Identity theft problem needs a 'tsar' to tackle it, say MPs
Growing problems with identity-based crime need a dedicated resource to combat identity theft.
MPs in the All Party Group on Identity Fraud have recommended the UK creates an 'identity theft tsar' to tackle the threat.
The politicians believe this is the best way to co-ordinate anti-identity fraud actions by government, police and the private sector.
The police need to be resourced sufficiently to create specialist identity fraud detection officers and the banking industry needs to clean up its act in the area, or face 'tougher sanctions'.
"Identity fraudsters have had it too easy for too long," Nigel Evans, MP for Ribble Valley and a leading member of the Group, told the BBC. "It's time we cracked down on them before more people's lives are ruined by their trade."
The report, coming at the start of National Identity Fraud Prevention Week, also highlights the need to make the public more aware of the dangers of the practice and identify way consumers can better protect themselves.
Young online denizens in particular may need to curb their habits, warns the group, noting the way many social networking site users casually put up personal data that can be used by others to create false identities.
Identity fraud is hailed to cost the UK economy about 1.7bn a year, with over 170,000 cases coming to light in the UK during 2006.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
The suggested move was welcomed in some parts of the security industry. "The appointment of an Identity Tsar in the UK to oversee efforts to stem identity theft and resultant fraud would be a solid step in the direction of reducing the number and scope of any data leaks - whether from individuals or from large organisations," said Simon Perry, head of security at CA.
"In order for that to be effective, however, those large organisations must be required to advise their customers of potential identity data breaches in a timely manner. A lack of breach disclosure legislation in the UK is perhaps the single most important missing weapon in our armoury that would help to turn the tide against identity theft and related fraud."
The Group's recommendation met a cool response among analysts, however.
"A Tsar isn't needed - just a big dollop of common sense," said Clive Longbottom, service director, at analyst firm Quocirca, adding that education was not the issue so much as steps to curb fraudsters.
"First of all, the police have got to start taking this seriously - offloading a lot of it to the banks is not good enough. The banks also have to be forced to take it seriously. All cases of reported ID theft should have to be centrally logged, so that patterns and efforts to track down groups doing ID theft can be centralised. Once caught, the thieves have to have the book thrown at them - all assets seized, along with solid jail terms.
"We have to make ID theft a route that is not economically viable - and for this, it has to be raised to a point where it cannot just be written off as a rounding error by banks, by insurance companies and by individuals, we have to get it to a point where it is seen by the legal world as what it is - a very nasty piece of insidious work that can ruin people's lives even after the initial mess has been cleaned up."
"As for Tsars - I always thought their need arose from complex problems that span multiple departments and need co-ordination which doesn't otherwise exist," said Longbottom's Quocirca colleague, principal analyst Rob Bamforth.
"There seems little need for this level of co-ordination to tackle existing ID theft. But perhaps this has more to do with other IT ID projects that require massive interdepartmental coordination, such as ID cards."