Privacy Rights Clearinghouse
By Douglas J. Gladstone
In the film, It Could Happen to You, a police officer promises the waitress who served him that, instead of a tip, he’ll divide any winnings with her from the lottery ticket he purchased. Naturally, their ticket wins.
Although my wife and I could win the lottery one day, odds are it won’t happen. Statistically, there’s a greater chance of being the victim of identity theft (a reported 1-in-465) than of winning the Powerball (a reported 1-in-146,107,962).
My wife and I should know. We were recent victims.
How did it happen? Essentially, crooks broke into our joint checking account and robbed us of approximately $1,500 last November. According to officials at the bank where we have our account, the debit card numbers on one of our bank cards was skimmed. What happens, they explained, is that thieves capture your information by attaching an electronic storage device to an automated teller machine (ATM) where your card is swiped. All told, they continued, there were some 25 to 30 unauthorized attempts made, 10 of which were successful.
According to a recent study by the Electronic Funds Transfer Association (EFTA), ATM skimming generates losses of $50 million each year. www.efta.org 
Four of the incursions, we learned, were made at a bank overseas. Since neither of us has traveled abroad, we were surprised to discover that our card was used at the Krung Thai Bank in Thailand. The closest we’ve come to any Asian nation is while visiting the World Showcase Pavilion, at Disney’s Epcot, in Orlando, Florida.
Because we acted quickly, we contained the damage. It helped that officials at our bank were solicitous and cooperative. After conducting an investigation, our branch manger basically wrote off the losses we suffered by issuing us credits for the money. Nonetheless, the cost to us (and our bank) goes well beyond the money that was stolen. The inconvenience was time consuming: we had to shut down our account; advise our creditors that outstanding checks might be returned for insufficient funds; file a police report; place fraud alerts on our accounts; file a complaint with the Federal Trade Commission (FTC) and, well, you get the picture.
Was our experience unique? Of course not. In 2007, the FTC released the results of its 2006 identity theft survey, which reported that 3.7 percent of all American adults - some 8.3 million people -- were victims of identity theft in 2005. But quantifying the problem doesn’t give me satisfaction. I feel violated. More than that, I am angry. Most of all, I want redress. www.ftc.gov/os/2007/11/SynovateFinalReportIDTheft2006.pdf 
What really gnaws at me is that the regulatory authorities, who have jurisdiction over identity theft, as well as the civil and criminal law enforcement agencies in this country and abroad, don’t seem to be able to stem the tide of this problem one iota. The EFTA believes losses from identity theft, in general, and payment card fraud, in particular, are so widespread that it convened a two-day conference last April to search for solutions to this growing phenomenon.
Oh sure, the President’s Task Force on Identity Theft unveiled a status report last October detailing the progress that has ostensibly been made since the Task Force’s Strategic Plan was released in 2007. It should come as no surprise that the plan, which outlined 31 recommendations the United States should take to prevent the theft and misuse of consumers' personal information and increase the prosecution and punishment of identity thieves, received positive reviews. www.idtheft.gov/reports/IDTReport2008.pdf 
With all due respect to the report's authors, I don't share their enthusiasm. First, the FTC doesn't act on behalf of individuals. The Commission doesn’t investigate any complaints; rather, it acts as an information-sharing resource with law enforcement. More than 1.6 million victim complaints have been reported to the FTC's Identity Theft Data Clearinghouse, a national database that over 1,650 federal, state and local enforcement and regulatory authorities have access to. On a global scale, I can see this being helpful to law enforcement, especially with regards to detecting patterns and tendencies by identity thieves. But if nobody actually follows up by investigating the complaints that are received, what's the point of a victim even reporting the crime?
Moreover, the plan sends out mixed messages. One of its recommendations is to enhance the ability of law enforcement to receive information from financial institutions. Under Section 609(e) of the Fair and Accurate Credit Transactions (FACT) Act of 2003, victims of identity theft have a right to obtain copies of records related to the theft from the businesses that dealt with the thief and to designate law enforcement agencies to receive this information on their behalf. Sounds great, right? However, if nobody from law enforcement is investigating a complaint, who is going to ask the business for copies of any of its records related to the theft?
In my case, I told both the FTC and officials from my bank that Krung Thai's only American branch is located on Wilshire Boulevard, in Los Angeles. Basically I've done the government’s legwork for them. Will anyone now act on my behalf?
My worst fear? It’s that the state and federal governments don’t believe it’s worth investing the manpower and resources to investigate the theft of $1,500. Maybe Alan Rickman, playing the villainous Hans Gruber in Die Hard, was correct when he observed, "When you steal $600, you can just disappear. When you steal $600 million, they will find you."
I hope nobody believes that. Remember, it could happen to you.