Identity Theft Risks: Businesses Beware

The March arrest of a Brooklyn busboy who used the Internet to steal the identity–and millions of dollars–from some of the nations wealthiest individuals has brought increased attention to the growing incidence of identity theft. Coupled with a number of high-profile hacking incidents, the risk of identity theft has many individuals concerned about the online exchange of personal information.

Identity theft is one of the fastest growing crimes in America. Although identity theft isnt new, the widespread use of the Internet has enabled criminals to steal personal information and use it anonymously, from anywhere in the world.

In a May 2000 report, CALPIRG, a nonprofit consumer and advocacy organization in Los Angeles, and the Privacy Rights Clearinghouse, a San Diego-based nonprofit advocacy, research and consumer education program, estimated that identity theft victims spend at least 175 hours and $800 (not including attorney fees) in out-of-pocket expenses. The report was based on a survey of identity theft victims, according to a press statement.

Victims must take a number of time-consuming steps to restore their identities and to dispute fraudulent debts and accounts opened by an identity thief. Additionally, victims may not be immediately aware of the theft and are often tipped off only when credit is denied or debt collectors appear.

The insurance industry has responded to this growing exposure by developing insurance products that, either as a standalone or endorsement to homeowners policies, reimburse the expenses incurred by policyholders to their names after occurrences of identity fraud. Additionally with the increased awareness of identity theft, there have been educational efforts to help individuals minimize their identity theft risks.

However, the rising tide of consumer concern over identity theft may ultimately create a reputation risk for businesses, especially those that conduct or facilitate online transactions or maintain customers personal information online.

These companies include dot-com and click-and-mortar retailers, as well as banks, brokerages, credit card companies and Internet service providers.

Ultimately, consumers will not only looks to these businesses to use the latest technology to create a secure online environment, but also to provide a solution in the event that their identities are stolen.

An August 2001 GartnerG2 report, entitled “Privacy and Security: The Hidden Growth Strategy,” underscored the privacy and security concerns of consumers and the need for companies to promote superior privacy and security protections.

The report, which was based on results from two GartnerG2 consumer surveys, found that 86 percent of online American adults are very concerned about the security of bank and brokerage account numbers when they are transacting or registering at a Web site.

Almost as many, 83 percent, expressed the same concerns about the security of their Social Security and credit card numbers.

Additionally, 70 percent are very concerned about the security of their personal information, including their income and assets.

The report also indicates that approximately 60 percent of online adults say security and privacy concerns stop them from doing business on the Web. In addition, more than 50 percent of those who buy on the Web say they'll enter their information, but admit they are not comfortable about it.

Businesses that conduct or facilitate online transactions are not alone in the exposures related to Internet-based identity theft. Many employers use Internet technology to maintain employees personal records. Companies often make benefit information, such as individual health insurance and retirement account data, available online through company Intranets.

Similarly, associations maintain members personal information.

Businesses, employers and associations seeking to create a safe, secure online environment should not limit themselves to relying on technological measures to address their key audiences security and privacy concerns. (If anything, recent history has shown the hacking society relishes the challenge).

These organizations should consider a number of old-fashioned, non-technology risk management tactics to help individuals identify and manage their identity theft risks, including:

Minimize individual risks.

Provide key audiences with information that can help them minimize their risk by managing their personal information wisely. This should include individuals handling of personal information offline, as well as through computer and wireless devise usage.

Insurance.

Personal lines insurance policies have long been offered through a number of distribution channels. Businesses may also consider making identity theft insurance available to customers with privacy concerns as a value-added service.

Assistance in the event of identity theft.

Among the time-consuming steps victims need to take are: contacting the fraud bureaus at the major credit bureaus; contacting the security departments of the appropriate creditors or financial institutions in which they have accounts that need to be closed; and filing reports with various law enforcement agencies.

Businesses and other organizations may provide instructions to help individuals reestablish their identities, as well as provide access to a toll-free hotline that can offer assistance in reporting the event to all required agencies and referrals to third-party legal services.

The growing incidence of online identity theft has created an individual risk that extends to the organizations that serve the online needs of those individuals. Incorporating risk management practices that complement their security technology can help businesses allay their potential customers privacy concerns.

By addressing these concerns, businesses will enable their customers to realize the speed and convenience promised by e-commerce. At the same time, a business that addresses such concerns will earn an enhanced reputation for its commitment to consumers privacy and the resulting benefit of increased business.

Jean McDemott-Lucey is vice president, B2C, for AIG eBusiness Risk Solutions in New York.


Reproduced from National Underwriter Property & Casualty/Risk & Benefits Management Edition, September 21, 2001. Copyright 2001 by The National Underwriter Company in the serial publication. All rights reserved.Copyright in this article as an independent work may be held by the author.


Contact Webmaster

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.