In most parts of the country, it was a news item that was easy to miss, but it was front page news in New Orleans, Louisiana when Lawrence E. Williams became the first person tried under the 1998 federal identity fraud statute. In all, Williams, 22, was charged with 14 counts of identity fraud.
When it became clear that he was destined for federal prison, Williams copped a pleaand legal experts predict he will spend a maximum of five years in prison.
The maximum penalty under the federal identity fraud law is 15 years in prison and a US$250,000 fine.
Ask any of the New Orleans movers and shakers whose personal information Williams stole if even the maximum punishment would have been enough. Thecollective frustration among them is palpable.
Williams’ scam began about one year ago, but only late last month did the case finally come to a conclusion. Still, those affected by his actions are likelynever to fully trust the Internet or electronic commerce again. Ever.
Williams, a New Orleans bank employee, opened accounts at Internet bank Wingspan and other Internet bank or credit-card accounts under the names of a number of prominent local citizens. They included high-profile car dealership owners, wine merchants, industry CEOs and presidents, retail store owners, doctors and philanthropists.
Through his job at the bank, Williams accessed his victims’ personal information and used a local university computer to open the Internet accounts.
At least one of the victims now says he believes the compromise of his identity and the financial ramifications of Williams’ actions will take many years, if not the rest of his life, to overcome. The victim is 44 years old.
Therein lies the extended and unfortunate aftershock of Internet identity theft.
At a time when e-commerce is still trying to earn some credibility among the masses, Williams and the thousands of other con artists perpetrating these crimes are doing more to stunt the growth of e-commerce because of the fear they inspire than perhaps any other issue or concern.
Last year, 26 percent of all fraud complaints filed with the U.S. Federal Trade Commission’s fraud database, Consumer Sentinal, were related toonline fraud and deception.
To its credit, the FTC’s Bureau of Consumer Protection is actively on the prowl for identity thieves. To its frustration, the problem is snowballing outof control and almost impossible to keep up with.
The collective naivete and cavalier attitude most of us have taken toward online transactions may have led to this identity theft epidemic.
How long can we really continue to use our family name or birth date for passwords and expect our transactions to be secure? And why does it have to take a crisis such as getting our personal information stolen to shake us in to the reality of how easy it is to lose our identity?
Digital signatures seemed at least a partial solution to the problem, but to date, digital signatures are about as widely used as mood rings.
The most encouraging development of late comes from a new alliance of Equifax and beTrusted. Together, the two companies have introduced an identity authentication service that will process user identification in real time while an e-commercetransaction is in progress.
Too Little, Too Late
Meanwhile, the damage is done in various quarterswhere individual identities have been stolen.
One of the New Orleans victims — who shall remain nameless since his identity has already been tampered with enough — says he is now paranoid about the whole issue.
He has been busy putting every possible safeguard and electronic lock on his personal data. The downside of that effort is that every transaction he tries to make, offline or online, takes about twice as long as it used to.
The whole notion of instant credit, or other rapid processing of transactions is now lost to him, because one wayward, self-indulgent 22-year-old thief.
After Williams pled guilty last month in exchangefor the lighter sentence, the victim reacted this way:
“It was so much easier in the old days when theyjust knocked you over the head in a dark alley andstole your wallet.”
What do you think? Let’s talk about it.
Note: The opinions expressed by our columnists are their own and do not necessarily reflect the views of the E-Commerce Times or its management.
How many people have actually been victims of identity fraud? There are occasional high-profile news stories such as this one that make it to a section on privacy for the program “60 minutes” on television. I saw this story reported in the “technology” section of my local paper as well, but there are millions of people concerned about the issue. Debates rage about solutions and “Identity Fraud Protection Kits” are available online. The FBI offers an identity fraud web site. Stories pop up every once in a while.
The question is simply, “How many victims are there?” I’ve suffered this problem myself. Credit bureaus offer canned responses, the Justice Department sent me a nice little booklet telling me how to protect myself, my bank refuses to discuss it beyond the obvious account balance as to their findings, the FBI gave me a case number and I never heard from them again, my police report sits inactive. Nobody is talking but me.
No wonder people are concerned. No action is taken, no findings disclosed to the victims, no solutions offered. We see news stories and say, “Yeah, that happened to me.”
I want to respond to both of the messages posted about Internet-based Identity Theft, which asked how often does ID theft happen, and is it a real-world problem or an Internet problem…
But first of all, identity theft is not the biggest roadblock for e-commerce. As Mike, the first poster said, how much does Internet theft of identity happen? Bigger problems for the growth of e-commerce include the low number of people with Net access at a reasonable speed and the slowdown overall of consumer spending.
Moreover, with reference to the second poster’s comments, how much does ID theft happen on the Internet as opposed to someone getting your SSN and credit card numbers in the real world?
It seems to me that the real problem lies with the credit bureaus and lack processing procedures at credit card companies and merchants who will process nearly every transaction without verifying that the right person is requesting it.
The problem here wasn’t the internet. As a bank employee, this guy had access to everyone’s personal data including signatures. He could have sent in written applications and accomplished the same dirty deeds. Instead of blaming the internet, they need to be placing their distrust in the bank where this guy worked.