Identity thefts skyrocket, but less than 1% occur online

Computerworld - The number of identity thefts in the U.S. has skyrocketed during the past 15 months, but contrary to public perception, very few of those crimes are happening online, the Federal Trade Commission (FTC) told a presidential advisory council last week.

"Identity theft is expanding and increasing every day," said Jodie Bernstein, director of the FTC's Bureau of Consumer Protection, during the first meeting of the President's Information Technology Advisory Committee. She said 2,000 calls per week poured into the FTC identity theft hotline last month alone. But less than 1% of all reported cases to date can be linked to the Internet, she said. The two most common causes are lost wallets or purses, and mail theft.

"We don't see as many Internet solicitations, but we are watching that," said Joanna Crane, program manager for the FTC's identity theft program. She added, however, that there is evidence that Internet-related thefts, particularly e-mail schemes, are increasing.

When asked by a council member if the FTC thinks Internet-related cases of identity theft are an unreported problem, Bernstein said it's possible but not likely.

"Our estimate would be very low—maybe 20%," she said.

Hacker Incidents Probed

Council member Larry Smarr, strategic adviser at the University of California's School of Engineering in San Diego, suggested that the FTC consider a hacker incident that happened just last week as an example of the growing threat of identity theft online.

Personal information and credit card numbers belonging to high-profile political and business leaders who attended the World Economic Forum (WEF) in Davos, Switzerland, were stolen off a WEF server (see story). Microsoft Corp. Chairman Bill Gates and former president Bill Clinton were among the possible victims.

Ironically, that break-in made potential victims out of many of the business leaders who for years have defended self-regulation of industry privacy controls. Many, including Gates, Dell Computer Corp. Chairman Michael Dell and others, have urged the government not to intervene by implementing more regulations regarding privacy and protection of personal information online.

Steven Kobrin, a professor of multinational management at The Wharton School at the University of Pennsylvania in Philadelphia, has attended the last seven WEF summits and was among the victims of the latest hacker incident.

According to Kobrin, many industry executives have been outspoken opponents of regulation during past WEF summits and don't think there's a problem.

"This year, we had a panel on privacy, and people from industry said there wasn't a problem," said Kobrin. "Regulation tends to be a dirty word."

That's partly because it could affect companies' bottom lines [News, Feb. 5]. Regulation would mean that companies would have to invest more in storage technology to store information for long periods of time and security technology to prevent unauthorized access.