to questionable solicitations, emails keep an eye on debit/credit cards install up-to-date computer firewall, virus protection use different passwords, change frequently understand risk of activities and decide accordingly check credit report annually (detection)

13 Organizations should… Prevent theft: –minimizing collection/retention/disclosure –avoiding giant databases of personal info –encrypting data –redacting personal info in public records –carefully screen, train, monitor employees –taking care when outsourcing

14 Organizations should… Prevent Fraud: –adopting strong authentication methods access requests applications for documents change of address notices (Canada Post) –issuing tamper-proof ID documents

15 Control Points Individuals: –limited control / ability to assess risk Organizations: –Service providers Online services, electronic banking, magnetic stripe cards, wireless communications, … –Software/hardware vendors/manufacturers –Data holders (government + private sector) –Public records (government) –Social networking sites

16 Priorities 1.Incentives for Organizations 2.Victim Assistance 3.Deterrence (Thieves)

17 Incentives for Organizations Data Protection Laws –enforce! –Privacy Act, PIPEDA – gaps? Data Breach Notification –risk of reputational damage; cost of notification Civil Liability for Failure to Protect –leading to ID theft (or risk thereof?) –rights to sue manufacturers of hardware/software that exposes data to ID theft?

18 Privacy Act no minimum collection/retention rule no requirement to report data breaches no clear guidelines re: posting public records online; making personal information available electronically

19 Victim Assistance data breach notification letters credit bureaus – fraud alerts, security freezes centralized assistance/forms getting new ID documents right to copy of police report process for establishing innocence and ordering corrected records

20 Deterrence (thieves) Criminal law -penalties for ID fraud crimes -police resources to pursue -criminal code amendments?

21 Criminal Law Existing ID Theft/Fraud crimes –fraud, forgery, personation, computer misuse –mere possession is not a crime; no deprivation Possible new ID Theft crimes –possession of [multiple] ID with intent to defraud remove deprivation requirement rebuttable presumption of intent (multiple ID, spec.data) –fraudulently obtaining personal info (Bill C-299) –trafficking in ID info/cards recklessly or knowingly –breach of trust (employee theft) –fraudulently redirecting mail

22 www.cippic.ca

Download ppt "Identity Theft Philippa Lawson Canadian Internet Policy and Public Interest Clinic University of Ottawa www.cippic.ca."

Similar presentations

Identity Theft …It could be you But This Presentation is by me, Michelle Richards.

Identity Theft …It could be you But This Presentation is by me, Michelle Richards.
What is identity theft? How does identity theft occur? How do you protect yourself? What do you do if you are a victim? Jane Doe Certified Consumer Credit.

What is identity theft? How does identity theft occur? How do you protect yourself? What do you do if you are a victim? Jane Doe Certified Consumer Credit.
Parachute Neighborhood Watch Presentation February 9, 2010.

Parachute Neighborhood Watch Presentation February 9, 2010.
Presented By www.fmfcu.org/drexel Drexel and FMFCU.

Presented By Drexel and FMFCU.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?

1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?
Preventing Identity Theft Beware the Trails You Leave Behind Use limitations: These materials may be used only for nonprofit, noncommercial educational.

Preventing Identity Theft Beware the Trails You Leave Behind Use limitations: These materials may be used only for nonprofit, noncommercial educational.
Protecting Your Identity: What to Know, What to Do.

Protecting Your Identity: What to Know, What to Do.
Deter, Detect, Defend: The FTC’s Program on Identity Theft.

Deter, Detect, Defend: The FTC’s Program on Identity Theft.
Identity Theft “When Bad Things Happen To Your Good Name” El Camino Community College Police Department Sgt. Kirk Johnston Josh Armstrong.

Identity Theft “When Bad Things Happen To Your Good Name” El Camino Community College Police Department Sgt. Kirk Johnston Josh Armstrong.
1 Identity Theft and Phishing: What You Need to Know.

1 Identity Theft and Phishing: What You Need to Know.
Identity Theft. MIS Training Institute, Inc.Section X - Slide 2CS1 053 ©Network Security Services, LLC Outline n Definitions n Methods used n Ways to.

Identity Theft. MIS Training Institute, Inc.Section X - Slide 2CS1 053 ©Network Security Services, LLC Outline n Definitions n Methods used n Ways to.
TCLEOSE Course No. 3277. 78 th Legislature SB – 473; SECTION 8. Section 1701.253, Occupations Code, is amended by adding Subsection (i) to read as follows:

TCLEOSE Course No th Legislature SB – 473; SECTION 8. Section , Occupations Code, is amended by adding Subsection (i) to read as follows:
National Association of Student Financial Aid Administrators The following is a presentation prepared for NASFAA’s 2007 Conference in Washington, DC July.

National Association of Student Financial Aid Administrators The following is a presentation prepared for NASFAA’s 2007 Conference in Washington, DC July.
1. 2 Someone steals your personal information to commit fraud. A “buy now, pay never” shopping experience. What is Identity Theft?

1. 2 Someone steals your personal information to commit fraud. A “buy now, pay never” shopping experience. What is Identity Theft?
Computer Vulnerabilities & Criminal Activity Identity Theft & Credit Card Fraud 7.2 October 24, 2011.

Computer Vulnerabilities & Criminal Activity Identity Theft & Credit Card Fraud 7.2 October 24, 2011.
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.

BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
RMG:Red Flags Rule 1 Regal Medical Group Red Flags Rule Identify Theft Training.

RMG:Red Flags Rule 1 Regal Medical Group Red Flags Rule Identify Theft Training.
Identity Theft Someone steals your personal information for his/her own gain It’s a crime!

Identity Theft Someone steals your personal information for his/her own gain It’s a crime!
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Similar presentations

Ads by Google