Commonwealth of Australia 2014


Conclusion The importance of measuring identity crime

:)


Download 399.96 Kb.
Page14/17
Date conversion04.09.2017
Size399.96 Kb.
1   ...   9   10   11   12   13   14   15   16   17

Conclusion



The importance of measuring identity crime

This report marks an initial attempt to develop a measurement framework for identity crime and misuse in Australia. Development of the report would not have been possible without the assistance of a broad range of government agencies across the Australian Government and the states and territories, in the form of information, analysis and encouragement throughout the preparation and conduct of the pilot data collection exercise.


The report makes some initial findings on the nature and extent of identity crime, based on collection and analysis of data by agencies conducted on a ‘best endeavours’ basis. The methodology and findings in the report provide a firm basis for further work and will benefit from being refined over time.
While it has an ambitious objective, the National Identity Crime and Misuse Measurement Framework project has demonstrated that development of such a framework is both feasible and necessary.
As one of the most prevalent types of crime in Australia, identity crime is a serious and increasing criminal risk to governments and the wider community (OECD 2006; 3). It generates significant profits for offenders and causes considerable financial losses to the Australian Government, private industry and individuals (AFP 2014).
But despite its widespread impacts, a lack of comprehensive data makes it difficult to quantify the full extent of identity crime, or to assess its costs and consequences for victims. As a result, identity crime is likely to be both underreported and its impacts underestimated.

The National Identity Crime and Misuse Measurement Framework project is an important step in improving the measurement of identity crime in Australia. From undertaking this pilot, it is evident that the greatest challenges to this effort are: the underreporting of incidents by victims (both individuals and organisations), and a lack of standardisation in definitions and recording practices.

Addressing these challenges will require concerted, sustained effort by a range of organisations. A companion report produced as part of this project offers recommendations for how this work might be taken forward. This is necessary if we are to properly quantify the impacts of identity crime and to develop the most effective policy and operational responses to minimise the harm that it causes to the Australian community.

Identity crime in depth: a case study

‘Charles’ was able to obtain a wide range of genuine Australian identity documents, issued with fraudulently obtained personal information. He used some of these documents himself and sold others to his criminal associates to help avoid detection for other serious criminal activity.


This is a real life case study. It shows how vulnerabilities in the processes supporting one type of identity credential can have flow-on effects to other agencies that form part of Australia’s federated identity infrastructure; and which can be exploited by criminals to establish, use and sell fraudulent identities.
From the late 1990s to 2011, Charles searched through cemeteries in Queensland, New South Wales, Victoria and the Australian Capital Territory for the names and dates of birth of children who had died within a couple of months of being born. Using this identifying information, Charles then requested copies of the death certificates for these children.
Once he had obtained the details of the parents, Charles then manufactured counterfeit driver licences in their names, using photos taken from social media sites such as Facebook. With these two documents, he obtained the official birth certificates issued by the Registry of Births, Deaths
and Marriages.

Charles then used the official birth certificates and counterfeit driver licences in the same name to open bank accounts and obtain credit cards. These bank accounts and credit cards, accompanied by the birth certificates, were then used to obtain genuine Medicare cards.

With these documents he was then able to obtain genuine driver licences issued in the same names.
Finally, Charles used these legitimately issued (but fraudulently obtained) identity kits to support applications for Australian passports. In total, he was able to obtain 10 genuinely issued Australian passports in various different names.
The identity kits were then sold to associates of Charles who were members of outlaw motorcycle gangs. The kits were sold for $9,000 without a passport and $30,000 with a passport.
Charles was also able to fraudulently obtain Australian Citizenship Certificates through an alternative method of ‘tombstone fraud’, using the names of children who had died during transit from the United Kingdom to Australia in post—World War II migration.
Charles’ identity crimes went undetected for over nine years. Ultimately he was arrested by police for drug-related crimes and while in custody made admissions to the identity frauds. Charles was imprisoned for a total of 4 years 6 months, with a single non-parole period of 2 years 6 months.


References


2007 Intergovernmental agreement to a National Identity Security Strategy
http://www.ag.gov.au/RightsAndProtections/IdentitySecurity/Documents/Inter%20Government%20Agreement%20to%20a%20National%20Identity%20Security%20Strategy%20[94.2KB%20PDF].pdf

Attorney-General’s Department, (2014a), Document Verification Service website, Canberra:

http://www.dvs.gov.au/Pages/default.aspx

Attorney-General’s Department, (2014b), Cyber Emergency Response Team (CERT) website, Canberra: http://www.ag.gov.au/RightsAndProtections/CERT/Pages/default.aspx

Attorney-General’s Department, (2012a), Identity Theft: Concerns and Experiences, Di Marzio Research, Donvale: Victoria. http://www.ag.gov.au/www/agd/agd.nsf/Page/Crimeprevention_Identitysecurity

Attorney-General’s Department, (2012b), Cyber Crime & Security Survey Report 2012, Canberra:

http://www.canberra.edu.au/cis/storage/Cyber%20Crime%20and%20Security%20Survey%20Report%202012.pdf

Attorney-General’s Department, (2011), Identity Theft: Concerns and Experiences, Di Marzio Research, Donvale: Victoria. http://www.ag.gov.au/www/agd/agd.nsf/Page/Crimeprevention_Identitysecurity

Attorney-General’s Department, (2001), Scoping Identity Fraud, An abridged version of a report on Identity Fraud Risks in Commonwealth Agencies: Canberra.

Australian Bureau of Statistics, (2014a), Crime Victimisation, Australia, 2012–13, ABS Cat. No. 4530.0, Canberra: http://www.abs.gov.au/ausstats/abs@.nsf/Lookup/D7B1A6CCDEF87612CA257B16000E06DE? opendocument

Australian Bureau of Statistics, (2014b), Criminal Courts, Australia, ABS Cat. No. 4513., Canberra:
http://www.abs.gov.au/ausstats/abs@.nsf/mf/4513.0

Australian Bureau of Statistics, (2013a), Crime Victimisation, Australia, 2011–12, ABS Cat. No. 4530.0, Canberra: http://www.abs.gov.au/ausstats/abs@.nsf/Latestproducts/F716C0FC12B1517ECA257B16000E0DB3? opendocument

Australian Bureau of Statistics, (2013b), Migration, Australia, 2011–12 and 2012–13, ABS Cat.

No. 3412.0, Canberra: http://www.abs.gov.au/ausstats/abs@.nsf/Lookup/3412.0Chapter32011–12%20and%202012–13

Australian Bureau of Statistics, (2013c), Births, Australia, 2012, ABS Cat. No. 3301.0, Canberra:

http://www.abs.gov.au/ausstats/abs@.nsf/mf/3301.0

Australian Bureau of Statistics, (2013d), Deaths, Australia, 2012, ABS Cat. No. 3302.0, Canberra:


http://www.abs.gov.au/ausstats/abs@.nsf/mf/3302.0

Australian Bureau of Statistics, (2012), Personal Fraud, 2010-2011, ABS Cat. No. 4528.0, Canberra:


http://www.abs.gov.au/ausstats/abs@.nsf/Lookup/by%20Subject/4530.0~2012–13~Main%20Features~Victims%20of%20personal%20crime~4

Australian Bureau of Statistics, (2011), Australian and New Zealand Standard Offence Classification (ANZSOC), 2011, ABS Cat. No. 1234.0, Canberra: http://www.abs.gov.au/AUSSTATS/abs@.nsf/ProductsbyCatalogue/E6838CDEE01D34CBCA25722E0017B26B

Australian Bureau of Statistics, (2008), Personal Fraud, 2007, ABS Cat. No. 4528.0, Canberra:

http://www.abs.gov.au/AUSSTATS/abs@.nsf/allprimarymainfeatures/226E9A7C56865433CA2579E40012097D? opendocument

Australasian Centre for Policing Research (ACPR), (2006), Standardisation of definitions of identity crime terms: A step towards consistency, Report Series No. 145.3, South Australia: http://www.anzpaa.org.au/anzpire/acpr-publications

Australian Communications and Media Authority (ACMA), (2013), Digital footprints and identities: Community attitudinal research, Melbourne: http://www.acma.gov.au/~/media/Regulatory%20Frameworks/pdf/Digital%20footprints%20and%20identities%20community%20attitudinal%20research%20pdf.pdf

Australian Crime Commission, (2013), Organised Crime in Australia 2013, Canberra:

http://www.crimecommission.gov.au/sites/default/files/files/ACC%20OCA%202013.pdf

Australian Federal Police (AFP), (2014), Identity Crime, AFP website: http://www.afp.gov.au/policing/fraud/identity-crime

Australian National Audit Office (ANAO), (2012), Management of e-passports, Audit Report No. 33—2011–12, Canberra. http://www.anao.gov.au/~/media/Uploads/Audit%20Reports/2011%2012/201112%20Audit%20Report%20No33.pdf

Australian Payments Clearing Association (APCA), (2006-2013), Payment Statistics—Fraud Statistics, Sydney: http://www.apca.com.au/payment-statistics/fraud-statistics/archive-releases

Bricknell, S and Smith, R. G., (2013), Developing a monitoring framework for identity crime and misuse, (AIC Report) Australian Institute of Criminology, Canberra.

Commonwealth Ombudsman, (2010), Australian Taxation Office: Resolving Tax File Number Compromise, Report 12/2010, Canberra. http://www.ombudsman.gov.au/files/ATO_resolving-TFNcompromise.pdf

Council of Australian Governments (COAG), (2012), National Identity Security Strategy,

http://www.ag.gov.au/RightsAndProtections/IdentitySecurity/Pages/NationalIdentitySecurityStrategy.aspx

Cowan, P., (2013), Big holes discovered in Vic Govt’s cyber security, itNews: http://www.itnews.com.au/News/365679,big-holes-discovered-in-vic-govts-cyber-security.aspx#ixzz35XVturKj

Credit Industry Fraud Avoidance Service (CIFAS), (2013), Is identity fraud serious?, United Kingdom,

http://www.cifas.org.uk/is_identity_fraud_serious

Criminal Code Act 1995 (Cth), http://www.austlii.edu.au/au/legis/cth/consol_act/cca1995115/sch1.html

Cuganesan, S and Lacey, D, (2003), Identity Fraud in Australia: An Evaluation of its Nature, Cost and Extent, Sydney: SIRCA.

Department of Human Services, (2008-2013), Annual Reports, Canberra: http://www.humanservices.gov.au/corporate/publications-and-resources/annual-report/

Defence Signals Directorate (DSD), (2012), Top four mitigation strategies to protect your ICT system, Canberra: http://www.asd.gov.au/publications/csocprotect/Top_4_Mitigations.pdf?&verNov12

Harrell, E & Langton, L, (2013), Victims of Identity Theft, 2012, Bureau of Justice Statistics, Office of Justice Programs, US Department of Justice. http://www.bjs.gov/index.cfm?ty=pbdetail&iid=4821

House of Representatives Standing Committee on Economics, Finance and Public Administration, (2000), Numbers on the Run: Review of the ANAO Report No.37 1998-99 on the Management of Tax File Numbers, Transcripts of public hearings: 05/04/2000, EFPA 164. http://www.aph.gov.au/parliamentary_business/committees/house_of_representatives_committees?url=efpa/tfnaudit/report.htm

Identity Theft Resource Centre, (2010), Identity Theft: The Aftermath 2009, California:

http://www.idtheftcenter.org/ITRC-Surveys-Studies/aftermathstudies.html

Javelin Strategy & Research, (2013), 2013 Identity Fraud Report: Data Breaches Becoming a Treasure Trove for Fraudsters, https://www.javelinstrategy.com/brochure/276

KPMG, (2013), A survey of fraud, bribery and corruption in Australia and New Zealand 2012,

http://www.kpmg.com/AU/en/IssuesAndInsights/ArticlesPublications/Fraud-Survey/Pages/fraud-bribery-corruption-survey-2012.aspx

KPMG, (2010), Fraud and Misconduct Survey 2010, http://www.kpmg.com/AU/en/IssuesAndInsights/ArticlesPublications/Fraud-Survey/Pages/Fraud-Survey-2010.aspx

KPMG, (2009), Fraud Survey 2008, http://www.kpmg.com/AU/en/IssuesAndInsights/ArticlesPublications/Fraud-Survey/Pages/Fraud-Survey-2008.aspx

Lacey, D, (2013), Identity Theft and Misuse in Australian and New Zealand: iDcare Report on Establishing a Trans-Tasman Identity Theft Victim Support Centre, Gold Coast. http://www.idcare.org/idcare-aus-nz

Lawson, P, (2011), Responding to Victims of Identity Crime: A Manual for Law Enforcement Agents, Prosecutors and Policy-Makers, International Centre for Criminal Law Reform and Criminal Justice Policy, Canada: http://icclr.law.ubc.ca/sites/icclr.law.ubc.ca/files/publications/pdfs/00%20Victims%20of%20Identity%20Crime%20Manual.pdf

Lindley, J, Jorna, P. & Smith, R.G., (2012), Fraud against the Commonwealth 2010–11 annual report to government. Australian Institute of Criminology, Monitoring Reports: Canberra

http://www.aic.gov.au/publications/current%20series/mr/1-20/18.html

Lozusic, R, (2003), Fraud and Identity Theft, Briefing Paper No. 8/03, New South Wales Parliamentary Library Research Service: Sydney. http://www.parliament.nsw.gov.au/prod/parlment/publications.nsf/0/08ACDBBA372ED89DCA256ECF0007C146/$ File/08-03.pdf

Ludington, S, (2006), Reining in the Data Traders: A Tort for the Misuse of Personal Information, Maryland Law  Review, Vol. 66, pp. 140-193. http://www.google.com.au/url?sa=t&rct=j&q=&esrc=s&frm=1&source=web&cd=5&ved=0CEMQFjAE&url=http%3A%2F%2Fscholarship.law.duke.edu%2Fcgi%2Fviewcontent.cgi%3Farticle%3D5492%26context%3 Dfaculty_scholarship&ei=qhDwUq6nGca6lQXM1IC4Bg&usg=AFQjCNEAtBThhSLLS-pl_-bjpe1oBEz_IQ

Microsoft, (2014), 2013 Microsoft Computing Safety Index: http://www.microsoft.com/security/resources/mcsi.aspx

National Fraud Authority, (2013), Annual Fraud Indicator—June 2013, London: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/206552/nfa-annual-fraud-indicator-2013.pdf

New South Wales Registry of Births, Deaths & Marriages (NSW RBDM) (2013), Statistics from 1996 to 2012: Births, Department of Attorney-General & Justice, Sydney: http://www.bdm.nsw.gov.au/resources/statsinfo.pdf

Norton, (2013), 2013 Norton Report—Country Report: Australia, Symantec: http://www.symantec.com/content/en/us/about/presskits/b-norton-report-2013-australia.pdf

Office of the Australian Information Commissioner, (2013a), OAIC Annual Report—2012–13, Canberra: http://www.oaic.gov.au/about-us/corporate-information/annual-reports/oaic-annual-report-201213/

Office of the Australian Information Commissioner, (2013b), Community attitudes to privacy survey: Research report 2013. Canberra: http://www.oaic.gov.au/privacy/privacy-resources/privacy-reports/oaic-community-attitudes-to-privacy-survey-research-report-2013#_Toc368300726

Office of the Australian Information Commissioner, (2012a), OAIC Annual Report—2011–12, Canberra: http://www.oaic.gov.au/about-us/corporate-information/annual-reports/oaic-annual-report-201112/

Office of the Australian Information Commissioner, (2012b), Data breach notification: A guide to handling personal information security breaches, Canberra. http://www.oaic.gov.au/privacy/privacy-resources/privacy-guides/data-breach-notification-a-guide-to-handling-personal-information-security-breaches

Office of the Australian Information Commissioner, (2011a), OAIC Annual Report—2010–11, Canberra: http://www.oaic.gov.au/about-us/corporate-information/annual-reports/oaic-annual-report-201011/

Office of the Australian Information Commissioner, (2011b), Vodafone Hutchison Australia: Own motion investigation report, Canberra. http://www.oaic.gov.au/privacy/applying-privacy-law/privacy-omi-reports/vodafone-hutchison-australia

Organisation for Economic Co-Operation and Development (OECD), (2006), Report on Identity Fraud: Tax Evasion and Money Laundering Vulnerabilities, http://www.oecd.org/ctp/crime/identity-fraud-tax-evasion-and-money-laundering-vulnerabilities.htm

Ponemon Institute, (2012), 2011 Cost of Data Breach Study: Australia, http://www.ponemon.org/library/2011-cost-of-data-breach-australia

Ponemon Institute, (2013), 2012 Cost of Data Breach Study: Global Analysis, http://www.ponemon.org/library/2013-cost-of-data-breach-global-analysis

Prenzler, T, (2012), Responding to welfare fraud: The Australian experience, Research & Public Policy Series 119, Australian Institute of Criminology: Canberra. http://www.aic.gov.au/media_library/publications/rpp/119/rpp119.pdf

Reserve Bank of Australia (RBA), (2014), Inflation Calculator, http://www.rba.gov.au/calculator/annualDecimal.html

Richards, K, (2009), The Australian Business Assessment of Computer User Security (ABACUS): a national survey, Research and Public Policy Series 102, Australian Institute of Criminology: Canberra.

http://www.aic.gov.au/documents/3/B/3/%7B3B3117DE-635A-4A0D-B1D3-FB1005D53832%7Drpp102.pdf

Smith, R. G. & Hutchings, A. (2014), Identity crime and misuse in Australia: Results of the 2013 online survey, Research & Public Policy Series, Australian Institute of Criminology: Canberra.

Smith, R, Jorna, P, Sweeny, J & Fuller, G, (forthcoming), Counting the costs of crime in Australia—2011 update, Research and Public Policy Series, Australian Institute of Criminology: Canberra.

Sproule, S and Archer, N, (2008), Measuring Identity Theft in Canada: 2008 Consumer Survey, MeRC Working Paper No.23, McMaster University. http://merc.mcmaster.ca/working-papers/23.html

Van Vliet, J, (2010), Stolen Identities: A Qualitative Study on the Psychological Impact of Identity Theft, University of Alberta: http://news.ualberta.ca/newsarticles/2011/04/uofaresearcherfindsthepsychologicaleffectsofidentitytheftlingerswithvictims

Unisys, (2013), Australia Unisys Security Index—May 2013, http://www.unisyssecurityindex.com/usi/australia/reports

Victorian Auditor-General, (2013), WoVG Information Security Management Framework, PP No. 281, Victoria: http://www.audit.vic.gov.au/publications/20131127-WoVG-Info-Security/20131127-WoVG-Info-Security.pdf

Case Studies:

Case Study 1: Australian Transaction Reports and Analysis Centre (AUSTRAC), (2012), AUSTRAC typologies and case studies report, Pg. 45. http://www.austrac.gov.au/files/typ_rprt12_full.pdf

Case Study 2: Levy, M, (2012), Truckies face retest amid licence fraud probe, The Age, published 21 September. http://www.theage.com.au/victoria/truckies-face-retest-amid-licence-fraud-probe-20120921-26acr.html

Case Study 3: Grubb, B, (2013), Oops: Google search reveals private Telstra customer data, Sydney Morning Herald, published 16 May. http://www.smh.com.au/it-pro/security-it/oops-google-search-reveals-private-telstra-customer-data-20130516-2jnmw.html

Office of the Australian Information Commissioner, Telstra breaches privacy of 15,775 customers, Media release published 11 March 2014. http://www.oaic.gov.au/news-and-events/media-releases/privacy-media-releases/telstra-breaches-privacy-of-15-775-customers

Case Study 4: Commonwealth Director of Public Prosecutions, 2009–10 Annual Report. Available at: http://www.cdpp.gov.au/case-reports/george-hebaiter/

Case Study 5: Australian Taxation Office, (2011), Targeting tax crime: A whole-of-government approach. Available at: http://www.ato.gov.au/General/Tax-evasion-and-crime/In-detail/Targeting-Tax-Crime-magazine/2011/Targeting-tax-crime--A-whole-of-government-approach---February-2011/?page=8

Case Study 6: Harris, A, (2012), VicRoads goes hi-tech to end driving licence fraud, The Australian, published 29 October. http://www.theaustralian.com.au/news/vicroads-goes-hi-tech-to-end-driving-licence-fraud/story-e6frg6n6-1226504896204#

Case Study 7: Styles, A, (2010), Property scam highlights need for greater security: REIWA, WA Today, published 13 September. http://www.watoday.com.au/wa-news/property-scam-highlights-need-for-greater-security-reiwa-20100913-15952.html

Case Study 8: Commonwealth Director of Public Prosecutions. 2010. 2009–10 Annual Report. Available at: http://www.cdpp.gov.au/case-reports/marita-quetcher/

Case Study 9: ABC News, (2005), Nurse jailed for massive Centrelink fraud, published 16 December.

http://www.abc.net.au/news/2005-12-16/nurse-jailed-for-massive-centrelink-fraud/763254

Case Study 10: ABC News, (2011), Police strike $30m fake credit card syndicate, published 20 October. http://www.abc.net.au/news/2011-10-19/police-strike-30m-fake-credit-card-syndicate/3579592



Case Study 11: Sigsworth, M, (2008), I was falsely branded a paedophile’, BBC UK, published 3 April.
http://news.bbc.co.uk/2/hi/uk_news/magazine/7326736.stm




1   ...   9   10   11   12   13   14   15   16   17
:)


The database is protected by copyright ©hestories.info 2017
send message

    Main page

:)