How Well Do Consumers Protect Themselves from Identity Theft?

Article excerpt

Identity theft is a serious and increasingly prevalent crime, and consumers need to take preventative measures to minimize the chance of becoming a victim. In an effort to assess consumer preparedness, this exploratory study measured the self-reported behavior of 61 college students and 59 non-students on thirteen identity theft preventative activities that were suggested by the Federal Trade Commission. Consumer education appears to be adequate for several identify theft preventative behaviors, but not for others. In addition, students and non-students demonstrated some interesting divergencies in behavior. Based on these preliminary findings, areas for increased consumer education and future research are recommended.

**********

The Economist (2001) reports that identity theft, defined as the appropriation of someone else's identity to commit fraud or theft, continues to be one of the fastest growing white-collar crimes in the United States. Identity theft can occur when another person, using a victim's personal information (most often social security number, name and address), opens up a credit card account (or other accounts such as a wireless phone) and incurs expenses. The billing statement is often diverted to another billing address so that the victim is not aware charges have been made and payment is overdue, which results in a bad credit rating. Individuals' identities can be obtained through theft of wallet, mail, trash, or online surveillance (FTC 2001). Often the victim is not aware that his information was misappropriated, and when the crime is discovered, reclaiming one's identity is a lengthy and costly experience.

The prevention of identity theft, as shown in Figure 1, depends upon the collective actions of government, businesses, and consumers. The government has the ability to pass criminal and civil legislation to help directly deter theft and influence business policy by requiring better information handling practices and record security, and educate consumers to better protect their personal information. Historically, the Fair Credit Billing Act, which limits the credit card holder to $50 liability for unauthorized charges, was the primary consumer protection effort. Subsequently, the Identity Theft and Assumption Deterrence Act (1998), which designates a maximum penalty of 15 years in prison and a $250,000 fine, has been used to prosecute offenders and act as a deterrent to thieves. In addition to federal legislation, many state laws have been passed (www.consumer.gov/idtheft/statelaw.htm). The Federal Trade Commission (www.consumer.gov/idtheft/) and other advocacy groups have educated consumers about how to prevent identity theft and how to recover if one is a victim of this crime. In an effort to reduce privacy concerns businesses have made efforts to shore up the security of their customer databases.

The effectiveness of the identity theft prevention efforts outlined in Figure 1 has not been empirically investigated in the academic literature. The purpose of this study is to begin exploring the effectiveness of the consumer education effort by measuring the extent to which consumers protect themselves from identity theft. This exploratory research examines the self-reported behaviors from two small samples: one of a cross section of consumers and one of college students. The results indicate that for these samples that some preventative behaviors are being followed while others are not and that there may be differences among consumer segments. A related purpose of this initial empirical effort is to help identify the issues that need further investigation.

[FIGURE 1 OMITTED]

The article is organized in four sections. The first section provides background about the scope of identity theft, how consumers are harmed, and how consumers can minimize its occurrence. The second section reports the study methodology. This includes sampling and data collection procedures, and questionnaire and measurement development. The third section reviews the results. The fourth section discusses the implications of the findings.

BACKGROUND

The literature addressing the issue of identity theft is sparse. Law review articles have provided a general overview of the problem (e.g., Hoar 2001), while others have evaluated the effectiveness of the courts and existing statutes to provide a remedy to the victims of identity theft (e.g., Alwin 2002; Saunders and Zucker 1999). In the marketing and public policy literature, identity theft is not directly addressed. However, related research has focused on privacy/security issues (Milne 2001; Miyazaki and Fernadez 2001) and fraud (Lee and Geistfield 1999; Norrgard and Norrgard 1998). The popular press, following the recent emergence of the identity theft crime, has begun to write stories that can inform consumers. An electronic search of the Lexis-Nexis major newspaper database for the term "identity theft" returned 1,892 articles, 768 (40.6%) of which were published in 2001 (see Figure 2). Given the nascent stage of this phenomenon, this review will focus on describing how identity theft generally occurs, how consumers are harmed, and what behaviors are recommended to minimize the occurrence of identity theft.

[FIGURE 2 OMITTED]

How Identity Theft Occurs

While the rise in the crime rate corresponds with the growth of the Internet, Jodie Bernstein, director of the FTC's Bureau of Consumer protection noted that less than 1% of identity theft cases can be linked to the Internet (Verton 2001). Surprisingly, most appropriation of personal identifying information has occurred through non-Internet based theft of wallet, mail, or garbage. Personal identifying information can include name, address, driver's license, social security number, telephone number, place of employment, employee identification number, mother's maiden name, demand deposit account number, savings account number, or credit card number (Davis 2002). Accordingly, much of the educational effort has been directed toward minimizing the probability of consumers falling victim to having their personal identifying information stolen or misappropriated.

How Consumers Are Harmed

Consumers who fall victim to identity theft can be harmed by (1) having their privacy invaded, (2) suffering the psychological trauma of having their reputation ruined, (3) incurring financial liabilities, and (4) undergoing tremendous transaction costs to restore their names.

How Consumers Can Protect Their Identities

In an effort to help educate consumers about the exposure risks to identify theft, the Federal Trade Commission, in their publication, "When Bad Things Happen to Your Name (FTC 2001)," has listed prevention behaviors that consumers can engage in that can minimize the risk of becoming a victim of identity theft. These behaviors include: finding out how information will be used before you reveal it to others; paying attention to credit card billing cycles; guarding your mail from theft; placing strong passwords on accounts and credit cards; minimizing the number of cards carried in your wallet; minimizing amount of information disclosed; keeping personal information in a safe place; protecting social security numbers; ordering credit reports annually.

Most of the recommendations to minimize the risk of identity theft pertain to established business practices and do not focus on protecting one's information online. Rather, the recommendations are approaches that most consumers can undertake to manage their personal information wisely. The next section describes the two studies that were conducted to explore the extent to which consumers follow these practices.

METHOD

Samples and Data Collection Procedures

For this exploratory research, two small data samples were collected during fall 2001. The first sample was 61 junior and senior college students from across two sections of Internet Marketing at a large northeastern university. The students were asked to participate to help the school with its research mission. A research assistant passed out and collected the survey instrument during the first 15 minutes of class. All students present participated and filled out the questionnaire completely. The students were debriefed later in the semester when the summary results were discussed in class. The student group was 65% male, averaged 21 years in age, 97% owned a computer, 84% had a credit card, 62% shopped through the mail, and 79% shopped using the Internet.

The second sample was a diverse non-student group of individuals who were recruited to attend commercial focus groups on the west coast conducted by a lifestyle marketing organization. The subjects were asked to fill out the surveys while they were waiting for the focus group to start. Sixty surveys were returned, of which 50 were completed fully. This non-student group, compared to the student sample, was older (average 36 years old), evenly split on gender (49% male), but not as educated (69% had some college). In addition, 66% owned computers, 81% had credit cards, 80% shopped by mail, and 39% shopped over the Internet.

Questionnaire and Measure Development

Thirteen (yes/no) questions based on the FTC's recommendations on minimizing risk were written specifically for this study. As noted in Table 1, the thirteen items were worded so that eight of the items would increase the probability and five would decrease the probability of being an identity theft victim. A summated index of preventative behavior was formed by first reverse scoring the items that would increase the likelihood of becoming a victim of identity theft, and then adding up the affirmative responses across all 13 items. High numbers on the scale suggest behavior that minimizes the risk of being a victim and low numbers suggest a person who is at risk. Overall, the average number of preventative behaviors practiced by students was 7.3. The average number of preventative behaviors practiced by non-students was 7.7.

To account for potential social desirability in the response answering the information practice questions, the Crowne-Marlow (1960) scale was included in the survey. This scale is a 33-item, true-false summated ratings scale. High scores indicate individuals who describe themselves in socially acceptable terms and attempt to gain social approval. Low scores indicate individuals who do not respond in a socially desirable manner. Researchers in marketing often correlate new scales with the Crowne-Marlowe scale to establish discriminant validity (Bruner and Hensel 1992). The correlations of the social desirability index with the summated identity theft prevention scale were not significant for both the non-student (r = .209, p > .05) and student (r = .062, p > .05) samples, suggesting that in general answers to identity prevention were not subject to a social desirability bias. However, as noted in Table 1, three of the items for the student sample and four for the non-students had statistically significant correlations with the social desirability index. The possibility of social desirability bias associated with these individual items should be kept in mind when interpreting results.

In addition, background questions were included that measured the consumer's shopping experience and demographics.

For the pretest, colleagues who had experience with survey instrument construction reviewed the questionnaire, and suggested changes were made (Hunt, Sparkman, and Wilcox 1982).

RESULTS

The student and non-student responses to the 13 identity theft prevention behavior questions are shown in Tables 2 and 3, respectively. The percentage of respondents who are practicing preventative behavior is presented in the right hand column. To better show the patterns of responses, the behaviors are grouped into three tiers; the first tier is preventative behaviors most respondents practice, the second tier is preventative behaviors some respondents practice, and the third tier is preventative behaviors few respondents practice.

Student Results

The students' responses to the identity theft prevention questions are shown in Table 2. The first grouping represents behaviors that more than two-thirds of students practiced. These include not keeping PINs and passwords (90%), social security cards (74%), or extra credit cards (67%) in their wallets; shredding credit card receipts (71%) and credit card offers (71%); checking credit card bills for mistakes (70%). The second grouping represents behaviors that less than two-thirds of students but more than one-third practiced. These include creating non-obvious passwords (64%), depositing outgoing mail in post office collection mailboxes (59%), picking up mail from their mailbox the day it arrives (56%), and not writing social security number on checks if asked by a merchant (48%). The third grouping represents preventive behaviors that less than one-third of the students practiced. These include picking up new checks at the bank (23%), ordering credit reports annually (22%), and finding out how personal information will be used before providing it to marketers (18%).

Non-Student Results

The non-students' responses to the identity theft prevention questions are shown in Table 3. The first grouping represents behaviors that more than two-thirds of non-students practiced. These include not keeping PINs and passwords (96%) in their wallets, shredding credit card offers (71%), picking mail from their mailbox the day it arrives (75%), and not writing social security number on checks if asked by a merchant (68%). The second grouping represents behaviors that less than two-thirds of non-students but more than one-half practiced. These include checking credit card bills for mistakes (66%), shredding credit card receipts (64%), not carrying extra credit cards in wallet (62%), finding out how personal information will be used before providing it to marketers (57%), depositing outgoing mail in post office collection mailboxes (52%), and using non-obvious passwords (51%). The third grouping represents preventative behaviors that less than one-half of the non-students practiced. These include not carrying social security card in their wallet (44%), picking new checks up at the bank (29%), and ordering credit reports annually (23%).

The Role of Background Variables

To examine whether background variables explained differences in overall preventative behavior within each sample, means were compared across demographic subgroups. For the student sample, there were no statistical differences based on gender, credit card ownership, or shopping behavior. Likewise, for the non-student sample, there were no statistical differences in preventative behavior for these variables or for age, education, or population of residence.

DISCUSSION

Preventative Behaviors Currently Practiced

Consumer education appears to be adequate for a couple of theft prevention practices. For example, both students and non-students have been well educated by banks not to carry their PIN and passwords with their wallet, and most consumers shred their credit card offers before dumping them into the trash. However, both groups did not adhere to the same preventative practices. Non-students were less likely than students to provide their social security number to merchants when cashing checks. Here it is likely that educational efforts were effective in reaching non-students. The educational efforts might not have had the impact on students since at the time of the survey the student's school identification number was also their social security number. On the other hand, students were more likely to shred their credit card receipts than non-students. Students might be more concerned with the card's $50 liability or perhaps they have not formed bad habits (not shredding) since the card is relatively novel to them. Due to characteristics of the student sample, not carrying extra credit cards in their wallets, and carefully checking billing statements were also more likely to be practiced. Students do not have the luxury of having the multiple credit cards due to their limited income and as such are more vigilant of billing mistakes. Thus, it is likely some practices are being followed for reasons other than identity theft prevention. Regardless of the reasons, the data suggest additional education is not needed to remind consumers of these practices but rather the efforts should be focused elsewhere.

Preventative Behaviors That Need More Attention

More education is needed to encourage consumers to establish non-obvious passwords. Students, perhaps because of the greater computer experience, are more likely to follow the practice than are non-students, yet both groups need to be reminded of the importance of not using their mother's maiden name, pet, birth date, or last four numbers of their social security number. Another area that both groups could improve upon is depositing their outgoing mail in post office drop boxes or at the post office. It is possible that for this question, some of the respondents might have locked mailboxes, which would provide the security against theft.

Educational efforts might be needed to remind non-students to check their billing statements for mistakes and to shred their credit card receipts. While these should be widely practiced, more than a third of the sample did not. Early detection of irregularities in billing can minimize the damage from theft.

In these samples, students were more likely to provide their social security numbers to merchants (56%) than non-students (32%). Interestingly, for students, providing merchants with a social security number for check cashing was positively related to social desirability as some students were conditioned to do this because of campus policy (their SSN was their student id number). These data support the claims for the prohibition of using the SSN for student, driver, insurance and other IDs (Givens 2000).

Preventative Behaviors That Need Critical Attention

First, for both the non-student and student groups, less than 25% of those surveyed ordered a copy of their credit report once a year. (Note that this behavior was not significantly correlated with socially desirable behavior.) It is likely these low numbers reflect that individuals do not consider tracking the credit report as a preventative measure, in part, because they are not aware. Research is needed to measure consumer awareness of this strategy to thwart identity theft. If awareness is low, a communications program is needed to alert consumers to be watchful of their credit records. The price of the report might be another reason for the low percentage of consumers who ordered credit reports. At the time this research was conducted, the top price of ordering a credit report from the three major credit bureaus was $8.50 per report. To remove the barrier of high costs, some states have lower prices. Moreover, in six states, including the state where the student sample was collected, individuals by law can get a free copy from each of the major credit bureaus (Equifax, Experian, Trans Union) every year.

One possible solution, which has support from privacy advocates (Givens 2000), would be to legislate that all states offer free annual credit reports.

Second, many consumers are having new checks mailed to their homes. More than 70% of both groups had their new checks mailed to them. (Note that these items were not correlated with social desirability.) When combined with the fact that mail lingers in mailboxes, this makes it easier for thieves to steal. This problem could be addressed if consumers picked up their checks at the bank as suggested by the FTC (2001). Moreover, banks could require consumers to pick up their checks in person. While the convenience of mail would be lost, this does not seem to be an unreasonable cost to minimize the risk of identity theft. Alternatively, people could install locked mailboxes.

Third, too many non-students are carrying social security cards in their wallets/purses. Fifty-six percent of the non-student sample carried their social security card in their wallet. Curiously, this item, for non-students, was positively correlated with social desirability, indicating some people think keeping the card in their wallet or purse is the proper thing to do. This could be corrected by a public service announcement from the Social Security Administration to remind consumers to keep the card in a safe place. There are institutional reasons older consumers might carry these cards. For some elderly, the social security card is necessary to pick up prescriptions. Hence, for situations such as these, businesses could be encouraged to not use the social security number as an identifier and not to collect this information if it is not absolutely necessary. Others have also suggested eliminating the social security number as an identifier used by businesses.

Finally, students need to be better informed about the dangers of providing personal identifying information to merchants. While students have less to lose by providing personal identifying information, it is important for them to establish good personal data management practices.

CONCLUSIONS

Based on the results of the survey and discussion above, consumer education seems to be wanting for these two consumer sample groups. To remedy these shortcomings, consumers should continue to be encouraged to reduce access to their personal data; closely monitor credit card activity; protect passwords, PINs, and social security numbers; and practice responsible information handling.

In closing, the data gathered for this research consisted of separate surveys of students and non-students. Because these surveys are small and exploratory, the results should not generalize to the general population. Yet, both samples represent two distinct populations that vary by age, Internet shopping experience, and particular institutional arrangements regarding personal information. The findings do suggest that there are across-group differences, and thus these finding should provide a starting point for subsequent empirical research that tracks the effectiveness of the educational effort across market segments.

As the crime of identity theft becomes more sophisticated, it would also be of value to measure the extent to which consumers' initiate preventative behaviors in cyberspace and with their wireless communications to protect their identity. For example, will consumers gravitate toward the use of anonymizers, personal firewalls, or other technological tools to protect themselves? Biometrics, in particular, seems to hold promise in helping positively identify individuals (Wallich 2002).

In addition to educating and monitoring consumers, future research might also examine business responsibility in minimizing identity theft. Will businesses stop using the SSN as a record identifier and collect only necessary information? Businesses can help prevent theft by developing privacy policies to guide customer and client relations, improving data and network security, disposing of records in a timely and complete manner (shredding), and taking care with facsimile and wireless phone transmissions. Changing business behavior will not be easy given many of the data collection practices that have been institutionalized. To enact change, trade associations and the government can help educate businesses in their role in preventing identity theft.

TABLE 1
Identity Theft Prevention Measures

                                                    Impact on
                                                    Likelihood
                                                     of Being
Questionnaire Items                                   Victim

I have ordered a copy of my credit report within
  the last year.                                     Decrease
When I order new checks I have the bank mail
  them to me.                                        Increase
I carry my social security card with me in my
  wallet or purse.                                   Increase
When asked to create a password, I have used
  either my mother's maiden name, or my pet's
  name, or my birth date, or the last four digits
  of my social security number, or a series of
  consecutive numbers.                               Increase
I always deposit my outgoing mail in post office
  collection boxes or at a local post office.        Decrease
Before I reveal any personal identifying
  information I always find out how marketers
  are going to use it.                               Decrease
I carry more credit cards than I need in my wallet.  Increase
I sometimes toss my credit card receipts in a
  public trash container without shredding them
  into tiny pieces.                                  Increase
I always check each item in my billing statements
  for mistakes and report these immediately.         Decrease
If asked by a merchant, I provide my social
  security number so they can write it on my check.  Increase
I sometimes leave my mail in my mailbox
  (at home) for a day or two before I pick it up.    Increase
I always shred or tear up the credit card offers
  I receive in the mail before throwing them in
  the trash.                                         Decrease
I keep a copy of my PIN number and passwords
  in my wallet or purse in case I forget them.       Increase
Average Number of Preventative Measures
  (out of 13)
Standard Deviation
Average Social Desirability Index (out of 33)
Standard Deviation
Reliability (KR-20).
Correlation of Prevention Index with Social
  Desirability Index

                                                    Questionnaire Item
                                                     Correlation with
                                                    Social Desirability
Questionnaire Items                                        Index

                                                                 Non-
                                                     Student   student
                                                      Sample    Sample

I have ordered a copy of my credit report within
  the last year.
When I order new checks I have the bank mail
  them to me.
I carry my social security card with me in my
  wallet or purse.                                                 +
When asked to create a password, I have used
  either my mother's maiden name, or my pet's
  name, or my birth date, or the last four digits
  of my social security number, or a series of
  consecutive numbers.
I always deposit my outgoing mail in post office
  collection boxes or at a local post office.
Before I reveal any personal identifying
  information I always find out how marketers
  are going to use it.
I carry more credit cards than I need in my wallet.
I sometimes toss my credit card receipts in a
  public trash container without shredding them
  into tiny pieces.                                                --
I always check each item in my billing statements
  for mistakes and report these immediately.            +          +
If asked by a merchant, I provide my social
  security number so they can write it on my check.     +          --
I sometimes leave my mail in my mailbox
  (at home) for a day or two before I pick it up.
I always shred or tear up the credit card offers
  I receive in the mail before throwing them in
  the trash.                                            +
I keep a copy of my PIN number and passwords
  in my wallet or purse in case I forget them.
Average Number of Preventative Measures
  (out of 13)                                          7.3       7.7
Standard Deviation                                     2.1       1.9
Average Social Desirability Index (out of 33)         14.9      16.2
Standard Deviation                                     5.5       6.5
Reliability (KR-20).                                    .79       .86
Correlation of Prevention Index with Social         r = .062,    =.209,
  Desirability Index                                 p > .05   p > .05r

TABLE 2
Identity Theft Prevention for Student Groups

                                                              Percent
                                                   Response  Practicing
                                                      to       Theft
Questionnaire Items                                Question  Prevention

Practices Most Students Followed

I keep a copy of my PIN number and passwords in
  my wallet or purse in case I forget them.          10%        90%
I carry my social security card with me in my
  wallet or purse.                                   26%        74%
I sometimes toss my credit card receipts in a
  public trash container without shredding them
  into tiny pieces (1).                              29%        71%
I always shred or tear up the credit card offers
  I receive in the mail before throwing them in      71%        71%
  the trash (1).                                     71%        71%
I always check each item in my billing
  statements for mistakes and report these           70%        70%
  immediately.                                       70%        70%
I carry more credit cards than I need in my
  wallet (1).                                        33%        67%

Practices Some Students Followed

When asked to create a password, I have used
  either my mother's maiden name, or my pet's
  name, or my birth date, or the last four
  digits of my social security number,
  or a series of consecutive numbers.                36%        64%
I always deposit my outgoing mail in post office     59%        59%
  collection boxes or at a local post office.        59%        59%
I sometimes leave my mail in my mailbox (at home)    44%        56%
  for a day or two before I pick it up.              44%        56%
If asked by a merchant, I provide my social
  security number so they can write it on my         52%        48%
  check.                                             52%        48%

Practices Few Students Followed

When I order new checks I have the bank mail
  them to me.                                        77%        23%
I have ordered a copy of my credit report within
  the last year (1).                                 22%        22%
Before I reveal any personal identifying
  information I always find out how marketers
  are going to use it.                               18%        18%

(1) Based on respondents who own a credit card.

TABLE 3
Identity Theft Prevention for Non-Student Groups

                                                              Percent
                                                   Response  Practicing
                                                      To       Theft
Questionnaire Items                                Question  Prevention

Practices Most Non-Students Followed

I keep a copy of my PIN number and passwords
  in my wallet or purse in case I forget them.        4%        96%
I sometimes leave my mail in my mailbox (at home)
  for a day or two before I pick it up.              25%        75%
I always shred or tear up the credit card offers
  I receive in the mail before throwing them in
  the trash (1).                                     75%        75%
If asked by a merchant, I provide my social
  security number so they can write it on my
  check.                                             32%        68%

Practices Some Non-Students Followed

I always check each item in my billing statements
  for mistakes and report these immediately.         66%        66%
I sometimes toss my credit card receipts in a
  public trash container without shredding them
  into tiny pieces (1).                              36%        64%
I carry more credit cards than I need in my
  wallet (1).                                        38%        62%
Before I reveal any personal identifying
  information I always find out how marketers are
  going to use it.                                   57%        57%
I always deposit my outgoing mail in post office
  collection boxes or at a local post office.        52%        52%
When asked to create a password, I have used
  either my mother's maiden name, or my pet's
  name, or my birth date, or the last four digits
  of my social security number, or a series of
  consecutive numbers.                               49%        51%

Practices Few Non-Students Followed

I carry my social security card with me in my
  wallet or purse.                                   56%        44%
When I order new checks I have the bank mail
  them to me.                                        71%        29%
I have ordered a copy of my credit report within
  the last year (1).                                 23%        23%

(1) Based on respondents who own a credit card.

REFERENCES

Alwin, Janice A. 2002. Privacy Planning: Putting the Privacy Statutes to Work for You. DePaul Business Law Journal. 14 (Spring): 353-80.

Bruner, Gordon C., II, and Paul Hensel. 1992. Marketing Scales Handbook: A Compilation of Multi-Item Measures. Chicago: American Marketing Association.

Crowne, Douglas P. and David Marlowe. 1960. A New Scale of Social Desirability Independent of Psychopathology. Journal of Consulting Psychology, 24 (August): 349-354.

Davis, Lance. 2002. With or Without Authorization, It's Still Identity Theft. McGeorge Law Review, 33 (Winter): 231-238.

Economist. 2001. United States: Stealing People is Wrong. The Economist, 358 (8212): 28-29.

Federal Trade Commission. 2001. ID Theft: When Bad Things Happen to Your Good Name. www.consumer.gov/idtheft/; accessed 2/13/2001.

Givens, Beth. 2000. Preventing Identity Theft: Industry Practices are the Key. Talk given to National Summit on Identity Theft, March 15-16, 2000. www.privacyrights.org/ar/natsummit.htm, accessed 10/24/01

Hoar, Sean. 2001. Current Development: Identity Theft--The Crime of the New Millennium. Oregon Law Review, 80 (Spring): 1423-1447.

Hunt, Shelby D., Richard D. Sparkman, and James B. Wilcox. 1982. The Pretest in Survey Research: Issues and Preliminary Findings. Journal of Marketing Research, 19 (May): 269-273.

Identity Theft and Assumption Deterrence Act. 1998. 18 U.S.C. S1028(a).

Lee, Jinkook and Loren V. Geistfield. 1999. Elderly Consumers' Receptiveness to Telemarketing Fraud. Journal of Public Policy & Marketing, 18 (2): 208-18.

Milne, George R. 2001. The Effectiveness of Self-Regulated Privacy Protection: A Review and Framework for Future Research. In Handbook of Marketing and Society, edited by Paul N. Bloom and Gregory T. Gundlach (pp. 462-485). Thousand Oaks, CA: Sage Publications.

Miyazaki, Anthony D. and Ana Fernandez. 2001. Consumer Perceptions of Privacy and Security Risks for Online Shopping. Journal of Consumer Affairs, 35 (1): 27-44.

Norrgard, Lee E. and Julia M. Norrgard. 1998. Consumer Fraud: A Reference Handbook. Santa Barbara, CA: ABC-CLIO.

Saunders, Kurt M and Bruce Zucker. 1999. Counteracting Identity Fraud in the Information Age: The Identity Theft and Assumption Deterrence Act. International Review of Law, Computers & Technology, 13 (2): 183-192.

Verton, Dan. 2001. Identity Theft Skyrockets, but Less Than 1% Occur Online. Computer World. 35 (7): 7.

Wallich, Paul. 2002. Who's Who? Scientific American. 287 (July): 19-22.

George R. Milne is Associate Professor of Marketing in the Isenberg School of Management, University of Massachusetts--Amherst.

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.