Which Legislations Criminalize the Offence of Identity Theft in the United States Legal System
Credit card issuers acting as users of consumer credit reports are required under a new provision of the FCRA to follow certain procedures if the issuer receives a request for an additional or replacement card within a short period of time after notification of a change of address for the same account.28 As part of additional efforts to prevent identity theft, Other new regulations require credit card account numbers to be shortened to print them electronically. receipts29 and, upon request, the reduction of Social Security Numbers in credit reports provided to a consumer.30 Some researchers have argued that banning hyperlinks is one such scenario that requires further consideration because of the unique value hyperlinks offer for online communication – even in the context of content-neutral restrictions. Anjali Dalal expands on Stone`s three-step formulation of neutral content examination, arguing that the neutral content doctrine is essentially an “impact-based doctrine” in which courts assess the “net effect on valued speech.” 188 188 Dalal, cited in footnote 145, p. 1049. Close Since hyperlinks are essential for online communications of unique value, restrictions on hyperlinks affecting First Amendment rights should be subject to stricter scrutiny. 189 189 Id., pp. 1068–72 (argues that the court should apply less respectful standards of review if legal restrictions impede the communicative value of Internet hyperlinks). However, it is important to note that Dalal does not see this approach as encouraging illegality. Id., p. 1069. Close Dalal relies heavily on the landmark New York Times Co. v. Sullivan 190,190,376 US 254.
Shut down and highlight the Internet as a means of communication that rivals the importance of newspapers in the 1960s. 191 191 See Dalal, op. cit. Cit. note 145, pp. 1068-72 (discussion of Sullivan`s intentional approach and the importance of print newspapers in public discourse at the time of Sullivan`s adoption). For more details on the unique value of hyperlinks and the Internet to public discourse, see footnotes 216-217 and accompanying text (Discussion on the Need to Protect Anyone Who Permits the Free Flow of Information of Public Interest). Close This analytical approach is explained in more detail in Part III.B. Under the Act, 18 U.S.C.
§ 1028 was amended to make it a federal offense to commit, attempt, or assist someone to commit identity theft. Because it is a federal offense, identity theft cases are tried in U.S. District Court. Illegal systems used to commit identity theft often violate other federal laws, such as: Part II argues that the Brown case drew attention to the gaps and ambiguities in federal identity fraud laws that allow for potentially unconstitutional restrictions on freedom of expression. While the application of the law in Brown`s case may not result in such restrictions, the broad definitions in section 1028(d) and the absence of an intent requirement in section 1028 allow for unconstitutional restrictions in a significant number of cases. 94 94 See Part III.A-B below (Analysis of potential challenges to the excessive scope and vagueness of Articles 1028 and 1028A and recommendation for increased intent requirements). Part III then suggests possible solutions to these shortcomings without interfering with the government`s aggressive prosecution of malicious identity thieves. For more information on state identity theft laws, see National Conference of State Legislators, Identity Theft Statutes & Criminal Penalties, www.ncsl.org/programs/lis/privacy/idt-statutes.htm. By including Section 1028(a)(7) as an identity fraud offense, Congress appears to have responded to this growing threat to citizens. 50 50 See Rep. No 105-274, p.
7 (referring to `financial crimes involving the unlawful use of individuals` personal data` and the `devastating` effects of identity theft on individual victims (emphasis added)). During debate in the House, comments focused on the ease with which a malicious person could obtain and misuse another person`s personal information, as well as the financial hardship victims faced as a result of loopholes in the federal law. 51 51 See 144 Cong. ECR 24, 379–84 (1998) (discussion of the purpose and usefulness of the Identity Theft and Deterrence of Presumptive Act, 1998). Close representatives also highlighted the impact of the Internet on the availability of personal data; Because the Internet makes information more accessible, identity crimes have become more prevalent. 52 52 Id., p. 24.384 (Statement by Representative Sanders) (Discussion of the dangers posed by readily available personal identification information on the Internet). Despite congressional concerns about people in trouble, critics have remained skeptical that the Section 1028 changes would reduce the financial burden of identity theft due to a lack of funding for federal investigations.
53 53 See, for example, Martha A. Sabol, The Identity Theft and Assumption Deterrence Act of 1998: Do Individual Victims Finally Get Their Day in Court?, 11 Loy. 165, 169 (1999) (lack of federal funding for ITADA has forced federal agencies to continue to focus on large-scale identity fraud). Although Congress explicitly criminalized “identity theft,” it did not initially provide for harsher penalties commensurate with the seriousness of these crimes. 54 54 See 18 U.S.C. § 1028(b) (1988) (no distinction between identity theft and other identity-related offenses for sentencing purposes). This failure to provide harsher penalties for identity theft has been partially corrected by successive minimum penalties set forth in 1028A.18 U.S.C. § 1028A(b) (2012). Close the President`s Task Force on Identity Theft, Combatting Identity Theft: A Strategic Plan, April 2007, www.identitytheft.gov/reports/StrategicPlan.pdf. Like the Fair Billing Act, the Electronic Funds Transfer Act is not identity theft legislation per se, but it provides consumers with a mechanism to dispute unauthorized transactions and have their accounts re-credited in the event of an error.
The objective of the Electronic Money Transfer Act (EFTA) is “to establish a basic framework defining the rights, duties and responsibilities of participants in electronic money transfer systems”. 40 EFTA restricts, inter alia, a consumer`s liability in the event of unauthorised electronic transfers of funds. If the consumer notifies the financial institution within two business days of becoming aware of the loss or theft of a credit card or other device used for electronic transfers, the consumer`s liability is limited to the amount less than $50 or the amount of unauthorized transfers that occurred prior to the financial institution`s notification.41 The Enhanced Penalties for Identity Theft Act was created to increase penalties for aggravated identity theft. U.S. attorneys use 18 U.S.C. § 1028A to charge an alleged perpetrator with using certain identity information. LulzSec`s undercover and information dumping campaign is characteristic of a new trend in online mischief and identity fraud. Small groups of hackers with exceptional technical expertise carry out many modern cyberattacks.
These people exploit systems to damage, degrade or steal information. 63 63 See Imperva, Imperva`s Hacker Intelligence Summary Report: The Anatomy of an Anonymous Attack 3 (2012) (most anonymous hacktivist campaigns are conducted by ten to fifteen highly skilled hackers supported by hundreds of less skilled or unskilled followers). Close But skilled hackers are often surrounded by a larger group of followers who exploit the shared information or simply passively engage in targeted attacks. 64 64 Id., pp. 3-12 (Analysis of the chronology of Anonymous` prototypical attack, which involved public recruitment, attempts to infiltrate systems and data theft, and subsequent distributed denial-of-service attacks using a volunteer network of countless passive supporters). Close High-profile cyberattacks also attract digital viewers and fans without technical skills; This group can include security bloggers, political activists, institutional journalists, and ordinary citizens. 65 65 Perhaps the most notable example of this phenomenon is the Steubenville rape case, in which Anonymous published information about underage abusers online and pressured the judiciary to take further action. Throughout the Steubenville case, members of Anonymous discussed personal information posted online with the media. See, for example, Amanda Marcotte, Rape, Lawsuits, Anonymous Leaks: What`s Going On in Steubenville, Ohio?, Slate (Jan. 3, 2013, 14:47), www.slate.com/ blogs/xx_factor/2013/01/03/steubenville_ohio_rape_anonymous_gets_involved_and_the_case_gets_even_more.html (filed with Columbia Law Review) (describes the Anonymous campaign against the lack of prosecution in the Steubenville rape case and the collective`s interactions with the media). Existing laws, including federal identity fraud and computer fraud laws, often do not account for this variety of motives and varying degrees of involvement in fraudulent activities, resulting in potentially equal liability for each of the aforementioned groups.
Identity theft was not explicitly declared a federal crime until 1998, when Congress amended Section 1028 with the Identity Theft and Deterrence of the Assumption Act of 1998 (ITADA) in response to growing public pressure and the migration of financial information to digital and online media. 47 47 See Identity Theft and Assumption Deterrence Act of 1998, Pub L. No. 105-318, § 3(a)(4), 112 Stat. 3007, 3007 (codified in 18 U.S.C. § 1028(a)(7)) (criminalizing the unlawful transfer or use of “means of identifying another person with intent to go to work. illegal activity”); See also ID. § 3(d) (Definition of “means of identification” as “any name or number that may be used, alone or in conjunction with other information, to identify a particular person” and list of examples).