Published on July 5, 2017 by Laura

Wondering what the laws on identity theft are? This edition of the Law Guide series will focus on identity theft and the laws in place to protect individuals.

What is Identity Theft?

Identity theft occurs when an individual’s personal details are stolen. This can happen regardless of whether the person is alive or dead. In the past, identity theft has involved stealing physical documents either by going through someone’s post or rubbish bins or by stealing their wallet to obtain the details on their driving licence and bank cards. However, now it is much more common for criminals to utilise the internet to acquire personal details.

Why is Identity Theft a Problem?

Identity theft has become a particularly big problem in the internet age due to the boom of social media. Recent research has now shown that we have a tendency to over-share.  

Thirty per cent of UK Facebook users put their full name and date of birth on their social media profile page and this can be used by criminals to find out more details, such as their address. This equips identity thieves with more than enough information to apply for a loan or credit card in the victim’s name.

What is even more striking is that individuals are not the only victims of this very modern crime. A 2017 Legal Benchmark Report conducted by NatWest has found that one in four law firms have fallen victim to a cyber attack or fraud within the last 12 months. The report also indicates that London firms are the most at risk. It is therefore hardly surprising that law firms are investing more than ever in cyber security measures.

How is Identity Theft Being Addressed?

English law contains a range of old and new legislation which works to protect from identity theft.

The Theft Act

The Theft Act 1968 is still relevant when it comes to prosecuting identity thieves as it creates the offence of illegally using another’s identity or manipulating information for the purpose of stealing goods, property or money.

Data Protection Act

Furthermore, the Data Protection Act of 1998 states that private information such as a person’s ethnic identity, sexual orientation, religious affiliation, financial, health or family records can only be divulged in very limited circumstances. Therefore if someone’s protected information is disclosed without their consent or is otherwise misused, the disclosing organization will commit an offence under the Act.

Identity Cards Act

While the Identity Cards Act 2006 permits the collection of personal information without consent for reasons of justice, it also creates specific identity theft crimes relating to ID cards (such as driving licenses and passports).

Fraud Act

Finally, the Fraud Act 2006 directly targets modern methods of identity theft by making online “phishing” for and “pharming” of personal information illegal.

Phishing involves acquiring virtual personal details by hacking online databases while pharming aims to obtain personal information by assuming the identity of a legitimate website to induce the user to enter their details. The Fraud Act also prohibits misrepresenting your identity or assuming someone else’s identity.

What Can You Do to Protect Against Identity Theft?

While the law is designed to protect from identity theft and punish the fraudsters, the best course of action is always prevention.

Given that anything put on the internet is public, it is more important than ever not to get lulled into a false sense of security when it comes to social media. While receiving birthday messages from friends on Facebook is a lovely experience, making your year of birth private is a simple step towards safeguarding your personal information.

Ultimately, an evening spent adjusting privacy settings and removing any non-essential information will almost certainly be an evening well spent in light of this increasing threat of identity fraud.

Words: Mariya Rankin


Loading More Content