The Legislative Protection of Civilians from Identity Theft

Introduction

The ardent rise of new information technologies have bought a revolution in business practices and made Canadian companies efficient and competitive. However, the electronic storage of personal information has multiplied the risk that may be misused to commit fraud and other crimes. This is coined as “identity theft”.

Identity theft is often committed through Web spoofing wherein fraudulent email and web sites trick unsuspecting users into revealing private information. The US secret service report that approximately 30 attack sites are detected each day. In this paper we would be expanding our knowledge around identity theft and its legislation around Canada and also on how it effects its victims.

Defining Identity Theft

In U.S. jurisdictions and elsewhere, traditional and cybercrimes involve four key elements:

• Actus reus (physical component of a crime)
• Men rea (a culpable mental state)
• Attendant Circumstances (presence of certain necessary condition)
• Harm ( to either the person or property, or both)

There are five types of identity theft that are most common.

• Criminal identity theft: A crook commits crime using an other individual identity which we would be emphasising in details in the following paper.
• Identity cloning: When an imposter obtains your key personal information in order to impersonate you. A case study of R.v. Dragusica is a perfect example to understand this kind of theft. Dragusica was convicted for possessing methamphetamine for trafficking and possession of Rylek’s property. To impersonate him, he stole his driver’s license and SIN. Dragusica rented a storage unit under Rylek’s name for which he did not make any payments. When the manager of the storage facility sent Rylek a letter about the overdue payments when he soon realised that it was a case of identity theft. The manager soon called the police who found a boxed-up laboratory for producing methamphetamine and soon Dragusica was arrested by the police when he came to pay the account. The crown sought a sentence of 32 months imprisonment, which would be a four years imprisonment once credit for the pre-trial custody was applied to it.
• Medical identity theft: When fraudster gains illegal access to obtain medical services, prescription drugs or medical insurance coverage under the victim’s name. Although the statistics are not available for Canada, the Ontario ministry of Health and Long-Term care claims that medical fraud is the main outcome of the ID theft in Ontario (CIPPIC, 2007: 26).
• Immigration fraud: International Criminals such as terrorists and illegal immigrants, use stolen identities to obtain passport in order to cover their felonies and illegal activities. Such types of frauds are counted as a significant threat for national securities across the globe. For example, in July 2002, a member of al-Qaida, who was using Australian passport, was arrested in Canada. He was charged by the government of Netherlands because he planned to blow up the American embassy in Paris.
• Online shopping: Fraudsters shop online with victim’s personal information and ID in a different area, usually Africa. Then a repackaging of the orders is requested and is shipped back to the fraudsters. For example, in Canada in 2003, when an Albertan purchased merchandise online with a stolen ID and credit card number and asked for his order to be shipped to North Dakota and re-shipped them to Edmonton through repackaging.

Legislative Landscape

There are federal, provincial and territorial laws that deal with identity theft. A comprehensive response call for the action from both levels of government and requires a number of different legislations.

Federal Laws

The federal Personal Information Protection and Electronic Documents Act (PIPEDA) and the federal bank Act may be relevant to a number of the proposed reforms and other sector specific legislation. Further legal analysis is conducted to determine how these statues are affected. The criminal code of Canada has traditional offences of fraud and theft, as well as using, possessing and trafficking in credit/debit card data. Over the past two years, Justice Canada is examining limitations in laws regarding identity theft and considering various policy reforms to address the problems.

Provincial/Territorial Laws

This type of legislation sets out rules and responsibilities for the credit bureau that maintains files on people’s credit information. Canada’s provinces and territories also have consumer protection legislation, designed to protect consumers in the marketplace and ensure a level playing field for business.

Criminal Code

• (a) section 57 (forgery of or uttering forged passport)
• (b) section 58 (fraudulent use of certificate of citizenship);
• (c) section 130 (personating peace officer);
• (d) section 131 (perjury);
• (e) section 342 (theft, forgery, etc., of credit card);
• (f) section 362 (false pretence or false statement);
• (g) section 366 (forgery);
• (h) section 368 (use, trafficking or possession of forged document);
• (i) section 380 (fraud); and
• (j) section 403 (identity fraud).

The Victims of Identity Theft

Identity theft is often thought of as an “adult” problem, but no one else is immune to this crime. According to a report by Javelin Strategy and researching, a research based advisory firm in digital and finance, over one million children were victims of identity theft in 2017 – crimes which resulted in US$2.6 billion in total losses. About two-thirds of victims were found to be under the age of eight, a statistic which depicts that the crimes can happen even before children start using the internet.

As for Canada, according to the ETF Capital Management report, 32 percent of the Canadians have been the victims of some form of financial fraud. Personal finance educator, and consumer advocate Kelley Keehn, who wrote a fraud protection guide, explained that some kids won’t have a credit file or SIN until they are 18 in Canada and that is the reason children make the perfect targets of identity fraud.

The news article published on June 21,2018 discusses the story of Sara Woodington, a mom who lives in Southeastern Pennsylvania, discovered that a crook in Texas had used her 17-year old son’s SSN to create a fake identity for himself, The fraudster combined his name and address with her son’s SSN to create a false identity to create a false identity, to get a restaurant job in Austin. Woodington now fears that her benefits will now be threatened.

Second group of people that are effected by identity theft are people who use debit or credit cards. Paying with credit card on online sites that are not protected can make you more vulnerable to data breaches. Equifax and TransUnion are credit monitoring service which charge between $11.95 and $29.95 a month. According to Claudiu Popa, a cybersecurity expert “No amount of monitoring will give you 100 percent guarantee that you’re going to be protected against identity theft.”

The news posted on Feb 22, 2019 by CBC news emphasises that the protections offered by Equifax and TransUnion against the identity fraud is “ineffective”. The news article is about Robert Darch who reported the credit bureaus about his stolen ID. He said “the credit bureaus placed a fraud alert on his account which is like a firewall and you are protected.” Soon he realised the fraud alerts weren’t working when CTV news knocked his door, wanting to know why he was selling illegitimate phones on Craiglist. Someone managed to open two phone accounts with his personal information and was selling the phones online under his name.

Costs Borne by Victims

Victims of identity theft do not end up paying for what is stolen while using their identities. For example, when a thief uses a credit card to buy an item fraudulently, depending on the type of transaction, the credit card issuer on the merchant typically bears the direct cost. However, victims do end up paying the lawyer’s fees and sometimes they also end up paying the for the fraud purchase for the sake of protecting their credit records.

Conclusion

Identity theft is a growing problem and difficult to detect. Identity thieves can quickly adapt to new technologies and the nation cannot keep up with it. We can strengthen the existing laws by making it easier for victims to detect identity theft. One proposal is the duty to notify people affected by a security breach and the placement on fraud alerts on stolen debit/credit cards. Coordinated action between the consumers, financial institutions, credit bureaus and the government ensures that we can address this costly problem.