Neva Georgeson, a middle-aged successful business executive from Los Angeles celebrated her birthday every year with her two grown-up sons and their families at a fishing lodge in Canada. As a birthday present her sons paid for her expenses to fly to Canada, sent her $200 in traveler's checks to cover her other expenses, met her at the airport when she arrived and drove her to the lodge. Because she anticipated no major need to spend her own money, she left her credit card along with the pin number and password and other important financial information at home in a small box on her dresser. However, she forgot to put a hold on her mail delivery and, as a result, it was delivered all week. Thieves stole her mail, which included an unsolicited credit card application. Noting that her mailbox was overloaded the thieves correctly assumed that Neva was gone for an extended period of time. They then broke into her home and stole all of her valuables including her credit card and related financial information. With the loot obtained from Neva's mailbox and home, the thieves applied for a new credit card under Neva's name using a different address and also called her current credit card company requesting an increase in her credit limit. The credit agencies reported that Neva had outstanding credit and, as a result, a new credit card was issued and the line of credit on her old credit card was increased to $25,000. Within a month the fraudster who stole her identity had racked up over $35,000 in bills on her new and old credit cards. It took Neva close to a year and thousands of dollars to cover her losses and restore her excellent credit history.
Unfortunately, this is a typical case of identity theft. According to the US Justice Department, identity theft, also known as identity fraud, refers to all types of crime in which someone wrongfully obtains and uses another individual's personal data in a way that involves fraud or deception, typically for economic gain ( United States Department of Justice, 2005 ). The extent of this problem can be seen when examining increases provided by recent statistics. Complaints of identity theft reported to the United States Federal Trade Commission (FTC) numbered 86,212 in 2001; 161,836 in 2002; 214,905 in 2003; and 246,570 in 2004, respectively ( Federal Trade Commission, 2005 ).
With the prevention of identity theft as a new major priority, the US Congress passed the Fair and Accurate Credit Transactions Act (FACTA), 2003 and the Identity Theft Penalty Act (ITPEA) in 2003 and 2004, respectively. To determine whether these two new pieces of legislation will help reduce identity theft, the provisions of each act are analyzed in detail in next sections of this paper.
On 4 December 2003, the FACTA, 2003 became a new Federal Law. The purpose of the FACTA is to “amend the Fair Credit Reporting Act (FCRA), to prevent identity theft, improve resolutions of consumer disputes, improve the accuracy of consumer records (and), make improvements in the use of, and consumer access to, credit information” ( One Hundred Eighth Congress of the United States of America, 2003 ). The FACTA is divided into major parts called “titles”, each of which are further divided into numbered “sections”. Unless specifically mentioned in the FACTA, most of the provisions in the sections of the FACTA are expected to go into effect within one year of its enactment, which occurred in December, 2004.
On 15 July 2004, the ITPEA became a new Federal Law ( One Hundred Eighth Congress of the United States of America, 2004 ). The main purpose of the ITPEA is to establish penalties for aggravated identity theft. The ITPEA is divided into major parts called sections. Prior to the adoption of the FACTA and the ITPEA, the FTC testified before the House Committee on Financial Services and the Senate Committee on banking, housing and urban affairs on 9 and 10 July 2003 to support adding amendments to the FCRA that would improve protection to all consumers, especially identity theft victims. The identity theft proposals that the FTC promoted included ( Federal Trade Commission, 2003a ):
A fraud alert informs creditors that a possible or real fraud has been associated with a given consumer's credit report. From an operational viewpoint, a creditor must confirm that they are working with the actual consumer and not a fraudster before issuing a duplicate credit/debit card, processing a change of address, extending credit...