Identity crime is a general term used for identity theft, creating a false identity, committing identity fraud or situations in which personal or business details are misappropriated for gain.
Personal identity theft is the misappropriation of the identity of another person, alive or dead, without their knowledge or consent, eg. The misuse of their name, date of birth, current or previous addresses or any personal details. Identity theft can result in identity fraud.
Personal identity fraud occurs when a false or stolen identity is used to facilitate the obtaining goods or services, or access to funds by deception. Identity fraud is also considered to have occurred by avoidance of obligation or liability by falsely claiming to be a victim of identity fraud.
The stealing of an individualís identity does not, on its own, constitute identity fraud, it is merely identity theft.
A person planning to use someone elseís personal information fraudulently, could:
Apply for a new credit card in the victimís name;
Open a bank account in the victimís name;
Apply for other financial services in the victimís name;
Make purchases or obtain a loan in the victimís name;
Apply for benefits in the victimís name;
Apply for a driving license or passport in the victimís name;
Register a vehicle in the victimís name;
Apply for a mobile phone contract in the victimís name.
An indication of identity fraud may include:
Any identity theft involving plastic credit or debit cards, cheques or online banking, must be reported directly to the financial institution concerned (ie. the relevant bank). They will be responsible for investigating it further, and reporting any criminal activity to the police.
Change the passwords on your computer and frequently used web sites - make each password different.
If you receive bills or statements that do not belong to you but are addressed to you, contact all the organisations concerned as soon as possible.
If bank statements contain any unfamiliar transactions, contact the organisations and the bank concerned as soon as possible.
The victim should request a copy of their credit file from a credit reference agency (Equifax, Experian or Callcredit). This will indicate the extent of the identity thief's activity. The credit file will show bank accounts opened in the victimís name and any recent applications made for credit using the victimís details. If there are any accounts or applications that are unfamiliar, the organisation should be contacted immediately to remove the data from the credit file. Some credit reference agencies offer a service to victims and will contact the organisations for you. The agencyís staff are experienced at tackling identity theft and will advise on further steps to take.
A record of all correspondence and conversations should be kept when attempting to recover your identity. Keep a note of who you spoke to and when, and send letters by recorded delivery.
The Royal Mail should be notified if mail theft is suspected or mail goes missing and it is suspected that a fraudulent mail redirection has been set up on your address. The Royal Mail has an investigations unit specifically designed to help.
Other organisations which can give support and advice include: CIFAS, APACS, the British Bankers Association and The Financial Service Association.
Corporate identity theft is a criminal matter, report the matter to the police as soon as possible.
Notify all your suppliers, vendors and Companies House, who will also give you advice.
Tell your customers and clients if their details have been compromised.
Request the company's credit report and Companies House record and check that they match.
Keep a record of all conversations and correspondence relating to the corporate identity fraud and attempts to correct the situation.
Personal details are protected under the Data Protection Act 1998. The Act covers personal data which an organization may hold, and specifies that:
Personal data must be processed fairly and lawfully.
Personal data must be obtained for a clearly specified and lawful purposes, and must not be processed in a way that is incompatible with that specified purpose.
Only adequate personal data shall be acquired for the specified purpose.
Personal data must be kept up to date and accurate.
Personal data shall not be kept for longer than is necessary for that specified purpose.
Technical measures must be taken to protect personal data against unauthorised and unlawful use, and against accidental loss or destruction thereof.
Personal data shall not be transferred to a country or territory outside the European Economic Area unless there exists an adequate level of protection of that data.
The Data Protection Act has created certain rights for people who have their data stored by organisations. They have the right to:
Ask your legal question using the box below and have a response from solicitor or barrister within minutes.