This study considers the role of organizations in relation to identity theft from three perspectives: as a site of identity use (and misuse), as detectors of identity theft, and ultimately, as a site where a fundamental social imperative exists to ensure responsible action is taken to address this form of criminality. Through investigating the organizational--individual victim dynamic, this article examines how organizations react to the possibilities of identity fraud and draws out the implications of this for individual consumers in scenarios of identity theft. The evidence presented leads to a critical examination of the issues confronting organizations in seeking to anticipate and respond to these criminal acts.
Identity theft threatens the very essence of an individual's sense of self and his or her capacity to participate in society. The consequences of this form of criminality are significant and wide-ranging, with current assessments of its impacts exceeding billions of dollars each year (Cuganesan and Lacey 2003; Cabinet Office [U.K.] 2002; General Accounting Office [U.S.] 1998, 2002). Available evidence indicates that identity theft is becoming increasingly attractive for perpetrators vis-a-vis other forms of crime. In the United States, for example, identity theft is described as growing at a rate of 30% per year, with its losses estimated at reaching $8 billion by 2005 (Supreme Court of the State of Florida 2002). Although improved awareness and reporting may be partially responsible, these trends are nonetheless of concern to the individual consumer. The loss of funds and/or other forms of property, a tarnished credit history, and a criminal record are all potential outcomes for the identity theft victim, with ongoing consequences for the ability to secure employment, obtain goods and services on credit, travel freely, and participate in the wider society in a generally unencumbered fashion. In fact, merely seeking to reestablish an identity can result in ongoing denial of services for the victim, such as access to existing accounts and execution of existing contracts. Investigating identity theft and the current environment of responses is thus timely.
Although the formulation of identity theft responses is increasingly dominating the agenda of governments, policy formulators, legislators, and researchers, often overlooked is the important function of organizations in enabling and preventing identity theft. As discussed herein, the role of organizations in relation to identity theft is threefold: as a site of identity use (and misuse); as detectors of identity theft; and, ultimately, as a site where a fundamental social imperative exists to ensure responsible action is taken to address this form of criminality, an imperative based on the increasingly accepted notion that organizations are responsible for the long-term well-being and sustainability of the broader community (Executive Committee of World Business Council for Sustainable Development 2002; Maignan, Hillebrand, and McAlister 2002; Newson 2002). Consequently, it is important to consider organizational initiatives in formulating holistic policy responses to identity theft.
While focused on issues of identity theft, this article draws from a research program seeking to measure the nature, cost, and extent of the broader construct of identity fraud. Identity theft involves an individual falsely representing him- or herself as another real person for some unlawful activity (General Accounting Office 1998; Identity Theft Assumption and Deterrence Act of 1998). In contrast, identity fraud comprises both the illegal use of a real person's identity (identity theft) as well as that of a fictitious identity (Main and Robson 2001; Cabinet Office 2002). Thus, identity theft is a narrower subset of identity fraud. Of importance are the implications of this for the organizational--individual victim dynamic. For the individual consumer to be impacted, the crime must be one of identity theft. …