The Identity Theft Act is a legislative mandate passed in the United States designed to offer identity theft protection for individuals and businesses. Fully entitled the Identity Theft and Assumption Deterrence Act, it was passed by the US Congress and signed into law by President Bill Clinton in 1998. An amendment to the law was enacted in 2003.
Following testimony by the Federal Trade Commission in front of the US Senate, federal officials deemed it necessary to address growing concerns over identity theft scams. Consumers were being exploited at a growing rate during the late 1990s and early 2000s, mostly because of increased access to computers which now housed detailed information about individuals and their financial records. Among some of the most common practices of abuse with a stolen identity are different forms of fraud.
According to the legislation in the Identity Theft Act, crimes involving loans, mortgages, credit cards and lines-of-credit were to be prosecuted to the full extent of the law. While these activities were already illegal, the Identity Theft Act added additional crimes with which people could be prosecuted should they be caught. US Code Title 18 was amended to include any fraud committed using identification documents or personal information. It also made it illegal to knowingly transfer this information to other people without authorization, regardless of intent.
Federal law as determined by the statutes of the Identity Theft Act is limited to specific parameters. Notably, the identification stolen must be issued by a business or government agency in the US. The criminal also needs to have the intention of defrauding a person, business or government agency within the country. Criminals can be charged if they commit identity theft either through the mail, across state lines or internationally.
The Identity Theft Act allows for punishments of five, 15, 20 or 30 years depending on the crime. It also calls for fines determined by certain factors such as the extent of financial disparity caused. In extreme cases, there is also a statute that defines certain incidents as “Aggravated Identity Theft” which allows for consecutive sentences to be enforced upon criminals.
Many countries outside of the US have also enacted laws and provisions regarding identity theft fraud. Australia enacted the Criminal Code Amendment Act in 2000, Canada passed the Personal Information Protection and Electronic Documents Act the same year, India passed the Information Technology Act of 2000 and the United Kingdom legislated the Data Protection Act in 1998. Most of these countries work together in the event of international identity theft crimes to ensure enforcement across borders.